r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8882
Expires: Mon, 30 Jan 2023 23:35:09 GMT
Date: Mon, 30 Jan 2023 21:07:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13458
Expires: Tue, 31 Jan 2023 00:51:25 GMT
Date: Mon, 30 Jan 2023 21:07:07 GMT
Connection: keep-alive
www.kooding.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 21:07:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=q6avjk0jmqqq6ufm105a61mqle; path=/
httpReferer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location: https://www.kooding.com/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 20:43:13 GMT
content-type: application/json
age: 1434
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13970
Expires: Tue, 31 Jan 2023 00:59:57 GMT
Date: Mon, 30 Jan 2023 21:07:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /DV7bQTdi3eAmctMFS7XccEuhXod9SjPfF5i9OtoyGufnKsXebUoqU3D8eir337D7fwFZ6NyYqY=
x-amz-request-id: 0TGQN30PHZ5ZZ2S2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 20:50:53 GMT
age: 974
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 21:07:07 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 20:41:41 GMT
age: 1527
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash dec7415d4491a7ee748dd31ae7f04621
2438997740177d569943e47579a1b4592b78ca61
6bc940cbf7078056724d64ddd2dbf4ce525a323c480992737a852c065cf561e9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 21:07:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 15:04:29 GMT
Expires: Fri, 03 Feb 2023 15:04:28 GMT
Etag: "2438997740177d569943e47579a1b4592b78ca61"
Cache-Control: max-age=323239,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791d2ce8fb34b4f1-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7219
Expires: Mon, 30 Jan 2023 23:07:27 GMT
Date: Mon, 30 Jan 2023 21:07:08 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gpo8e2Det2Z9dWJqULNK/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GAcUalUyVstgeQMlyIBa0ahEFn0=
www.kooding.com/
200 OK 46 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6726)
Hash 1ad35e0afd5cec5402b1a3e44aa1b086
66b58c97e6d442d7d775b6d7a85ace30caf2b366
d64d89a5d3b21455eb4e36cff50a6acf0b0f872f60ef388617e59e0d5cc460e3
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; path=/
httpReferer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
idUser_guest=23060073; expires=Thu, 27-Jan-2033 21:07:08 GMT; Max-Age=315360000; path=/
signupCouponPopupCounter=1; expires=Thu, 27-Jan-2033 21:07:08 GMT; Max-Age=315360000; path=/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 280 B IP
Hash 799f25248d0f7b369f215a90ecae3e95
cd2bc9cead08684b5fbe00837af2af4716121804
15baa0fdaac5ca78c7742313cbc38e83116ce88f0be811fb6bba28dec34af0c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5569
Cache-Control: max-age=144491
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:09 GMT
Etag: "63d7ad27-118"
Expires: Wed, 01 Feb 2023 13:15:20 GMT
Last-Modified: Mon, 30 Jan 2023 11:42:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 799f25248d0f7b369f215a90ecae3e95
cd2bc9cead08684b5fbe00837af2af4716121804
15baa0fdaac5ca78c7742313cbc38e83116ce88f0be811fb6bba28dec34af0c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5569
Cache-Control: max-age=144491
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:09 GMT
Etag: "63d7ad27-118"
Expires: Wed, 01 Feb 2023 13:15:20 GMT
Last-Modified: Mon, 30 Jan 2023 11:42:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
api.getcandid.com/scripts/widget.js
200 OK 17 kB URL HTTP/2 api.getcandid.com/scripts/widget.js
IP
File type ASCII text, with very long lines (55369), with no line terminators
Hash df26abd94bb89cc34f76aa0c25fbfd34
cfcd1a087313577161b495523edb45fc85ad0450
1394c6ee725ddad6d6de4302d949e8700784193ad7375224df73617b64747b43
GET /scripts/widget.js HTTP/1.1
Host: api.getcandid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:09 GMT
content-encoding: gzip
content-length: 16801
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 19:08:33 GMT
accept-ranges: bytes
cache-control: max-age=5184000
etag: W/"808e16a0b810d91:0"
x-hw: 1675112829.cds243.sk1.hn,1675112829.cds240.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 799f25248d0f7b369f215a90ecae3e95
cd2bc9cead08684b5fbe00837af2af4716121804
15baa0fdaac5ca78c7742313cbc38e83116ce88f0be811fb6bba28dec34af0c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5569
Cache-Control: max-age=144491
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:09 GMT
Etag: "63d7ad27-118"
Expires: Wed, 01 Feb 2023 13:15:20 GMT
Last-Modified: Mon, 30 Jan 2023 11:42:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash f678bcfbe98b4039961065c12543bfd0
31a000bba532f910d036c24c795ef3636450e4c3
1dabb56e42c7b0a90264a0e7d8884e4111eed0e1b6321cab5f6e26440d63da8d
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 30 Jan 2023 21:07:09 GMT
date: Mon, 30 Jan 2023 21:07:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-54516992
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-54516992
IP
File type ASCII text, with very long lines (1759)
Hash c0d04bae77d87764c0f68fa17239ec28
4012d215692c93dbaecc8af1513e08c82160082e
becca9acd5cb0a5215f6f792c3f88a93c39ea3a7ff08f683c4e2e8717bcb0b12
GET /gtag/js?id=UA-54516992 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 21:07:09 GMT
expires: Mon, 30 Jan 2023 21:07:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44020
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kooding.com/fonts/google-fonts.css?v=1
200 OK 465 B URL HTTP/1.1 www.kooding.com/fonts/google-fonts.css?v=1
IP
Hash a264d5e41a4df68375903c9c43d6868c
6fc0c20f661a6566e414e51677563c1035efc3d5
f471653eea208748629e8150be46168badb2a5325b2a5c0da6afa035e57483d8
GET /fonts/google-fonts.css?v=1 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:09 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Apr 2020 03:04:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e894ad8-ffd"
Expires: Tue, 30 Jan 2024 21:07:09 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e3cc3c9e32a49eeae62082726d0f3d4a
e4f5ccaf2ed66bea9b5cd9b22368372b425fe4cf
976daceed024d19233706cfcd490cb9f85d88811c154b47c97267d61becb502c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 21:07:09 GMT
Last-Modified: Mon, 30 Jan 2023 20:38:19 GMT
Server: ECS (dcb/7F18)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GGCBowwGDKQM2Z0sOGEgB1Vtp_9sY3X2kcy6NeGMXEbbLyBNvDFVBQ==
Age: 1730
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e3cc3c9e32a49eeae62082726d0f3d4a
e4f5ccaf2ed66bea9b5cd9b22368372b425fe4cf
976daceed024d19233706cfcd490cb9f85d88811c154b47c97267d61becb502c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145814
Date: Mon, 30 Jan 2023 21:07:09 GMT
Etag: "63d7c813-1d7"
Expires: Wed, 01 Feb 2023 13:37:23 GMT
Last-Modified: Mon, 30 Jan 2023 13:37:23 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jXvrAo3PQblY6S5elk9spEnA-N-C17x70ea3YfkPeGJ0fX6ao7oxEQ==
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e3cc3c9e32a49eeae62082726d0f3d4a
e4f5ccaf2ed66bea9b5cd9b22368372b425fe4cf
976daceed024d19233706cfcd490cb9f85d88811c154b47c97267d61becb502c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 21:07:09 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: g5U-Son9-EkaRmCFk-6SnDrGM6_gEop8yAoRWwjeCZqYNPAwhHUBUg==
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e3cc3c9e32a49eeae62082726d0f3d4a
e4f5ccaf2ed66bea9b5cd9b22368372b425fe4cf
976daceed024d19233706cfcd490cb9f85d88811c154b47c97267d61becb502c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 21:07:09 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6mMr56j-QCqOkSZXreydXlELGT1eBQIbpRnpWQCqPR0guyWy78MZeQ==
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e3cc3c9e32a49eeae62082726d0f3d4a
e4f5ccaf2ed66bea9b5cd9b22368372b425fe4cf
976daceed024d19233706cfcd490cb9f85d88811c154b47c97267d61becb502c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 21:07:09 GMT
Etag: "63d7c813-1d7"
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IvRJUQQc3rppqciK6CWypq-n0W0B9Tqc7BVmLR06g_NrSNBfSQkjKA==
www.kooding.com/fonts/Font_Awesome/css/all.min.css?v=1
200 OK 13 kB URL HTTP/1.1 www.kooding.com/fonts/Font_Awesome/css/all.min.css?v=1
IP
File type ASCII text, with very long lines (59158)
Hash 5c0abc0d65f644ffecc98cbea52570f5
442706cc15510e48192502bf67b98cd55e316f14
526dc60e1adff0718e6eaa8363801331637d3312a7976ec06d55532f6990e400
GET /fonts/Font_Awesome/css/all.min.css?v=1 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:09 GMT
Content-Type: text/css
Last-Modified: Fri, 05 Feb 2021 07:25:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"601cf2de-e7d0"
Expires: Tue, 30 Jan 2024 21:07:09 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3636
Expires: Mon, 30 Jan 2023 22:07:46 GMT
Date: Mon, 30 Jan 2023 21:07:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 83748
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 05:47:49 GMT
age: 55161
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kooding.com/images/logo_files/logo-nav-retina.png
200 OK 4.8 kB URL HTTP/1.1 www.kooding.com/images/logo_files/logo-nav-retina.png
IP
File type PNG image data, 400 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash f84a22e2bcc4160177e3a9c9a744c138
2001f231533f5782a235567a603bd90227ac74af
5f2703e0561c66c360d7deed880dd65d8641b61e7d20bc9553d954187eea0d61
GET /images/logo_files/logo-nav-retina.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:09 GMT
Content-Type: image/png
Content-Length: 4813
Last-Modified: Thu, 18 Jul 2019 19:53:02 GMT
Connection: keep-alive
ETag: "5d30ce1e-12cd"
Expires: Tue, 30 Jan 2024 21:07:09 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/images/press/soompi.png
200 OK 4.4 kB URL HTTP/1.1 www.kooding.com/images/press/soompi.png
IP
File type PNG image data, 200 x 46, 8-bit/color RGBA, interlaced\012- data
Hash 561b93c27deedcdb26bdb09465f2a84d
36c278f5cf754dc8939bcb4395ad5aeaf6a63f1c
a24b1f975357472c97fc26776a2885f74060152b1770ba064367e201df3f434b
GET /images/press/soompi.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:09 GMT
Content-Type: image/png
Content-Length: 4359
Last-Modified: Thu, 19 Dec 2019 23:01:29 GMT
Connection: keep-alive
ETag: "5dfc0149-1107"
Expires: Tue, 30 Jan 2024 21:07:09 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/images/logo_files/kooding-app-icon.png
200 OK 3.1 kB URL HTTP/1.1 www.kooding.com/images/logo_files/kooding-app-icon.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f53acf02617b7e23675ea3c0148202a
7dd5a1ac41132e2e2c0eb54be738a0a5240666bb
4f173d3067a2cf15b5050eeb1ad25ac0a3226c7cd4b34738e50520ccba034b47
GET /images/logo_files/kooding-app-icon.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:09 GMT
Content-Type: image/png
Content-Length: 3139
Last-Modified: Thu, 18 Jul 2019 19:53:02 GMT
Connection: keep-alive
ETag: "5d30ce1e-c43"
Expires: Tue, 30 Jan 2024 21:07:09 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3636
Expires: Mon, 30 Jan 2023 22:07:46 GMT
Date: Mon, 30 Jan 2023 21:07:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3636
Expires: Mon, 30 Jan 2023 22:07:46 GMT
Date: Mon, 30 Jan 2023 21:07:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 82033
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3636
Expires: Mon, 30 Jan 2023 22:07:46 GMT
Date: Mon, 30 Jan 2023 21:07:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 83263
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3636
Expires: Mon, 30 Jan 2023 22:07:46 GMT
Date: Mon, 30 Jan 2023 21:07:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PHd9IMeVMHy0TgXRqXyBCg6CZkOtT1WAOyq8zu8ERfIzoaB-7pLc2A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 15:48:30 GMT
age: 19120
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 82693
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.getcandid.com/scripts/keen-tracker.3.0.7.min.js
200 OK 5.0 kB URL HTTP/2 api.getcandid.com/scripts/keen-tracker.3.0.7.min.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (15023), with no line terminators
Hash 800fb0be644d8cb134f8a09388e67d6e
11764fcdc8869691be53547a0905d0db76e3d1ac
a5f9383d14484e1903c436385ee3c73ecc68aef83424a22d216a64119a3e4d56
