r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13910
Expires: Sat, 26 Nov 2022 17:07:26 GMT
Date: Sat, 26 Nov 2022 13:15:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2719
Cache-Control: max-age=165651
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:36 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:16:27 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 12:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3383
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8063
Expires: Sat, 26 Nov 2022 15:29:59 GMT
Date: Sat, 26 Nov 2022 13:15:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qwZSw2XBZdmS/siXtZkY535D7l/fOlfUVM91kAuJu+4tj2MKUND4FxoXSTVgOdD2p5TGD5i6TzE=
x-amz-request-id: D7CV976E50A3D382
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 12:41:12 GMT
age: 2064
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:15:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 13:08:54 GMT
cache-control: public,max-age=3600
age: 402
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
amazonwmsamzn.servepics.com/cl/41349_md/4/9180/5519/332/28647
185.83.144.167302 Found 163 B URL HTTP/1.1 amazonwmsamzn.servepics.com/cl/41349_md/4/9180/5519/332/28647
IP 185.83.144.167:0
ASN #51559 Netinternet Bilisim Teknolojileri AS
File type HTML document, ASCII text, with no line terminators
Hash 12f9b624d99d45656640c5f0fec799a5
749b1d1cadf459042f7d93d33f69ce74be9ab7a1
fa2359745066ef5d6e2a823ef0952ebcab8353c162150d8d5084b01434e03183
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /cl/41349_md/4/9180/5519/332/28647 HTTP/1.1
Host: amazonwmsamzn.servepics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 26 Nov 2022 13:15:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33
Location: https://trkt.dotmediadgtl.com/aff_c?offer_id=1058&aff_id=1060&aff_sub1=4&aff_sub2=19&aff_sub3=332_28647_715050_md
Content-Length: 163
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6100
Cache-Control: max-age=163974
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:37 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:48:31 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 0bda4f3a3fef3c021b3d7a0595dff06f
4ed7484b1d66057697da7de858370b550871e729
c3e43d6107b1e0fc4736db51969ec4fc6fd967670b4b379d8391e6804dd1d7e0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101340
Date: Sat, 26 Nov 2022 13:15:37 GMT
Etag: "6380e6a4-1d7"
Expires: Sun, 27 Nov 2022 17:24:37 GMT
Last-Modified: Fri, 25 Nov 2022 16:00:36 GMT
Server: ECS (dcb/7F3B)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xn5dUfmqDLf6NP7Kagesu_Ggvat0hHmenUz_HEAN7kA1qwS4ZPbw9A==
Age: 5041
trkt.dotmediadgtl.com/aff_c?offer_id=1058&aff_id=1060&aff_sub1=4&aff_sub2=19&aff_sub3=332_28647_715050_md
54.77.58.216302 Found 302 B URL HTTP/1.1 trkt.dotmediadgtl.com/aff_c?offer_id=1058&aff_id=1060&aff_sub1=4&aff_sub2=19&aff_sub3=332_28647_715050_md
IP 54.77.58.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d39da0ddc9728a9fae77211c5d5055c7
69f95769db4405894e79099a6847ea114a29cc24
51e070e17fd2e5acae90b09f7d3a76de5e5a39564b0e051b1dbb5cae6fd8db7b
GET /aff_c?offer_id=1058&aff_id=1060&aff_sub1=4&aff_sub2=19&aff_sub3=332_28647_715050_md HTTP/1.1
Host: trkt.dotmediadgtl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 26 Nov 2022 13:15:37 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 302
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://tr.affaz1.com/343e704a-6c31-4d70-bac0-f51fd3f57be0?erp=&subid=4&clickid=102123a2d98c9851902fce3dda9eb7
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_1058=ENC03d1c81ff506236adddf9196f05641244697f85ec8e669b65044a34375d0052e693ed9896469fae5e016bbb33873158bcc3e0d7a9089917f5ec4116798dc36dcf0086b28bfc92fd2483ac2cb27d15014c86dfe57a00ba1980ef8c7d9fc96bfabf2cbb8f0f9d6851a62ffec722b126024de878575cdc6f07446ce37bb4d1f19acfa1e75fb80; expires=Mon, 26 Dec 2022 13:15:37 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Mon, 20 Oct 2025 23:55:37 GMT; path=/; SameSite=None; Secure
Tracking_id: 102123a2d98c9851902fce3dda9eb7
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 2739ca82ed75f4d615f80a39390be78d
Access-Control-Allow-Headers: Tune-SDK-Version
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C/wmTDWw6Hrh6qFgPGwFuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /+eZ9wY5zxBgLupv3nvMZOlfvDI=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9a3f99fb17ddf19a6b4cd4a7faac0d36
66ac086d7f48d2fc41ca40d1460f998b7980db7b
bc24880cb3aad5b5ca5be54e9b7c5b869c0c6ce85969942a3966dc084e3c8d3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5940
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:38 GMT
Last-Modified: Sat, 26 Nov 2022 11:36:39 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 800 B IP 93.184.220.29:0
Hash 17c48d068d3a88afc58668631131cf03
f2596ab9f82236a326ce2dbe95598319308bee57
bf8e074c5a948e2bf28d4445e0f78571a45f1dc6592664653a34b6807142cfd8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:38 GMT
Last-Modified: Sat, 26 Nov 2022 11:34:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 3.8 kB IP 93.184.220.29:0
Hash 0a5be92f16da29da97d1236dc6b46eb8
ed52fcd20c444da957e0fc6c0308dcb0989d0a9f
54a2ef866cd3c8ed17bb97e127f39560c9fce1117851462e8ac620cbaf5e59ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5940
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:38 GMT
Last-Modified: Sat, 26 Nov 2022 11:36:39 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 2.4 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 527b5107243b8915e210d3976cb6a313
da307a5f937ce1b8393cdc474e13c9a88cb2b693