GET /scripts/keen-tracker.3.0.7.min.js HTTP/1.1
Host: api.getcandid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:10 GMT
content-encoding: gzip
content-length: 5036
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 23:25:32 GMT
accept-ranges: bytes
cache-control: max-age=5184000
etag: "03e7b45ffd1d81:0"
x-hw: 1675112830.cds243.sk1.hn,1675112830.cds257.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.kooding.com/fonts/Raleway/Raleway-Medium.woff2
200 OK 21 kB URL HTTP/1.1 www.kooding.com/fonts/Raleway/Raleway-Medium.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20820, version 1.0\012- data
Hash de818060c850c7842e9f2cb4d409d2ba
b8e08d3a6a2c6247728c68874550b2dce183d8b3
921755487a4c491f56f630e4a7448209203dc2505a874ad41fc9f84cb7736c6b
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Raleway/Raleway-Medium.woff2 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.kooding.com/fonts/google-fonts.css?v=1
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: application/octet-stream
Content-Length: 20820
Last-Modified: Thu, 18 Jul 2019 19:53:02 GMT
Connection: keep-alive
ETag: "5d30ce1e-5154"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/mr4XpjX7o8Q
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mr4XpjX7o8Q
IP
Hash 2bbce97e5524c70a50e8da1aa275a54e
ea4852e88118ed8bcb3f00658199828bad836773
f39f5f3da0fdf935051ffa046edf4dd32f102c69fef16abfdc7a31367c9ea186
POST /s/gts1p5/mr4XpjX7o8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.reviews.io/timeline/data?type=store_review&store=kooding&sort=date_desc&page=1&per_page=800&enable_avatars=false&include_subrating_breakdown=1&branch=&tag=&v=202313021&minRating=5
200 OK 106 kB URL HTTP/2 api.reviews.io/timeline/data?type=store_review&store=kooding&sort=date_desc&page=1&per_page=800&enable_avatars=false&include_subrating_breakdown=1&branch=&tag=&v=202313021&minRating=5
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106495 bytes)
Hash 065b40f2c332a7222bcfe960f11a656d
95cc4e65c5f634402479393c738b8f96068f2c60
db1bb8021e3fc1fbd0b739dd3e1a4a5997c9bda4bf67f45cc441775ad53f272b
GET /timeline/data?type=store_review&store=kooding&sort=date_desc&page=1&per_page=800&enable_avatars=false&include_subrating_breakdown=1&branch=&tag=&v=202313021&minRating=5 HTTP/1.1
Host: api.reviews.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:10 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: public, max-age=7200, pre-check=7200
last-modified: Mon, 30 Jan 2023 16:23:56 GMT
expires: Mon, 30 Jan 2023 16:43:56 GMT
x-reviewsio-store-key: kooding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,store,apikey
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
server: cloudflare
cf-ray: 791d2cf43a39b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kooding.com/images/press/chinabrands.png
200 OK 5.1 kB URL HTTP/1.1 www.kooding.com/images/press/chinabrands.png
IP
File type PNG image data, 200 x 46, 8-bit/color RGBA, interlaced\012- data
Hash 263b1ed29f30850bd95113296bb95991
bc998bae23a86057ee949476d0c5c8ec632d6f97
fefa5455f96b5aa6797eac14bfb36c5174758f7bd748c850ee8bff34e24b044f
GET /images/press/chinabrands.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: image/png
Content-Length: 5068
Last-Modified: Thu, 19 Dec 2019 23:01:29 GMT
Connection: keep-alive
ETag: "5dfc0149-13cc"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/fonts/Raleway/Raleway-SemiBold.woff2
200 OK 21 kB URL HTTP/1.1 www.kooding.com/fonts/Raleway/Raleway-SemiBold.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20644, version 1.0\012- data
Hash bd2bb116d8276633fec3aba46fe9d254
637b187d0e1146afdab4423e47fcf874d75efe04
e38e932a7546e8caa66061a404a4070beb3fa182d86aab4d42ce34e1ab483a47
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Raleway/Raleway-SemiBold.woff2 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.kooding.com/fonts/google-fonts.css?v=1
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: application/octet-stream
Content-Length: 20644
Last-Modified: Thu, 18 Jul 2019 19:53:02 GMT
Connection: keep-alive
ETag: "5d30ce1e-50a4"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/fonts/Open_Sans/OpenSans-Regular.woff2
200 OK 14 kB URL HTTP/1.1 www.kooding.com/fonts/Open_Sans/OpenSans-Regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14048, version 1.0\012- data
Hash cffb686d7d2f4682df8342bd4d276e09
2c07a9656f1e38da408f20f1cf11581a15cbd7a2
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Open_Sans/OpenSans-Regular.woff2 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.kooding.com/fonts/google-fonts.css?v=1
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: application/octet-stream
Content-Length: 14048
Last-Modified: Thu, 18 Jul 2019 19:53:02 GMT
Connection: keep-alive
ETag: "5d30ce1e-36e0"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/fonts/Font_Awesome/webfonts/fa-solid-900.woff2
200 OK 80 kB URL HTTP/1.1 www.kooding.com/fonts/Font_Awesome/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 80252, version 331.-31327\012- data
Hash 9ae050d1876ac1763eb6afe4264e6d5a
72344eab2e7431eec313caa21f266cbfda7caf60
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Font_Awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.kooding.com/fonts/Font_Awesome/css/all.min.css?v=1
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: application/octet-stream
Content-Length: 80252
Last-Modified: Fri, 05 Feb 2021 07:05:54 GMT
Connection: keep-alive
ETag: "601cee52-1397c"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/images/press/klog.png
200 OK 4.5 kB URL HTTP/1.1 www.kooding.com/images/press/klog.png
IP
File type PNG image data, 200 x 46, 8-bit/color RGBA, interlaced\012- data
Hash abbcf074fc942151b06cf4b4fde31d6e
0592723d1de026bad1a9bbd9f2029889e0ace268
e75fec629abdd53a603efbd52ad7abc199dab3f0ab86d29be2d0d7891faa4528
GET /images/press/klog.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: image/png
Content-Length: 4534
Last-Modified: Thu, 19 Dec 2019 23:01:29 GMT
Connection: keep-alive
ETag: "5dfc0149-11b6"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/fonts/Open_Sans/OpenSans-SemiBold.woff2
200 OK 14 kB URL HTTP/1.1 www.kooding.com/fonts/Open_Sans/OpenSans-SemiBold.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Open_Sans/OpenSans-SemiBold.woff2 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.kooding.com/fonts/google-fonts.css?v=1
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: application/octet-stream
Content-Length: 14544
Last-Modified: Thu, 18 Jul 2019 19:53:02 GMT
Connection: keep-alive
ETag: "5d30ce1e-38d0"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/images/category_effect/paint.png
200 OK 19 kB URL HTTP/1.1 www.kooding.com/images/category_effect/paint.png
IP
File type PNG image data, 400 x 150, 8-bit/color RGBA, interlaced\012- data
Hash 58492ec07f73292c6e5700d0131f5505
d0989c1add15c35e89bd8a1cffb5924aaf0685a9
58f965f2cb34f9d044894ebf89fade696bc74f782b93f83b07c54bb82d4d7b9b
GET /images/category_effect/paint.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: image/png
Content-Length: 19064
Last-Modified: Tue, 24 Dec 2019 02:22:42 GMT
Connection: keep-alive
ETag: "5e017672-4a78"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
cdn-static.kooding.com/css/compressed/flag-icon.min.css
200 OK 23 kB URL HTTP/2 cdn-static.kooding.com/css/compressed/flag-icon.min.css
IP
Hash b93d4b6b64c6a121ad845c5761b709a4
8870ff83ab8e438687fc20730d570a0070dc52cc
2b0f838daf99d89893998061babe4dabe01f05f582d940518a373875866f0a32
GET /css/compressed/flag-icon.min.css HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 17 Feb 2022 15:01:09 GMT
last-modified: Thu, 18 Jul 2019 19:53:02 GMT
etag: W/"5d30ce1e-861c"
expires: Fri, 17 Feb 2023 15:01:09 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gZnEsWuVk9Dd5DCl45Gl4JuTQkzaGIckuf-oInBep3d_jOqUChr22Q==
age: 30002760
X-Firefox-Spdy: h2
www.kooding.com/getProducts_newArrivals?idCategory=1
200 OK 6.6 kB URL HTTP/1.1 www.kooding.com/getProducts_newArrivals?idCategory=1
IP
File type JSON data\012- , ASCII text, with very long lines (54839), with no line terminators
Hash 2c29ff9a2333c63ae6de0e4ae76f7154
3c196e581b596fd9b51998de7b1e50f90496b590
781e9edc2648516df32903ded772660b87cd0b25ffaeea33df74d30305f10b3b
Analyzer Verdict Alert fortinet Phishing
GET /getProducts_newArrivals?idCategory=1 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1; candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: httpReferer=https%3A%2F%2Fwww.kooding.com%2F
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
www.kooding.com/getTrendingSearch?searchPrefType=1
200 OK 220 B URL HTTP/1.1 www.kooding.com/getTrendingSearch?searchPrefType=1
IP
File type JSON data\012- , ASCII text, with very long lines (858), with no line terminators
Hash 9a1c2108399c79ebe3c450f01cad4d51
227af3de83cc7822d8a6605135a175e02351f5da
ed0f6cf4e6854bfa9f2e1da97bc8eeb32fc6068baa72db645e1d4c6344a831f3
Analyzer Verdict Alert fortinet Phishing
GET /getTrendingSearch?searchPrefType=1 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1; candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: httpReferer=https%3A%2F%2Fwww.kooding.com%2F
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
api.reviews.io/json-ld/company/snippet?store=kooding
200 OK 13 kB URL HTTP/2 api.reviews.io/json-ld/company/snippet?store=kooding
IP
File type JSON data\012- , ASCII text
Hash c6a5b9c0772e90426edd588372913596
b50f8065313cc623189733a4a3d53e62deaca822
1eef2854c5478e7fd952edd634829533ff7e2bd2aeb3a566df3fa9d6a8276c90
GET /json-ld/company/snippet?store=kooding HTTP/1.1
Host: api.reviews.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200, pre-check=7200
last-modified: Mon, 30 Jan 2023 20:56:27 GMT
expires: Mon, 30 Jan 2023 21:16:27 GMT
x-reviewsio-store-key: kooding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,store,apikey
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
server: cloudflare
cf-ray: 791d2cf75ed7b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.kooding.com/images/press/buzzfeed.png
200 OK 5.3 kB URL HTTP/1.1 www.kooding.com/images/press/buzzfeed.png
IP
File type PNG image data, 200 x 46, 8-bit/color RGBA, interlaced\012- data
Hash 81ac313bce9fc92d800bba5c4ce18d94
093c8f2cdb29c5096bbfea240ff543747c8cc01e
1fca93f50d31019758a6571875e7251ef7899f0ebdc53338ced75a9090cfc701
GET /images/press/buzzfeed.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: image/png
Content-Length: 5274
Last-Modified: Thu, 19 Dec 2019 23:01:29 GMT
Connection: keep-alive
ETag: "5dfc0149-149a"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/fonts/Open_Sans/OpenSans-Bold.woff2
200 OK 15 kB URL HTTP/1.1 www.kooding.com/fonts/Open_Sans/OpenSans-Bold.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14720, version 1.0\012- data
Hash d08c09f2f169f4a6edbcf8b8d1636cb4
5a6a45d6f98752b11ccb7c4f0f6fd7faf18ad1a7
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Open_Sans/OpenSans-Bold.woff2 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.kooding.com/fonts/google-fonts.css?v=1
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1; candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: application/octet-stream
Content-Length: 14720
Last-Modified: Thu, 18 Jul 2019 19:53:02 GMT
Connection: keep-alive
ETag: "5d30ce1e-3980"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
cdn-static.kooding.com/js/minified/jquery-ui.min.js
200 OK 20 kB URL HTTP/2 cdn-static.kooding.com/js/minified/jquery-ui.min.js
IP
Hash 84bf9f722221a5bb793e3310dccffed3
01da5fcf6cffab0bbb13cd7371e4b5d1ec5d36a6
25a9db3c7f77297e5750fa035bea963a87d39e240128ef243b6dfc4986909721
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/jquery-ui.min.js HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 30 Oct 2022 03:40:49 GMT
last-modified: Thu, 18 Jul 2019 19:53:02 GMT
etag: W/"5d30ce1e-e452"
expires: Mon, 30 Oct 2023 03:40:49 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BzGTsL1PQ1rCawvFY5TPjLddp_8oso3VCYYtmc_iQSGXhkfyICzi1g==
age: 8011580
X-Firefox-Spdy: h2
www.kooding.com/fonts/Font_Awesome/webfonts/fa-brands-400.woff2
200 OK 78 kB URL HTTP/1.1 www.kooding.com/fonts/Font_Awesome/webfonts/fa-brands-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 78472, version 331.-31327\012- data
Hash 0c9f225e8f69c622f681cf1ed973cc3d
9e355abda14ee62a7987b2ba7e2e887d33337e25
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Font_Awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.kooding.com/fonts/Font_Awesome/css/all.min.css?v=1
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: application/octet-stream
Content-Length: 78472
Last-Modified: Fri, 05 Feb 2021 07:05:54 GMT
Connection: keep-alive
ETag: "601cee52-13288"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/fonts/Font_Awesome/webfonts/fa-regular-400.woff2
200 OK 14 kB URL HTTP/1.1 www.kooding.com/fonts/Font_Awesome/webfonts/fa-regular-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13588, version 331.-31327\012- data
Hash 847712aaabbeba674afdda86d31cab17
c07631a91ee71c0a1a84a3151db42b1f2d9a9692
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Font_Awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.kooding.com/fonts/Font_Awesome/css/all.min.css?v=1
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1; candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26; _gcl_au=1.1.1144939471.1675112844; _ga_V4VG4WJL6D=GS1.1.1675112844.1.0.1675112844.0.0.0; _ga=GA1.1.984337549.1675112844; httpReferer=https%3A%2F%2Fwww.kooding.com%2F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:10 GMT
Content-Type: application/octet-stream
Content-Length: 13588
Last-Modified: Fri, 05 Feb 2021 07:05:54 GMT
Connection: keep-alive
ETag: "601cee52-3514"
Expires: Tue, 30 Jan 2024 21:07:10 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Cache-Control: max-age=31536000, public
Pragma: public
Accept-Ranges: bytes
www.kooding.com/getProducts_trending?idCategory=1
200 OK 5.5 kB URL HTTP/1.1 www.kooding.com/getProducts_trending?idCategory=1
IP
File type JSON data\012- , ASCII text, with very long lines (40226), with no line terminators
Hash 3cb7f519cbcd3cc2a0b196446290efbf
04400c5fcd2e4efa955f35d16751a5ac5d196bc2
7575a160942bc91411eb3468f754953e2ec935f0b07de5520f344d71b96047e0
Analyzer Verdict Alert fortinet Phishing
GET /getProducts_trending?idCategory=1 HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1; candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26; _gcl_au=1.1.1144939471.1675112844; _ga_V4VG4WJL6D=GS1.1.1675112844.1.0.1675112844.0.0.0; _ga=GA1.1.984337549.1675112844; httpReferer=https%3A%2F%2Fwww.kooding.com%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
cdn-images.mailchimp.com/embedcode/slim-10_7.css
200 OK 893 B URL HTTP/1.1 cdn-images.mailchimp.com/embedcode/slim-10_7.css
IP
File type ASCII text, with very long lines (393)
Hash 78d61e31fd11189dbd065f8266b95e72
9caca43282b0cf6481793b9b7c12cbdd10831e96
054521f70b47184847f4e546b030da21b2680bb7e6c40a485e22e29df7eb6ee6
GET /embedcode/slim-10_7.css HTTP/1.1
Host: cdn-images.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Dec 2015 20:19:39 GMT
x-amz-version-id: null
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 30 Jan 2023 03:51:40 GMT
ETag: W/"d67b6072a15510e2010ad947aa1213c3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cqA8Utpt8QGhX2F2Rwm4XY5x9E9GYLnEghRr9-U4Nbc9JgS332Rs9Q==
Age: 62145
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5564
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:34:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 19:46:59 GMT
expires: Mon, 30 Jan 2023 21:46:59 GMT
cache-control: public, max-age=7200
age: 4812
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C26C4B33753142FB89CC437783313EEE Ref B: OSL30EDGE0522 Ref C: 2023-01-30T21:07:11Z
date: Mon, 30 Jan 2023 21:07:10 GMT
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
200 OK 1.1 kB IP
File type ASCII text, with very long lines (1146), with no line terminators
Hash 91c4ea42bc7f1df938d8cd8de8d598db
ccecbe4405d83510ca1a6291c374ea8ab1da33d9
aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "91c4ea42bc7f1df938d8cd8de8d598db"
content-type: application/javascript
fastly-restarts: 1
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
date: Mon, 30 Jan 2023 21:07:11 GMT
content-length: 1146
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/kooding.com/config.json
200 OK 584 B URL HTTP/2 cdn.acsbapp.com/cache/app/kooding.com/config.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 52132b17259ba653f5e6081df1a903fd
e222da79827a45969bfb3bd8f9417b5571f94ebf
84f6b572e9f39b67595c026350a8e8ddf264d626ba952a5fb6ac88b33abcbb09
GET /cache/app/kooding.com/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kooding.com/
Origin: https://www.kooding.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:11 GMT
content-type: application/json
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 21:07:11 GMT
last-modified: Mon, 30 Jan 2023 21:06:14 GMT
etag: W/"9d-63d83146-163e6f1c34070919;;;"
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791d2cfa1aebb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 3025fb112231fed65dd6afa7586ea320
7055cfa6528fac0e753e6d5c816ed4c833860b15
8bf2cd4d60db22be0de2f303c50bb070b2c0d4d89376d638e39d03c9d9666da1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4033
Cache-Control: max-age=167121
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Etag: "63d80b8f-139"
Expires: Wed, 01 Feb 2023 19:32:32 GMT
Last-Modified: Mon, 30 Jan 2023 18:25:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:24:04 GMT
expires: Tue, 30 Jan 2024 18:24:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 9787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-V4VG4WJL6D>m=2oe1p0&_p=2493046&cid=984337549.1675112844&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675112844&sct=1&seg=0&dl=https%3A%2F%2Fwww.kooding.com%2F&dt=Korean%20Fashion%2C%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-V4VG4WJL6D>m=2oe1p0&_p=2493046&cid=984337549.1675112844&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675112844&sct=1&seg=0&dl=https%3A%2F%2Fwww.kooding.com%2F&dt=Korean%20Fashion%2C%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g/collect?v=2&tid=G-V4VG4WJL6D>m=2oe1p0&_p=2493046&cid=984337549.1675112844&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675112844&sct=1&seg=0&dl=https%3A%2F%2Fwww.kooding.com%2F&dt=Korean%20Fashion%2C%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
date: Mon, 30 Jan 2023 21:07:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: vyTa1oIRXwCRhuVscIRAcVJRz8A2G3w8dBbqIr+nhRcaguv/T7NN5JyhEjYUboK22zqCrwOgxUy2N/MhUBUVAQ==
content-length: 27815
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 21:07:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.f6304d83.js
200 OK 20 kB URL HTTP/2 s.pinimg.com/ct/lib/main.f6304d83.js
IP
File type ASCII text, with very long lines (56364), with no line terminators
Hash fe9b810e040cd8cd5323a13c712440ca
ffc29540d5d7d231bb6500449752545fcf81fb74
a1da4f552aa59996a83ec493589977c6302d29653981188528298d6db6866890
GET /ct/lib/main.f6304d83.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "fe9b810e040cd8cd5323a13c712440ca"
content-encoding: gzip
content-type: application/javascript
fastly-restarts: 1
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
date: Mon, 30 Jan 2023 21:07:11 GMT
content-length: 19456
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 24f2537abb7a432334bac11270746a28
e2c42c98941d442ddb8d2231f9e50e9ee02a7125
4324ffe6caf348ebc2cc157574bdda86dfed54cd68d5bd73d8b4a00ac5c9529f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3268
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Last-Modified: Mon, 30 Jan 2023 20:12:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.kooding.com/favicon-228x228.png
200 OK 5.1 kB URL HTTP/1.1 www.kooding.com/favicon-228x228.png
IP
File type PNG image data, 228 x 228, 8-bit/color RGBA, non-interlaced\012- data
Hash 36a4c0c9b960537bbd983ecd2f4f205a
7b402402fb0233785cd46424e71968dd831c3ec9
39716ccea91bfc90554e33e1e092aa66b47f7dc77a4e0ed0566fbd762278d93b
GET /favicon-228x228.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1; candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26; _gcl_au=1.1.1144939471.1675112844; _ga_V4VG4WJL6D=GS1.1.1675112844.1.0.1675112844.0.0.0; _ga=GA1.1.984337549.1675112844; httpReferer=https%3A%2F%2Fwww.kooding.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:11 GMT
Content-Type: image/png
Content-Length: 5063
Last-Modified: Sun, 02 Aug 2020 09:53:46 GMT
Connection: keep-alive
ETag: "5f268d2a-13c7"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5564
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:34:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kooding.com/favicon-16x16.png
200 OK 1.2 kB URL HTTP/1.1 www.kooding.com/favicon-16x16.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b0aac13e58ac8cbc61f7d26c41a10dfb
f73e8d29e00c8e56be3d4146c17769c3671f1ec6
c2ce535336ef8aca5df94b11e03b0f140c19eb4ca0ea52912d901975bcccbebd
GET /favicon-16x16.png HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1; candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26; _gcl_au=1.1.1144939471.1675112844; _ga_V4VG4WJL6D=GS1.1.1675112844.1.0.1675112844.0.0.0; _ga=GA1.1.984337549.1675112844; httpReferer=https%3A%2F%2Fwww.kooding.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:11 GMT
Content-Type: image/png
Content-Length: 1200
Last-Modified: Sun, 02 Aug 2020 09:53:46 GMT
Connection: keep-alive
ETag: "5f268d2a-4b0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/5683528.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5683528.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5683528.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F720963EAC14D74B7A9DF280B48BA5E Ref B: OSL30EDGE0522 Ref C: 2023-01-30T21:07:11Z
date: Mon, 30 Jan 2023 21:07:10 GMT
X-Firefox-Spdy: h2
connect.facebook.net/signals/plugins/identity.js?v=2.9.92
200 OK 21 kB URL HTTP/2 connect.facebook.net/signals/plugins/identity.js?v=2.9.92
IP
File type ASCII text, with very long lines (60008)
Hash 4ab212d67df0d744f74a6f6a257b2653
7844504c6b52741b4467b98856b2da4d2e276630
6b5ed11f9d9bfad094e0177b6339804dbdccfece80ea0636343349543ca69c63
GET /signals/plugins/identity.js?v=2.9.92 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: rRzRoxp5bQ3Z6xah9A4wILKH1KjTBXX/l4Lnm4VfVWA4jAz0zTxSKkalpSjhmLZy4Pn5EGuIQfWlJ4Hu/1WCdQ==
content-length: 20722
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 21:07:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/994973256/?random=1675112844101&cv=11&fst=1675112400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kooding.com%2F&tiba=Korean%20Fashion%2C%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2377006998&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/994973256/?random=1675112844101&cv=11&fst=1675112400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kooding.com%2F&tiba=Korean%20Fashion%2C%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2377006998&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/994973256/?random=1675112844101&cv=11&fst=1675112400000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.kooding.com%2F&tiba=Korean%20Fashion%2C%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2377006998&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 21:07:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10034486.json
200 OK 2 B URL HTTP/2 s.yimg.com/wi/config/10034486.json
IP
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10034486.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: RZZYVT411FTM7MXJ
x-amz-id-2: 6HW+2WTfEcX5FxJuutEN8o+mau9YKW8M3yc8TRYZk8fik51ghFQ7BN+X3qyOy3VeSFWcm6Dzmow=
content-type: application/json
date: Mon, 30 Jan 2023 20:43:42 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 1409
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn-static.kooding.com/css/compressed/jquery-ui.min.css
200 OK 4.2 kB URL HTTP/2 cdn-static.kooding.com/css/compressed/jquery-ui.min.css
IP
Hash 7247f3d9918480e523d86c2404ccdb0b
b136b308666f40f30d79ec025722d74162bf428f
f486c6f1059b912d77e33b9308f606c08c8c7e73869c3c70daa9463b0e112431
GET /css/compressed/jquery-ui.min.css HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Tue, 05 Apr 2022 07:11:06 GMT
last-modified: Thu, 18 Jul 2019 19:53:02 GMT
etag: W/"5d30ce1e-4e38"
expires: Wed, 05 Apr 2023 07:11:06 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pqL9F5kmrH-u03R-mbjjcOKPk3r2fVQ1_XCHWCCtxWHoJK2ULBn6aA==
age: 25970164
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/v3/?tid=2613446786068&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.kooding.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1675112845095
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613446786068&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.kooding.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1675112845095
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613446786068&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.kooding.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1675112845095 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 2803903983201381
date: Mon, 30 Jan 2023 21:07:11 GMT
akamai-grn: 0.274f2417.1675112831.ee324001
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613446786068&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1675112845094&dep=2%2CPAGE_LOAD
200 OK 375 B URL HTTP/2 ct.pinterest.com/user/?tid=2613446786068&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1675112845094&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Hash f23754c0cabb23c00d00ec7cd0708b27
8b2826c766d44ba22ab77c66ba8b3389e3c1d482
1a26de1b3b0d3dbc8d54d94feeeb6ac92d05fbbe3132e2a2167caec156ac7796
GET /user/?tid=2613446786068&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1675112845094&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU5qTXhabUU0TldFdE1EZGtPQzAwWkdJd0xUaGtORGd0TURkalpqRTBNR0poWmpjeA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://www.kooding.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 375
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 4918202041585133
date: Mon, 30 Jan 2023 21:07:11 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1675112831.ee324011
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=www.kooding.com&origin=onetag
200 OK 30 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.kooding.com&origin=onetag
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (51460)
Hash 83cf7f4619e8985ed6b503aa5e79ce10
149e0080cb0147a3e92631b4c4b42f25e397f856
5caa24c18ffa220d747ba849ba68212fbacbc5e00642522aa17f15b751ab336e
GET /syncframe?topUrl=www.kooding.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:10 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=c0b06f61-623b-4ebc-a549-ca248b378e2c; expires=Sat, 24 Feb 2024 21:07:11 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 570576
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 94da194bbf70aa41a65827c4882ea756
6db97bd2d9b0d4406523d4a6984f62a21d76c6a8
eaf9c0e5fef6d174295c7abb4b3b61620cfdb84067e86b3544ebdb37f9d916a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1611
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Last-Modified: Mon, 30 Jan 2023 20:40:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:11 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=iF0KZ180M0RITmhlJTJCZkMwOUJGQlhaMUN2czFCdTlUTm5hWmt6Y3BKYk8lMkZrVlJURGM5ZEJUcDZPNlVwUyUyQk10NTkyRmY4; expires=Sat, 24 Feb 2024 21:07:11 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 200694
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.kooding.com/getProducts_trending?idCategory=1065&type=beauty
200 OK 4.8 kB URL HTTP/1.1 www.kooding.com/getProducts_trending?idCategory=1065&type=beauty
IP
File type JSON data\012- , ASCII text, with very long lines (32804), with no line terminators
Hash 97af80b0edde2e13b6c974b69988071a
a186ee7d68af024ac200b0691cb2ec7fa8e48276
9d9e7690a9a8be57a93c7de0793fd32e93788a2e4a0008fca3768df27064e4fd
GET /getProducts_trending?idCategory=1065&type=beauty HTTP/1.1
Host: www.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.kooding.com/
Cookie: PHPSESSID=rgm01hjunpqs5gh2elhkns214b; idUser_guest=23060073; signupCouponPopupCounter=1; candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26; _gcl_au=1.1.1144939471.1675112844; _ga_V4VG4WJL6D=GS1.1.1675112844.1.0.1675112844.0.0.0; _ga=GA1.2.984337549.1675112844; httpReferer=https%3A%2F%2Fwww.kooding.com%2F; _uetsid=185cb560a0e211ed9d00955ba41a9832; _uetvid=185cdda0a0e211edb9b89536ddab07a8; _gid=GA1.2.198350002.1675112845; _gat_gtag_UA_33711529_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 21:07:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
bat.bing.com/action/0?ti=5683528&Ver=2&mid=b6d1a0b0-147d-4ffb-bccc-7dc491bb50c9&sid=185cb560a0e211ed9d00955ba41a9832&vid=185cdda0a0e211edb9b89536ddab07a8&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Korean%20Fashion,%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&p=https%3A%2F%2Fwww.kooding.com%2F&r=<=2592&evt=pageLoad&sv=1&rn=672645
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5683528&Ver=2&mid=b6d1a0b0-147d-4ffb-bccc-7dc491bb50c9&sid=185cb560a0e211ed9d00955ba41a9832&vid=185cdda0a0e211edb9b89536ddab07a8&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Korean%20Fashion,%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&p=https%3A%2F%2Fwww.kooding.com%2F&r=<=2592&evt=pageLoad&sv=1&rn=672645
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5683528&Ver=2&mid=b6d1a0b0-147d-4ffb-bccc-7dc491bb50c9&sid=185cb560a0e211ed9d00955ba41a9832&vid=185cdda0a0e211edb9b89536ddab07a8&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Korean%20Fashion,%20Skincare%20%26%20Beauty%20Online%20%E2%80%93%20KOODING&p=https%3A%2F%2Fwww.kooding.com%2F&r=<=2592&evt=pageLoad&sv=1&rn=672645 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=255254E08AF668A7040446498B0369C4; domain=.bing.com; expires=Sat, 24-Feb-2024 21:07:11 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5A852DDCCE5490383B339D0DDF9C47C Ref B: OSL30EDGE0522 Ref C: 2023-01-30T21:07:11Z
date: Mon, 30 Jan 2023 21:07:10 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 64aab243abc75ee3a98fe22060a8ef6a
52c51e76a76ef24f57fce419abb2a08838e1226a
187d2be07e3fcedc61afd1b789d44ba91d221446f0dee8d5f2d2bb3358f4a230
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 549
Cache-Control: max-age=113241
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Etag: "63d746b3-139"
Expires: Wed, 01 Feb 2023 04:34:32 GMT
Last-Modified: Mon, 30 Jan 2023 04:25:23 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 64aab243abc75ee3a98fe22060a8ef6a
52c51e76a76ef24f57fce419abb2a08838e1226a
187d2be07e3fcedc61afd1b789d44ba91d221446f0dee8d5f2d2bb3358f4a230
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1281
Cache-Control: max-age=113973
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:11 GMT
Etag: "63d746b3-139"
Expires: Wed, 01 Feb 2023 04:46:44 GMT
Last-Modified: Mon, 30 Jan 2023 04:25:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
gem.gbc.criteo.com/newidsd
200 OK 15 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash db5b5a4778b52116d0c5d0d824fccd4f
df1c76b5daa0be7286d14bdb45d7e8c63917a778
a4bb837921912b7f8dfdf8c3cf8cd8d79e41c7e42252139ea73b089ba669a49a
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 70542
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 361588
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1010965622276392&ev=PageView&dl=https%3A%2F%2Fwww.kooding.com%2F&rl=&if=false&ts=1675112845382&cd[eventID]=97cd4e13476a0a2da0f1c16b012ff567c9dc0577&sw=1280&sh=1024&ud[ge]=252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675112845380.506696692&it=1675112845103&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1010965622276392&ev=PageView&dl=https%3A%2F%2Fwww.kooding.com%2F&rl=&if=false&ts=1675112845382&cd[eventID]=97cd4e13476a0a2da0f1c16b012ff567c9dc0577&sw=1280&sh=1024&ud[ge]=252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675112845380.506696692&it=1675112845103&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1010965622276392&ev=PageView&dl=https%3A%2F%2Fwww.kooding.com%2F&rl=&if=false&ts=1675112845382&cd[eventID]=97cd4e13476a0a2da0f1c16b012ff567c9dc0577&sw=1280&sh=1024&ud[ge]=252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675112845380.506696692&it=1675112845103&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 21:07:11 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33711529-1&cid=984337549.1675112844&jid=544875516&gjid=2055157453&_gid=198350002.1675112845&_u=YADAAUAAAAAAACAAI~&z=1386819609
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33711529-1&cid=984337549.1675112844&jid=544875516&gjid=2055157453&_gid=198350002.1675112845&_u=YADAAUAAAAAAACAAI~&z=1386819609
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33711529-1&cid=984337549.1675112844&jid=544875516&gjid=2055157453&_gid=198350002.1675112845&_u=YADAAUAAAAAAACAAI~&z=1386819609 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.kooding.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 21:07:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 81 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
Hash 772306cb195a19edc78499e4c33917a5
68f6318200b1c375a4910685405767fbb5728ae0
69b0d3569da2aaa0a3683b60c04f4430ca1265d1063e7691f53744a820b872d3
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 96975
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 64cdd9acaff00e255145e2b6411d8565
97ebee6c68b7e089adf11f525b46b3640029ccab
dea488076a4a350aed891f190cee8e5d65ae841d6af96b5a0bf3cfee09288dc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5229
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:12 GMT
Last-Modified: Mon, 30 Jan 2023 19:40:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 727
web1.acsbapp.com/apps/app/dist/media/logomono.svg
200 OK 1.2 kB URL HTTP/2 web1.acsbapp.com/apps/app/dist/media/logomono.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 5a1c5c803738f6acbab0a79379c92c10
9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350
GET /apps/app/dist/media/logomono.svg HTTP/1.1
Host: web1.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 30 Jan 2024 21:07:12 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Mon, 30 Jan 2023 21:07:12 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:13 GMT
expires: Sat, 27 Jan 2024 10:05:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 298919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 452 B IP
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (674), with no line terminators
Hash db069c2fa5f203346779a6fd9f5f93d2
58ae22278841217654102ba0b246038877166b7d
e41de4d271e9005ddd4c56de0030f3fc89ec8d46555b741e7852ebc43088f753
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=iF0KZ180M0RITmhlJTJCZkMwOUJGQlhaMUN2czFCdTlUTm5hWmt6Y3BKYk8lMkZrVlJURGM5ZEJUcDZPNlVwUyUyQk10NTkyRmY4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=BJIFfl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFCdTlUTm5hWmt6Y3BKYk8lMkZrVlJUQ2xibHhMVks0bFRPVnN3VkNmVEU0Yg; expires=Sat, 24 Feb 2024 21:07:12 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 496059
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=A029654E014845CC8C5B6C6097180584&RedC=c.clarity.ms&MXFR=2624D6834E676C03274EC42A4A6762FC
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2624D6834E676C03274EC42A4A6762FC; domain=.clarity.ms; expires=Sat, 24-Feb-2024 21:07:12 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 30 Jan 2023 21:07:11 GMT
content-length: 0
X-Firefox-Spdy: h2
d.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 634
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.kooding.com
access-control-allow-credentials: true
date: Mon, 30 Jan 2023 21:07:12 GMT
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=A029654E014845CC8C5B6C6097180584&RedC=c.clarity.ms&MXFR=2624D6834E676C03274EC42A4A6762FC
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=A029654E014845CC8C5B6C6097180584&RedC=c.clarity.ms&MXFR=2624D6834E676C03274EC42A4A6762FC
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=A029654E014845CC8C5B6C6097180584&RedC=c.clarity.ms&MXFR=2624D6834E676C03274EC42A4A6762FC HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kooding.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=A029654E014845CC8C5B6C6097180584&MUID=10DAB725688E65301BD1A58C697B6429
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=10DAB725688E65301BD1A58C697B6429; domain=c.bing.com; expires=Sat, 24-Feb-2024 21:07:12 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CE259B270C3341E085C1C2706356EDB4 Ref B: OSL30EDGE0522 Ref C: 2023-01-30T21:07:12Z
date: Mon, 30 Jan 2023 21:07:11 GMT
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=kooding.com&sn=FirefoxSyncframe&so=0&topUrl=www.kooding.com&info=BJIFfl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFCdTlUTm5hWmt6Y3BKYk8lMkZrVlJUQ2xibHhMVks0bFRPVnN3VkNmVEU0Yg&idsd=-97433724,-533651818&cw=1&lsw=1
200 OK 325 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=kooding.com&sn=FirefoxSyncframe&so=0&topUrl=www.kooding.com&info=BJIFfl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFCdTlUTm5hWmt6Y3BKYk8lMkZrVlJUQ2xibHhMVks0bFRPVnN3VkNmVEU0Yg&idsd=-97433724,-533651818&cw=1&lsw=1
IP
File type JSON data\012- , ASCII text, with very long lines (388), with no line terminators
Hash 9386f985868472a188f6a56fc585f39f
0dd31b9b5faf08d84ad6f53778e852fe2676bb47
c14e581ad74d860433093f44f8b2592f0af00bebdfdc687a35a80b8be6d3779c
GET /sid/json?origin=onetag&domain=kooding.com&sn=FirefoxSyncframe&so=0&topUrl=www.kooding.com&info=BJIFfl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFCdTlUTm5hWmt6Y3BKYk8lMkZrVlJUQ2xibHhMVks0bFRPVnN3VkNmVEU0Yg&idsd=-97433724,-533651818&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=www.kooding.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1389612
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=A029654E014845CC8C5B6C6097180584&MUID=10DAB725688E65301BD1A58C697B6429
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=A029654E014845CC8C5B6C6097180584&MUID=10DAB725688E65301BD1A58C697B6429
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=A029654E014845CC8C5B6C6097180584&MUID=10DAB725688E65301BD1A58C697B6429 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kooding.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 30-Jan-2023 21:17:12 GMT; path=/; SameSite=None; Secure;
date: Mon, 30 Jan 2023 21:07:12 GMT
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 19cd272087ad0ad855a95690074275f7
90890b1f88a2c2d38dd33eee17e383e80beadbb1
5119ddb01cc825ded79214701ac94dbdaf32da40800d1e632bbaa6cf9671d672
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2204
Cache-Control: max-age=103731
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Etag: "63d71b18-139"
Expires: Wed, 01 Feb 2023 01:56:04 GMT
Last-Modified: Mon, 30 Jan 2023 01:19:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 45a4d850f00c4480dfb613947891dbac
21101aa40a75724b3973e6dcb85e9f788d359457
7e86c4b2a3874c8d607948462ad3d6567c1c8a4fcfb5f8b9a3b1876deffca4e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E86C4B2A3874C8D607948462AD3D6567C1C8A4FCFB5F8B9A3B1876DEFFCA4E6"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3299
Expires: Mon, 30 Jan 2023 22:02:12 GMT
Date: Mon, 30 Jan 2023 21:07:13 GMT
Connection: keep-alive
cdn.acsbapp.com/cache/app/en.build.json
200 OK 30 kB URL HTTP/2 cdn.acsbapp.com/cache/app/en.build.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Hash ff052048321043368d3075819407b59e
54c009be6ac97e861150bcf8bd3a91e1a51c7e68
dc128f1eb9f7f7c9ad08b86181f12e1c70eb291afd9cd63ef4144363e609d870
GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kooding.com/
Origin: https://www.kooding.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:11 GMT
content-type: application/json
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 21:07:11 GMT
last-modified: Sat, 28 Jan 2023 19:02:03 GMT
etag: W/"3bb7f-63d5712b-127308840042964f;;;"
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 791d2cfd4853b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
matching.ivitrack.com/sync?realm=criteo&uid=k-Ao_0lMI5tursrE79o6AqdfB4COnEXMeAf1z0xw
200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-Ao_0lMI5tursrE79o6AqdfB4COnEXMeAf1z0xw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-Ao_0lMI5tursrE79o6AqdfB4COnEXMeAf1z0xw HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Mon, 30 Jan 2023 21:07:12 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 45a4d850f00c4480dfb613947891dbac
21101aa40a75724b3973e6dcb85e9f788d359457
7e86c4b2a3874c8d607948462ad3d6567c1c8a4fcfb5f8b9a3b1876deffca4e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E86C4B2A3874C8D607948462AD3D6567C1C8A4FCFB5F8B9A3B1876DEFFCA4E6"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3299
Expires: Mon, 30 Jan 2023 22:02:12 GMT
Date: Mon, 30 Jan 2023 21:07:13 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d612e82faa1294c58c10b2b186f63224
c4bc5467378ece1970403a34d20c83701fd1e767
a666b5c47cf73f1b9e617844874839c070bfa91dd8a9a3531980a550fffa8eec
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116684
Date: Mon, 30 Jan 2023 21:07:13 GMT
Etag: "63d75324-1d7"
Expires: Wed, 01 Feb 2023 05:31:57 GMT
Last-Modified: Mon, 30 Jan 2023 05:18:28 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UdgqhYW-S_w5BNvYV_CtDnXTAyZ7Ws6T0-ZkUUyKuaopx9AKzF7q9Q==
Age: 809
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 30 Jan 2023 21:07:12 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 909209
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-6cbsc8I5tursrE79o6AqdfB4COn99_qZmpkjyw
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-6cbsc8I5tursrE79o6AqdfB4COn99_qZmpkjyw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-6cbsc8I5tursrE79o6AqdfB4COn99_qZmpkjyw HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Mon, 30 Jan 2023 21:07:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 21:07:13 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_cm&google_hm=ay1GTGFPbU1JNXR1cnNyRTc5bzZBcWRmQjRDT25DYWxubWlYU3pSZw
302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_cm&google_hm=ay1GTGFPbU1JNXR1cnNyRTc5bzZBcWRmQjRDT25DYWxubWlYU3pSZw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b1897846f50a1e9b3b77dfdf7aea971b
5f976c35c8176a090ad50b18404b18f3c38994d2
8473bceb015e0126a56fdec15fbed18ecd76f3e2546606ef443dbabd517e42cd
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_cm&google_hm=ay1GTGFPbU1JNXR1cnNyRTc5bzZBcWRmQjRDT25DYWxubWlYU3pSZw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_cm=&google_hm=ay1GTGFPbU1JNXR1cnNyRTc5bzZBcWRmQjRDT25DYWxubWlYU3pSZw&google_tc=
date: Mon, 30 Jan 2023 21:07:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 21:22:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-yZflBsI5tursrE79o6AqdfB4COn9klxy66GjzA
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-yZflBsI5tursrE79o6AqdfB4COn9klxy66GjzA
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-yZflBsI5tursrE79o6AqdfB4COn9klxy66GjzA HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3181144333580203000V10; Expires=Tue, 30 Jan 2024 21:07:13 GMT; domain=.media.net; Path=/;
data-c-ts=1675112833;Expires=Wed, 01 Mar 2023 21:07:13 GMT;path=/;domain=.media.net;
data-c=k-yZflBsI5tursrE79o6AqdfB4COn9klxy66GjzA~~3;Expires=Wed, 01 Mar 2023 21:07:13 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Mon, 30 Jan 2023 21:07:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 21:07:13 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_cm=&google_hm=ay1GTGFPbU1JNXR1cnNyRTc5bzZBcWRmQjRDT25DYWxubWlYU3pSZw&google_tc=
302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_cm=&google_hm=ay1GTGFPbU1JNXR1cnNyRTc5bzZBcWRmQjRDT25DYWxubWlYU3pSZw&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d8613b814b89647ac62747075117f137
c74848ec41884d883e34a66928fd7a5963f5c075
7c2fcd4ab07c58716a6c2311fc6e14dbc4ee450a60458bc2307e467020f1c8bd
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_cm=&google_hm=ay1GTGFPbU1JNXR1cnNyRTc5bzZBcWRmQjRDT25DYWxubWlYU3pSZw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_error=3
date: Mon, 30 Jan 2023 21:07:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 532250c014e17816239b02068b8555fd
8d555fad7c581efb177f90509f348b85684be148
2f4ee22674eb68aed1671dbdf9e8c88a7ebeaa871d99c1042b4eb574a69c5804
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147529
Date: Mon, 30 Jan 2023 21:07:13 GMT
Etag: "63d7bf89-1d7"
Expires: Wed, 01 Feb 2023 14:06:02 GMT
Last-Modified: Mon, 30 Jan 2023 13:00:57 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tszlyJpjtEy-AfuXkYFpfxvtEeumXrLXXUY2H4MyPK8oruoS9LT-JQ==
Age: 3905
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f90d6763b441d6c21e0390f9702b2604
f35fb1ab8ef86ee332c662940f47d2aa89e809bf
8cd8dc48a477354413f1e9bfbac802f9ef7b12dd07cc8a1efcb431643cf2f114
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118762
Date: Mon, 30 Jan 2023 21:07:13 GMT
Etag: "63d74ef8-1d7"
Expires: Wed, 01 Feb 2023 06:06:35 GMT
Last-Modified: Mon, 30 Jan 2023 05:00:40 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GcRyJqtmZhOH5yl9zrryP6qWWIPVzei2SrdByPLdfAk5cmflCJB_1A==
Age: 3955
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 21:07:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: a9baf84b-1994-4502-8032-007551cf257e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash 691bd8bdf2d3130b5909696ad64f490f
65fde5ff7305c656ed515f650993901db2ce15b4
c3ef3942b395c61b7e55a28e39a574a1ee8da6672a2c23aff4266551a436c270
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6515
Cache-Control: max-age=107300
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Etag: "63d71832-1d7"
Expires: Wed, 01 Feb 2023 02:55:33 GMT
Last-Modified: Mon, 30 Jan 2023 01:06:58 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash d3588a5266857c3bfb7ac9c37f592c12
d1db21253e762d717a46f6dd731162dd1367fad6
00655ddd7a88e2005bb9990d12605ab87298dbe5c5ddb6c8f40ea939affcc517
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5302
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Last-Modified: Mon, 30 Jan 2023 19:38:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
eb2.3lift.com/xuid?mid=2711&xuid=k-kPc2BcI5tursrE79o6AqdfB4COlUKwM1jANY8Q&dongle=013b
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-kPc2BcI5tursrE79o6AqdfB4COlUKwM1jANY8Q&dongle=013b
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-kPc2BcI5tursrE79o6AqdfB4COlUKwM1jANY8Q&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:13 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 86a495b75ff859704f449758c94f6437
18570ecd08c8b7faa884bda9941a553d22f2a4ca
1814989ca5fb4e099342d961ab895268f13bc976f9b95ef8427086add176792f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3578
Cache-Control: max-age=154020
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Etag: "63d7da2b-1d7"
Expires: Wed, 01 Feb 2023 15:54:13 GMT
Last-Modified: Mon, 30 Jan 2023 14:54:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-4yCYqcI5tursrE79o6AqdfB4COmVsAy5CNfCJw
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-4yCYqcI5tursrE79o6AqdfB4COmVsAy5CNfCJw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-4yCYqcI5tursrE79o6AqdfB4COmVsAy5CNfCJw HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 21:07:13 GMT
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5FFwwMI5tursrE79o6AqdfB4COmD8HuO-5sZKg&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5FFwwMI5tursrE79o6AqdfB4COmD8HuO-5sZKg&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-5FFwwMI5tursrE79o6AqdfB4COmD8HuO-5sZKg&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
Content-Type: image/gif
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-8FyoeMI5tursrE79o6AqdfB4COnfp4ninFohiirome0tKg23
200 OK 63 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-8FyoeMI5tursrE79o6AqdfB4COnfp4ninFohiirome0tKg23
IP
Hash fb72ce257bb4fb36a4741b2016a2e64d
a08a70b85d4a175f496728526d4a38e3bf36f9c3
519ba183fd3f4b47612077896e8e2378b35f7b8816098a5255c0127eae22fbe2
GET /usersync/push?partner=criteo&partnerId=k-8FyoeMI5tursrE79o6AqdfB4COnfp4ninFohiirome0tKg23 HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:13 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%221183d960-a0e2-11ed-8f14-7956f9fe0f64%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 13 Feb 2023 21:07:13 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%221183d960-a0e2-11ed-8f14-7956f9fe0f64%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 13 Feb 2023 21:07:13 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%221183d960-a0e2-11ed-8f14-7956f9fe0f64%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 13 Feb 2023 21:07:13 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%221183d960-a0e2-11ed-8f14-7956f9fe0f64%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Mon, 13 Feb 2023 21:07:13 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-8FyoeMI5tursrE79o6AqdfB4COnfp4ninFohiirome0tKg23%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Mon, 13 Feb 2023 21:07:13 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-qEoU4MI5tursrE79o6AqdfB4COm4JUCUBVFf5w
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-qEoU4MI5tursrE79o6AqdfB4COm4JUCUBVFf5w
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-qEoU4MI5tursrE79o6AqdfB4COm4JUCUBVFf5w HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 21:07:13 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-qEoU4MI5tursrE79o6AqdfB4COm4JUCUBVFf5w&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIEx2GMCEPVKigU21gVuk-MHLXzPudwFEgEBAQGD2WPiYwAAAAAA_eMAAA&S=AQAAAl0Jlb8Y6830RkN8P3AqJJ4; Expires=Wed, 31 Jan 2024 03:07:13 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash ae107a2f8c152c876bd2501bf98cd85e
fe92963c9a05df9341d2a66f260a83c2655e28da
5a1c926c57dfa5ce6f0b892ffff19c9bdca0bc5348fc567a676273705ff924d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 319
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Last-Modified: Mon, 30 Jan 2023 21:01:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-qEoU4MI5tursrE79o6AqdfB4COm4JUCUBVFf5w&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-qEoU4MI5tursrE79o6AqdfB4COm4JUCUBVFf5w&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-qEoU4MI5tursrE79o6AqdfB4COm4JUCUBVFf5w&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 21:07:13 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIEx2GMCEFI-mxY4E9RwPyghNyOrMosFEgEBAQGD2WPiYwAAAAAA_eMAAA&S=AQAAAk5hQToGAdMBB3L4W1w2FaI; Expires=Wed, 31 Jan 2024 03:07:13 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b96041a7259d7f68b353c9a5346e15f3
0e4a597600c8fb3087ea4f49059497aee58e19b0
da43e4de91afe1a4508220400ab7b1203ef3577a7a6a3bbe68e7084fe4d424e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1739
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Last-Modified: Mon, 30 Jan 2023 20:38:14 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-rvq3lMI5tursrE79o6AqdfB4COnRqGUFmTUD2Q
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-rvq3lMI5tursrE79o6AqdfB4COnRqGUFmTUD2Q
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-rvq3lMI5tursrE79o6AqdfB4COnRqGUFmTUD2Q HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Mon, 30 Jan 2023 21:07:12 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=2906186756510258008; expires=Thu, 29 Feb 2024 21:07:13 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 29 Feb 2024 21:07:13 GMT; domain=smartadserver.com; path=/
csync=79:k-rvq3lMI5tursrE79o6AqdfB4COnRqGUFmTUD2Q; expires=Tue, 30 Jan 2024 21:07:13 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
200 OK 471 B IP
Hash 81552288bbf68d56287235714f4ff5ab
ce6ce06b1e15f76ef30296a54e2b4520f5d861a8
8a39a876a49e880f31cb2c92563213de594b823302fbf945a737fd7787a19dd6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4950
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Last-Modified: Mon, 30 Jan 2023 19:44:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 10c0ec2ac145d586418c9b7c424c54d9
08697581d0c5095a889d35696d3d220b8df3d0f3
855452abe7077aa14ff7a8a05ca04a44d614084cadeb64449f9a6f26b552edde
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105452
Date: Mon, 30 Jan 2023 21:07:13 GMT
Etag: "63d71138-1d7"
Expires: Wed, 01 Feb 2023 02:24:45 GMT
Last-Modified: Mon, 30 Jan 2023 00:37:12 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l_Xyj1F_iWNmHwXuIXF7SQ-HUTVm-IMYTuguuSVsUaSgSlezWQxk9g==
Age: 6453
ocsp.digicert.com/
200 OK 471 B IP
Hash bb443b9bfa0561d232977c3efc56c18b
356bc89d228a0db33272118105f1290fd2563af7
984f8cb4f169b1f32c2d06abf86d77e985f0d27ef6eaa57be681574b97d3bbe4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 766
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Last-Modified: Mon, 30 Jan 2023 20:54:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sbdYHMI5tursrE79o6AqdfB4COk7uoBWcnOZLQ
302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sbdYHMI5tursrE79o6AqdfB4COk7uoBWcnOZLQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-sbdYHMI5tursrE79o6AqdfB4COk7uoBWcnOZLQ HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 21:07:13 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-sbdYHMI5tursrE79o6AqdfB4COk7uoBWcnOZLQ&C=1
cf-ray: 791d2d0b7ab4b51e-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y9gxgZljTOvGs6pdEPW-9wAA; Path=/; Domain=casalemedia.com; Expires=Tue, 30 Jan 2024 21:07:13 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1854; Path=/; Domain=casalemedia.com; Expires=Sun, 30 Apr 2023 21:07:13 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1854; Path=/; Domain=casalemedia.com; Expires=Sun, 30 Apr 2023 21:07:13 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pdg4Q8g2ZZdDqsmU0Is7SiyrYSpHEGcqXANGOGMqJTSCaFMiXFT76y%2BEXvKGTc6zfyyUtFSvnJ8faeUZihpFgdb4cr3cEX9a%2FBtJ5mGOjREnbmzOzfmM95geSy%2B8%2FcgvkuP%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-ctUkVMI5tursrE79o6AqdfB4COntXtsGwgLuMw
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-ctUkVMI5tursrE79o6AqdfB4COntXtsGwgLuMw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-ctUkVMI5tursrE79o6AqdfB4COntXtsGwgLuMw HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sun, 29 Jan 2023 21:07:13 GMT
Date: Mon, 30 Jan 2023 21:07:13 GMT
Connection: keep-alive
Set-Cookie: id=66fd74ec-ccfc-4232-bc70-4c149d7a2dce; Path=/; Domain=prod.svc.y6b.de; Expires=Tue, 30-Jan-2024 21:07:13 GMT; Max-Age=31536000; Secure; SameSite=None
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=63244729417720957993698630331141672201; Max-Age=15552000; Expires=Sat, 29 Jul 2023 21:07:13 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RwSeoBSPTBE=
Content-Length: 0
Connection: keep-alive
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dVBXtsI5tursrE79o6AqdfB4COnoxj6y0eIpMg
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dVBXtsI5tursrE79o6AqdfB4COnoxj6y0eIpMg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-dVBXtsI5tursrE79o6AqdfB4COnoxj6y0eIpMg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 21:07:13 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dVBXtsI5tursrE79o6AqdfB4COnoxj6y0eIpMg
set-cookie: tuuid=0d53f085-3717-43fa-973f-af0c5563e913; Expires=Sun, 30 Apr 2023 21:07:13 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675112833; Expires=Sun, 30 Apr 2023 21:07:13 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 799143249f77ca1827308acbb8dcfee4
0fee8738f4f30929a293bbaf3a3a943573cc47af
a8e14a93a08fc9f741cf3f45cbdf6c194870cbe17ff9904caed7747dedbaa754
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 30 Jan 2023 21:07:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 21:26:40 GMT
Expires: Mon, 30 Jan 2023 21:26:40 GMT
ETag: "0fee8738f4f30929a293bbaf3a3a943573cc47af"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-LG2-EsI5tursrE79o6AqdfB4COkAx47lgT8LHA
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-LG2-EsI5tursrE79o6AqdfB4COkAx47lgT8LHA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-LG2-EsI5tursrE79o6AqdfB4COkAx47lgT8LHA HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 21:07:13 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-LG2-EsI5tursrE79o6AqdfB4COkAx47lgT8LHA&KRTB&23144-uid:k-LG2-EsI5tursrE79o6AqdfB4COkAx47lgT8LHA&KRTB&23286-uid:k-LG2-EsI5tursrE79o6AqdfB4COkAx47lgT8LHA&KRTB&23287-uid:k-LG2-EsI5tursrE79o6AqdfB4COkAx47lgT8LHA; domain=pubmatic.com; secure; expires=Wed, 01-Mar-2023 21:07:13 GMT; path=/
PugT=1675112833; domain=pubmatic.com; secure; expires=Wed, 01-Mar-2023 21:07:13 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b96041a7259d7f68b353c9a5346e15f3
0e4a597600c8fb3087ea4f49059497aee58e19b0
da43e4de91afe1a4508220400ab7b1203ef3577a7a6a3bbe68e7084fe4d424e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1739
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:13 GMT
Last-Modified: Mon, 30 Jan 2023 20:38:14 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dVBXtsI5tursrE79o6AqdfB4COnoxj6y0eIpMg
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dVBXtsI5tursrE79o6AqdfB4COnoxj6y0eIpMg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-dVBXtsI5tursrE79o6AqdfB4COnoxj6y0eIpMg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:13 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: KZocstx1SsA=
Content-Length: 59
Connection: keep-alive
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sbdYHMI5tursrE79o6AqdfB4COk7uoBWcnOZLQ&C=1
200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sbdYHMI5tursrE79o6AqdfB4COk7uoBWcnOZLQ&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-sbdYHMI5tursrE79o6AqdfB4COk7uoBWcnOZLQ&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:13 GMT
content-type: image/gif
content-length: 43
cf-ray: 791d2d0bdb41b51e-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfYuhI%2FzumxfBlJF1TBC5%2FWGXDa4WOtgh0MZznWbn%2B6KxnVl9nHZ8xDe8WkKV7T4XPl1k1pYoEEhzst7qkj77KObdxalR2KyLhPqKaqm4YC0lN2b0%2FvW4jpANvuXzn3MyExU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-9AElrsI5tursrE79o6AqdfB4COmghdZdYn6wisphLmNLCNnZ
204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-9AElrsI5tursrE79o6AqdfB4COmghdZdYn6wisphLmNLCNnZ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-9AElrsI5tursrE79o6AqdfB4COmghdZdYn6wisphLmNLCNnZ HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Mon, 30 Jan 2023 21:07:13 GMT
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 30 Jan 2023 21:07:12 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 924168
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-niohAsI5tursrE79o6AqdfB4COmxGojjQFbjkg
200 OK 408 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-niohAsI5tursrE79o6AqdfB4COmxGojjQFbjkg
IP
File type JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Hash 57de7889684b7342664382aae05316c4
44d54401eeb29a21e7d6b18413bc4970882a740f
b18923e52113e8f3bc192baf1eb97dcf63c19a97b9405334b2c03974c48aec0c
GET /cookie-sync?p=criteo&uid=k-niohAsI5tursrE79o6AqdfB4COmxGojjQFbjkg HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 21:07:13 GMT
Content-Type: application/json
Content-Length: 408
Cache-Control: no-cache
X-TraceId: 1524fc50cdcd94a6c3c15daca83e1db6
connect.facebook.net/signals/config/1010965622276392?v=2.9.92&r=stable
200 OK 111 kB URL HTTP/2 connect.facebook.net/signals/config/1010965622276392?v=2.9.92&r=stable
IP
Size 111 kB (110627 bytes)
Hash 3499b2d6b50c6269610d47a61eaceead
456cb2ae5fd67031abcc273cf43a66f5e5405993
79504f3dbe6dd4aa2760196df63ebb37fe1032203bf2eb3d6cfaa1e4589a4d58
GET /signals/config/1010965622276392?v=2.9.92&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: XwpJHEE3R0iKExjiy4WBhuWKnTAxWJbDorcAek9MHpqTIIQA0kHL5qR5zoy/5ZvMiuqWOJ1iICxXqGAlwnJBRg==
priority: u=3,i
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 21:07:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 74be048cae4a81b12cbf7fc643928693
b7c2113780c088beb77f9f84e0226a1d6f7175fa
b28d19a792836850ec81eddd1f8c1d22122b1f454977ba5b3e65ef4b2c25fb5f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 21:07:13 GMT
Last-Modified: Mon, 30 Jan 2023 20:00:50 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HjF4AJIYMWeWXl6wWU-4d6l41jCNN1fjefTKg0JoE4cimKrvaRI8_A==
Age: 3983
sync-criteo.ads.yieldmo.com/sync?id=k-NwZkccI5tursrE79o6AqdfB4COkkdzLfhTCVJg&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-NwZkccI5tursrE79o6AqdfB4COkkdzLfhTCVJg&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-NwZkccI5tursrE79o6AqdfB4COkkdzLfhTCVJg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:14 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gb466bdaccfaa7eafcbc%7C1675112834002%7C0%7C; Domain=.yieldmo.com; Expires=Tue, 30-Jan-2024 21:07:14 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-NwZkccI5tursrE79o6AqdfB4COkkdzLfhTCVJg; Domain=ads.yieldmo.com; Expires=Tue, 30-Jan-2024 21:07:14 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 21:07:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=362374,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791d2d0a3869b4f1-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 571578fe8105fb9db1d98412455228cd
06ffedbca8683a0bb6fb9ba9c034d390fe7badfe
76470b9660bda8693c9180aefc7168be548dfc6f392dc9f03e0dcedc64621ba7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 21:07:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 15:11:55 GMT
Expires: Sat, 04 Feb 2023 15:11:54 GMT
Etag: "06ffedbca8683a0bb6fb9ba9c034d390fe7badfe"
Cache-Control: max-age=410079,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791d2d0b9c250b45-OSL
x.bidswitch.net/sync?dsp_id=46&user_id=k-BeTGq8I5tursrE79o6AqdfB4COlU3DFhyz50Jw&expires=30
204 No Content 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-BeTGq8I5tursrE79o6AqdfB4COlU3DFhyz50Jw&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-BeTGq8I5tursrE79o6AqdfB4COlU3DFhyz50Jw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 21:07:14 GMT
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 954ddfa155b1b28103c20d8e6d90a95c
831cec47e90aaff02a1df6379478029c5b5d0608
890eb42f42bb6250ae79b37a5ec3c3b69e5011ce4c680327e55ca89e20f2b57d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6153
Cache-Control: max-age=146184
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 21:07:14 GMT
Etag: "63d7b181-1d7"
Expires: Wed, 01 Feb 2023 13:43:38 GMT
Last-Modified: Mon, 30 Jan 2023 12:01:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-QUMY08I5tursrE79o6AqdfB4COnWeac9LbZn3Q
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-QUMY08I5tursrE79o6AqdfB4COnWeac9LbZn3Q
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-QUMY08I5tursrE79o6AqdfB4COnWeac9LbZn3Q HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=2f8211676b54a7fb6fef6a0f874876a3; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 21:07:13 GMT
content-length: 49
x-envoy-upstream-service-time: 5
server: ayl-lb-fra02
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 21:07:14 GMT
set-cookie: _kuid_=PWayEO_1; Expires=Sat, 29-Jul-23 21:07:14 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n018-dub-prod.krxd.net
x-request-time: D=29 t=1675112834
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 30 Jan 2023 21:07:13 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 590515
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
d.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 237950
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.kooding.com
access-control-allow-credentials: true
date: Mon, 30 Jan 2023 21:07:13 GMT
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 97fc34a433b7a241f37b9f80d2ae0b30
369b76a05459f879c94abaca09be8d5dee60f5f9
87be0c951bf653d47d4bd607654f74633301b7a9b9294de020858407795cf946
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "87BE0C951BF653D47D4BD607654F74633301B7A9B9294DE020858407795CF946"
Last-Modified: Mon, 30 Jan 2023 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3002
Expires: Mon, 30 Jan 2023 21:57:16 GMT
Date: Mon, 30 Jan 2023 21:07:14 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:14 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 1233c870-a0e2-11ed-bc7a-0000ac17006c
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
d.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 81582
Origin: https://www.kooding.com
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://www.kooding.com
access-control-allow-credentials: true
date: Mon, 30 Jan 2023 21:07:15 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABaoZCqUulmnfZOXx6XTLSUMS5Mie6u0OfkqozmBzCf3Qjzf-fbRA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:32 GMT
age: 83564
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/popup.js?v=1.1
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/popup.js?v=1.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/popup.js?v=1.1 HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 12 Dec 2022 18:04:20 GMT
last-modified: Fri, 12 Mar 2021 22:06:54 GMT
etag: W/"604be5fe-1fd1"
expires: Tue, 12 Dec 2023 18:04:20 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0oyUHYSb5ActvJGElG7E9SHpzcgN6jeXJ24H8fLvAHATBqmOhghiZg==
age: 4244569
X-Firefox-Spdy: h2
cdn-images.kooding.com/bannerItem/desktop/1090/1867bd3da21b1e14cb8fc3e060844528b6667958.jpg
200 OK 0 B URL HTTP/2 cdn-images.kooding.com/bannerItem/desktop/1090/1867bd3da21b1e14cb8fc3e060844528b6667958.jpg
IP
GET /bannerItem/desktop/1090/1867bd3da21b1e14cb8fc3e060844528b6667958.jpg HTTP/1.1
Host: cdn-images.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 27 Jan 2023 07:18:40 GMT
cache-control: public
pragma: public
expires: Sat, 27 Jan 2024 07:18:40 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N0N6WwzQG2rHQc0HHFe6E8cnbe5TcHhx2UF_0xAJ6Slb8rYDc1jJ1g==
age: 308909
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:13 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 1080816
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/minified/jquery-3.5.1.min.js
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/minified/jquery-3.5.1.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/jquery-3.5.1.min.js HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 19 May 2022 02:58:31 GMT
last-modified: Sat, 09 May 2020 08:42:49 GMT
etag: W/"5eb66d09-15d84"
expires: Fri, 19 May 2023 02:58:31 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: csZUO9yqk07CKdLfkEfB4CRBotANPMurY8ebbPc2dq0l_P7aF2XDFw==
age: 22183717
X-Firefox-Spdy: h2
cdn-static.kooding.com/css/compressed/style.css?v=1.4.10
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/css/compressed/style.css?v=1.4.10
IP
GET /css/compressed/style.css?v=1.4.10 HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Tue, 27 Dec 2022 23:50:29 GMT
last-modified: Tue, 27 Dec 2022 23:50:26 GMT
etag: W/"63ab84c2-ab3ba"
expires: Wed, 27 Dec 2023 23:50:29 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oCToRlEqcMCEfQHqCrWiwE50yZt225ZzhO4m51lEN5o1CS_tpG64Rg==
age: 2927800
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/minified/swiper.min.js?v=5.4.5
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/minified/swiper.min.js?v=5.4.5
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/swiper.min.js?v=5.4.5 HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 29 May 2022 00:59:06 GMT
last-modified: Mon, 14 Sep 2020 08:16:11 GMT
etag: W/"5f5f26cb-22681"
expires: Mon, 29 May 2023 00:59:06 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4ADoqn37Ad5Vbpu3nbEon_rt049PKbfA3wRoYAcLg2jSXebeVGTcCg==
age: 21326883
X-Firefox-Spdy: h2
acsbapp.com/apps/app/dist/js/app.js
200 OK 0 B URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:10 GMT
content-type: application/x-javascript
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 21:07:10 GMT
last-modified: Thu, 26 Jan 2023 13:36:03 GMT
etag: W/"6bcef-63d281c3-678819b673a2fdb4;;;"
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
cf-ray: 791d2cf57abfb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
assets.reviews.io/iconfont/reviewsio-icons/style.css?_t=2022122723
200 OK 0 B URL HTTP/2 assets.reviews.io/iconfont/reviewsio-icons/style.css?_t=2022122723
IP
GET /iconfont/reviewsio-icons/style.css?_t=2022122723 HTTP/1.1
Host: assets.reviews.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:09 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7633
access-control-allow-origin: *
etag: W/"63cfc985-1dd1"
last-modified: Tue, 24 Jan 2023 12:05:25 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 432997
vary: Accept-Encoding
server: cloudflare
cf-ray: 791d2cef6b070b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/minified/jquery-ui-touch.min.js
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/minified/jquery-ui-touch.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/jquery-ui-touch.min.js HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 11 Nov 2022 02:00:47 GMT
last-modified: Thu, 18 Jul 2019 19:53:02 GMT
etag: W/"5d30ce1e-50b"
expires: Sat, 11 Nov 2023 02:00:47 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9JP-1HRORuowDk4R4Tk4YkARcPLlO58h1Zs3wt6QK8s2TvdGYynnGg==
age: 6980782
X-Firefox-Spdy: h2
cdn-images.kooding.com/bannerItem/desktop/1082/f18483f41296a2f637b31c14446ca289dd2e2223.jpg
200 OK 0 B URL HTTP/2 cdn-images.kooding.com/bannerItem/desktop/1082/f18483f41296a2f637b31c14446ca289dd2e2223.jpg
IP
GET /bannerItem/desktop/1082/f18483f41296a2f637b31c14446ca289dd2e2223.jpg HTTP/1.1
Host: cdn-images.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 03 Jan 2023 05:52:45 GMT
cache-control: public
pragma: public
expires: Wed, 03 Jan 2024 05:52:45 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7upVA7CRddSxAkbAxXjpI6TWxpmVMCvzbnic68Kae1l2oL4fZHQcCw==
age: 2387664
X-Firefox-Spdy: h2
cdn-images.kooding.com/bannerItem/desktop/1008/535f59a17017ff51bd333d792fed820fcaf694f6.jpg
200 OK 0 B URL HTTP/2 cdn-images.kooding.com/bannerItem/desktop/1008/535f59a17017ff51bd333d792fed820fcaf694f6.jpg
IP
GET /bannerItem/desktop/1008/535f59a17017ff51bd333d792fed820fcaf694f6.jpg HTTP/1.1
Host: cdn-images.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Wed, 18 Jan 2023 14:18:45 GMT
cache-control: public
pragma: public
expires: Thu, 18 Jan 2024 14:18:45 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HHMu20DrBTyreCHFKnuhSOmAH8GmloLcBj25YRrMe_Zj6mgNl-bFDw==
age: 1061304
X-Firefox-Spdy: h2
cdn-images.kooding.com/bannerItem/desktop/750/6e3ded41184b142fb2dd3a8eb1a679d2e25f6d78.jpeg
200 OK 0 B URL HTTP/2 cdn-images.kooding.com/bannerItem/desktop/750/6e3ded41184b142fb2dd3a8eb1a679d2e25f6d78.jpeg
IP
Analyzer Verdict Alert fortinet Phishing
GET /bannerItem/desktop/750/6e3ded41184b142fb2dd3a8eb1a679d2e25f6d78.jpeg HTTP/1.1
Host: cdn-images.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Wed, 25 Jan 2023 02:47:32 GMT
cache-control: public
pragma: public
expires: Thu, 25 Jan 2024 02:47:32 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HxkFEof0RyauEf2Cs52cTYoStKgfwj6Qi4KMVNqfDqLe3C2fcfli8Q==
age: 497977
X-Firefox-Spdy: h2
cdn-images.kooding.com/bannerItem/desktop/1084/c4205d5d9047c1084601646426cea3e161961c8d.jpg
200 OK 0 B URL HTTP/2 cdn-images.kooding.com/bannerItem/desktop/1084/c4205d5d9047c1084601646426cea3e161961c8d.jpg
IP
GET /bannerItem/desktop/1084/c4205d5d9047c1084601646426cea3e161961c8d.jpg HTTP/1.1
Host: cdn-images.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Thu, 19 Jan 2023 14:00:58 GMT
cache-control: public
pragma: public
expires: Fri, 19 Jan 2024 14:00:58 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vOusGPA4Q6-y6lCgQMJBklpknq2MtJnSbj36beDrb5xvf-Ba84-N6A==
age: 975970
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 21:07:11 GMT
content-type: text/javascript
last-modified: Mon, 02 Jan 2023 16:36:54 GMT
etag: W/"63b30826-aae4"
expires: Tue, 31 Jan 2023 21:07:11 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=40607&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=YgvAc194ZkZNYkRjRmFZMHhiYXlRT1RzU3NQWUNpSlhzWW5OczE4RUhMeVcxQnpDblAwTGtWQW1ORUh1Q0dWOHk1R3N0QW1Pa1RINDdUellORHRBVklrTDhBcCUyQndyTmk0SzBnTlNTcWlsWXlHV0x0cnlGbWglMkJFOFlydFVtT0hJaHN0NjlDWkdhUERwOE16WmdEejF1JTJGR20lMkZOQSUzRCUzRA&tld=kooding.com&fu=https%253A%252F%252Fwww.kooding.com%252F&dtycbr=5445
200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=40607&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=YgvAc194ZkZNYkRjRmFZMHhiYXlRT1RzU3NQWUNpSlhzWW5OczE4RUhMeVcxQnpDblAwTGtWQW1ORUh1Q0dWOHk1R3N0QW1Pa1RINDdUellORHRBVklrTDhBcCUyQndyTmk0SzBnTlNTcWlsWXlHV0x0cnlGbWglMkJFOFlydFVtT0hJaHN0NjlDWkdhUERwOE16WmdEejF1JTJGR20lMkZOQSUzRCUzRA&tld=kooding.com&fu=https%253A%252F%252Fwww.kooding.com%252F&dtycbr=5445
IP
GET /event?a=40607&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=YgvAc194ZkZNYkRjRmFZMHhiYXlRT1RzU3NQWUNpSlhzWW5OczE4RUhMeVcxQnpDblAwTGtWQW1ORUh1Q0dWOHk1R3N0QW1Pa1RINDdUellORHRBVklrTDhBcCUyQndyTmk0SzBnTlNTcWlsWXlHV0x0cnlGbWglMkJFOFlydFVtT0hJaHN0NjlDWkdhUERwOE16WmdEejF1JTJGR20lMkZOQSUzRCUzRA&tld=kooding.com&fu=https%253A%252F%252Fwww.kooding.com%252F&dtycbr=5445 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kooding.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:12 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 25337136
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-IGKZ8MI5tursrE79o6AqdfB4COlY17C8Bl5o_g
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-IGKZ8MI5tursrE79o6AqdfB4COlY17C8Bl5o_g
IP
GET /sync?UICR=k-IGKZ8MI5tursrE79o6AqdfB4COlY17C8Bl5o_g HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:14 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
widget.reviews.io/carousel-inline-iframeless/dist.js?_t=2022122723
200 OK 0 B URL HTTP/2 widget.reviews.io/carousel-inline-iframeless/dist.js?_t=2022122723
IP
GET /carousel-inline-iframeless/dist.js?_t=2022122723 HTTP/1.1
Host: widget.reviews.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:09 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=7200
cf-bgj: minify
cf-polished: origSize=111852
access-control-allow-origin: *
etag: W/"1b4ec-JP3CUCH4vo6SVt4miPjZCmvRsNY"
vary: Accept-Encoding
x-amz-apigw-id: eWYrdF5GoAMFnhQ=
x-amzn-requestid: 7ac11015-b2a1-42d9-9661-3c6a935fee68
x-amzn-trace-id: Root=1-63b8d4af-1fa056c02fc7b359035e462e;Sampled=0
x-powered-by: Express
cf-cache-status: HIT
age: 26061
server: cloudflare
cf-ray: 791d2cef2aba0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
assets.reviews.io/css/widgets/carousel-widget.css?_t=2022122723
200 OK 0 B URL HTTP/2 assets.reviews.io/css/widgets/carousel-widget.css?_t=2022122723
IP
GET /css/widgets/carousel-widget.css?_t=2022122723 HTTP/1.1
Host: assets.reviews.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:09 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=184879
access-control-allow-origin: *
etag: W/"63cfc997-2d22f"
last-modified: Tue, 24 Jan 2023 12:05:43 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 432997
vary: Accept-Encoding
server: cloudflare
cf-ray: 791d2cef2ac20b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/minified/lazysizes.min.js
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/minified/lazysizes.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/lazysizes.min.js HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 27 May 2022 04:33:17 GMT
last-modified: Sat, 14 Dec 2019 02:17:56 GMT
etag: W/"5df44654-1c43"
expires: Sat, 27 May 2023 04:33:17 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ORZplqG2wv1qapPQx7F-NBjHjx9o0mr5OtwieOuDjZzHpJB373LJww==
age: 21486832
X-Firefox-Spdy: h2
cdn-images.kooding.com/bannerItem/desktop/1040/23f4cb7a8141872fd3a79c479329c4a963056c1e.jpg
200 OK 0 B URL HTTP/2 cdn-images.kooding.com/bannerItem/desktop/1040/23f4cb7a8141872fd3a79c479329c4a963056c1e.jpg
IP
GET /bannerItem/desktop/1040/23f4cb7a8141872fd3a79c479329c4a963056c1e.jpg HTTP/1.1
Host: cdn-images.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Fri, 02 Dec 2022 01:42:12 GMT
cache-control: public
pragma: public
expires: Sat, 02 Dec 2023 01:42:12 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: INr1ZTwkRY_dadAevzujxZdbK8PzWfKQYDtHk9iagmsCcpcdfaIP6g==
age: 5167497
X-Firefox-Spdy: h2
www.clarity.ms/tag/cru20r60zl
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/cru20r60zl
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/cru20r60zl HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=4fa13d87ac6842d6862b3f098361de65.20230130.20240130; expires=Tue, 30 Jan 2024 21:07:11 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 0fzHYYwAAAADfF13yHqr1Ro+4k7ZCeL5XQ1BIMzBFREdFMDQxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 30 Jan 2023 21:07:11 GMT
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-LlBsE8I5tursrE79o6AqdfB4COmpscHuzLwExA
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-LlBsE8I5tursrE79o6AqdfB4COmpscHuzLwExA
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-LlBsE8I5tursrE79o6AqdfB4COmpscHuzLwExA HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 21:07:13 GMT
x-fastly-to-nlb-rtt: 23355
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_error=3
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_error=3
IP
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FLaOmMI5tursrE79o6AqdfB4COnCalnmiXSzRg&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 21:07:13 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 212647
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/minified/clipboard.min.js?v=1.7.1
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/minified/clipboard.min.js?v=1.7.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/clipboard.min.js?v=1.7.1 HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 30 May 2022 08:10:51 GMT
last-modified: Sat, 20 Jun 2020 17:49:35 GMT
etag: W/"5eee4c2f-2aa5"
expires: Tue, 30 May 2023 08:10:51 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SKADGzlXfajnTlwHCEMz4NGnyZ1Iijvt_eqNBljV2sV3yYefheqfuw==
age: 21214578
X-Firefox-Spdy: h2
cdn-images.kooding.com/bannerItem/desktop/1083/1f96be5c9574e6a372a7e18565ae4f53ce5b2245.jpg
200 OK 0 B URL HTTP/2 cdn-images.kooding.com/bannerItem/desktop/1083/1f96be5c9574e6a372a7e18565ae4f53ce5b2245.jpg
IP
GET /bannerItem/desktop/1083/1f96be5c9574e6a372a7e18565ae4f53ce5b2245.jpg HTTP/1.1
Host: cdn-images.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 03 Jan 2023 05:52:45 GMT
cache-control: public
pragma: public
expires: Wed, 03 Jan 2024 05:52:45 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JYt88YxmqolxmE2MIZRRBfZ_xvgSHQbCHq2fvZXVsoOAFN8OeLjoWA==
age: 2387664
X-Firefox-Spdy: h2
www.clarity.ms/eus/s/0.7.1/clarity.js
200 OK 0 B URL HTTP/2 www.clarity.ms/eus/s/0.7.1/clarity.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d933d16af8439e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-azure-ref-originshield: 0b8rXYwAAAACXKaxCtf+qTpdydoK8z4WCRlJBMjMxMDUwNDE4MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0fzHYYwAAAACcyw6Epum8SJN39C+iWyr4Q1BIMzBFREdFMDQxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 30 Jan 2023 21:07:11 GMT
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/minified/jquery.hoverIntent.min.js?v=1
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/minified/jquery.hoverIntent.min.js?v=1
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/jquery.hoverIntent.min.js?v=1 HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 05 Sep 2022 00:38:20 GMT
last-modified: Sat, 09 May 2020 08:42:49 GMT
etag: W/"5eb66d09-913"
expires: Tue, 05 Sep 2023 00:38:20 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7QjCJJ4psYlNj4uKwFzu3UAK1wD7WmDgEeiH_BjDm_YuXfLBJgd4_A==
age: 12774528
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/minified/scrolldir.min.js
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/minified/scrolldir.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/scrolldir.min.js HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 25 May 2022 02:34:48 GMT
last-modified: Thu, 18 Jul 2019 19:53:02 GMT
etag: W/"5d30ce1e-3d5"
expires: Thu, 25 May 2023 02:34:48 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2f9ndI-pQv9vilWAKJsiFCFo83jKnHNrUtnj3dvTbQ4Si9qDJqi5ow==
age: 21666741
X-Firefox-Spdy: h2
cdn-static.kooding.com/js/minified/jquery.overlayScrollbars.min.js?v=1
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/js/minified/jquery.overlayScrollbars.min.js?v=1
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/minified/jquery.overlayScrollbars.min.js?v=1 HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 30 Aug 2022 06:01:25 GMT
last-modified: Wed, 08 Apr 2020 04:52:22 GMT
etag: W/"5e8d5886-a584"
expires: Wed, 30 Aug 2023 06:01:25 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MMIa3AHdkavLtbi9dikWNhNcKlQgO6XKeOGXugqxZBJjooBWXEaAdQ==
age: 13273544
X-Firefox-Spdy: h2
cdn-static.kooding.com/css/compressed/OverlayScrollbars.min.css?v=2
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/css/compressed/OverlayScrollbars.min.css?v=2
IP
Analyzer Verdict Alert fortinet Phishing
GET /css/compressed/OverlayScrollbars.min.css?v=2 HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Tue, 27 Dec 2022 23:51:42 GMT
last-modified: Tue, 08 Nov 2022 02:20:16 GMT
etag: W/"6369bce0-57e3"
expires: Wed, 27 Dec 2023 23:51:42 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6RCJSWgI32IhRAR3ChwXS8HK_QNkcP_09D-ESz4iHevp1Ml1x8xcWg==
age: 2927727
X-Firefox-Spdy: h2
cdn-images.kooding.com/bannerItem/desktop/739/bb1ae6482853a4874b879d1f348441ccf150724d.jpeg
200 OK 0 B URL HTTP/2 cdn-images.kooding.com/bannerItem/desktop/739/bb1ae6482853a4874b879d1f348441ccf150724d.jpeg
IP
Analyzer Verdict Alert fortinet Phishing
GET /bannerItem/desktop/739/bb1ae6482853a4874b879d1f348441ccf150724d.jpeg HTTP/1.1
Host: cdn-images.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kooding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Tue, 24 Jan 2023 06:41:56 GMT
cache-control: public
pragma: public
expires: Wed, 24 Jan 2024 06:41:56 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com https://*.reviews.io; img-src https: data:; frame-src https: data:;
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eseGU_HXMRAzzwLdKSJO7Bzh6eRFaxeA-32iV3lmQ6GBPk-mHmYZ9w==
age: 570313
X-Firefox-Spdy: h2
cdn-static.kooding.com/images/4x3/no.svg
200 OK 0 B URL HTTP/2 cdn-static.kooding.com/images/4x3/no.svg
IP
Analyzer Verdict Alert fortinet Phishing
GET /images/4x3/no.svg HTTP/1.1
Host: cdn-static.kooding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-static.kooding.com/css/compressed/flag-icon.min.css
Cookie: candid_userid=b95fd917-3760-48fe-81d6-080db62f9e26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 23 May 2022 14:52:40 GMT
last-modified: Thu, 18 Jul 2019 19:53:02 GMT
etag: W/"5d30ce1e-141"
expires: Tue, 23 May 2023 14:52:40 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://localhost:8080 https://api.kooding.com https://prod.kooding.com https://lpfirw.kooding.com https://cdn.kooding.com https://cdn-static.kooding.com https://cdn-images.kooding.com https://*.google.com https://www.google.co.kr https://www.google-analytics.com https://www.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.doubleclick.net https://www.googleadservices.com https://*.ggpht.com https://www.recaptcha.net https://*.paypal.com https://www.paypalobjects.com https://*.braintreegateway.com https://*.braintree-api.com https://*.criteo.net https://*.criteo.com https://sync-criteo.teads.tv https://*.adnxs.com https://*.taboola.com https://*.yieldmo.com https://*.outbrain.com https://statics.a8.net https://px.a8.net https://*.im-apps.net https://www.facebook.com https://connect.facebook.net https://scontent.xx.fbcdn.net https://*.microsoft.com https://*.clarity.ms https://*.bing.com https://s.yimg.com https://sp.analytics.yahoo.com https://ads.yahoo.com https://ups.analytics.yahoo.com https://api.getcandid.com https://analytics.candid.io https://content-getcandid.netdna-ssl.com https://assets.imgix.net https://candid.azureedge.net https://cdn-images.mailchimp.com https://in.hotjar.com https://static.hotjar.com https://script.hotjar.com https://vars.hotjar.com https://vc.hotjar.io https://maxcdn.bootstrapcdn.com https://www.youtube.com https://img.youtube.com https://i.vimeocdn.com https://player.vimeo.com https://www.shareasale.com https://shareasale-analytics.com https://www.shareasale-analytics.com https://*.afterpay.com https://x.bidswitch.net https://api.amplitude.com https://s3-us-west-2.amazonaws.com/afterpayus-integrations/javascript/modal/kooding.html https://s.pinimg.com https://*.pinterest.com https://*.attn.tv https://*.attentivemobile.com https://insight.adsrvr.org https://s.ad.smaato.net https://acsbapp.com https://*.acsbapp.com https://*.accessibe.com https://*.advertising.com https://*.pubmatic.com https://*.hotjar.com wss://*.hotjar.com; img-src https: data:; frame-src https: data:;
cache-control: max-age=31536000, public
pragma: public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lbYvdDqyT0A4ViTjeI5SbqtTlQpQYHTLBxcBFe8m5BxKL8WivLnxsw==
age: 21795270
X-Firefox-Spdy: h2
54.202.88.251
23.43.133.70
157.240.205.35
18.156.126.247
213.19.162.80
141.226.228.48
178.250.0.157
95.101.11.115
52.31.4.222
104.22.0.204