1ce4511b08800519292adeed39ec8cb2f68c5eac060c0c3a98b78f7688955ca1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F716021B1378A39CCB4A447E07FDB28F2933A24B59000E8F08E0915EBF7A4CF"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17205
Expires: Sat, 26 Nov 2022 18:02:23 GMT
Date: Sat, 26 Nov 2022 13:15:38 GMT
Connection: keep-alive
gifzentrale.com/gifs/pfeile/pfeile00476.gif
89.107.70.188200 OK 1.4 kB URL HTTP/1.1 gifzentrale.com/gifs/pfeile/pfeile00476.gif
IP 89.107.70.188:0
File type GIF image data, version 89a, 60 x 20\012- data
Hash f1db3ceb15c8b3a4d0b9f947946222ba
ec25f73001d75c299882abab3f314baa64575c80
4e112845dc03a1e37db6cae28f7db79b11baf9c9803120debfbec5e768bf0925
GET /gifs/pfeile/pfeile00476.gif HTTP/1.1
Host: gifzentrale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 13:15:38 GMT
Content-Type: image/gif
Content-Length: 1375
Last-Modified: Fri, 23 Sep 2022 10:05:08 GMT
Connection: keep-alive
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 13:15:38 GMT
ETag: "632d84d4-55f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 18825ba32bf4bd45d6e2955d6a024d82
83cdd92e696dc4c7850be7618465cf5aa3bb223d
d3294231ff56345ec58a59eacf15b7ffc555d6bd358104c80d14d54867d25b70
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:38 GMT
Last-Modified: Sat, 26 Nov 2022 11:34:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 83cd94ec0579ea37bc7a36e4eadbb091
ddacc7864a773c7440f6235c7aee70ded6579ce1
8f9e3d4fbc26686175f4c560ed23aa3d5a6a14ed01139f6f7cdaf9d542307b3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4611
Cache-Control: max-age=153510
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:38 GMT
Etag: "6381b41d-117"
Expires: Mon, 28 Nov 2022 07:54:08 GMT
Last-Modified: Sat, 26 Nov 2022 06:37:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash edb0e551e51a36b2d7049a259075c44c
842a87c050a7db9ca41afced01580390a2bb5a67
bd7efa2f6ef4541aabff3d4cc84fe105c9a9a3f0ef35b48b9d9ac10a91320f44
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4945
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:38 GMT
Last-Modified: Sat, 26 Nov 2022 11:53:13 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16786
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 13:15:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16786
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 13:15:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16786
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 13:15:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16786
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 13:15:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16786
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 13:15:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 55772
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 55618
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 53863
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 33600
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f860248042a8499ffb1701a880b2ba
845842c789e6e97fd1687e668d446bbb8309ffc7
9eca5258c7b6e4e145ca6576a3f3791f1324714404ffd7a56a61961f81e7bd44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TpEr70sCNigNhVg7rDFIUG12AVpzC0BUW6-xW3QTvjLcBUrpehjJbQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 55772
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 52919
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 537295b5c53dc28f543646edc80ee864
2332c81e46f50b3b3c8d2d4c9b150925d60e884a
a0e75c4d23385b6b689acbcb8fa379659530d7988caab6893706fd4a1a31ef1a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6309
Cache-Control: max-age=109130
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Etag: "63810022-117"
Expires: Sun, 27 Nov 2022 19:34:29 GMT
Last-Modified: Fri, 25 Nov 2022 17:49:22 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.hscollectedforms.net/collectedforms.js
104.17.129.171200 OK 120 kB URL HTTP/2 js.hscollectedforms.net/collectedforms.js
IP 104.17.129.171:0
File type Unicode text, UTF-8 text, with very long lines (65392), with no line terminators
Size 120 kB (119852 bytes)
Hash f6f6e0f3911995fa55c7729643d8d57a
c2a64191c68baddf3adeb3f8f18bc6a4fb27e8de
1ea3654370e9a0f438e4f6de15eaa699db60cb1cd8890d03037813991e3ec703
GET /collectedforms.js HTTP/1.1
Host: js.hscollectedforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://forschung.vitalisium.com
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Nov 2022 03:41:33 UTC
etag: W/"59a69a76233d8365d7266548d5703c09"
x-amz-server-side-encryption: AES256
x-amz-version-id: _5EZs_H26Fc6JgVRh7ahoi0orqifRkcW
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 55545918b0c914bb8f5282930649df4c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: KvPHQpy6Jl0rxfpd5daL0mOVm08Vg-Kf1PdKLY74PAlMJ4u2e9b0dA==
cache-control: s-maxage=600, max-age=300
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.311/bundles/project.js&cfRay=76faa854c9310b02-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.311/bundles/project.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7702e4de6efeb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 537295b5c53dc28f543646edc80ee864
2332c81e46f50b3b3c8d2d4c9b150925d60e884a
a0e75c4d23385b6b689acbcb8fa379659530d7988caab6893706fd4a1a31ef1a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6309
Cache-Control: max-age=109130
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Etag: "63810022-117"
Expires: Sun, 27 Nov 2022 19:34:29 GMT
Last-Modified: Fri, 25 Nov 2022 17:49:22 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
js.hs-banner.com/7111995.js
172.64.154.85200 OK 48 kB URL HTTP/2 js.hs-banner.com/7111995.js
IP 172.64.154.85:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (60033)
Hash ebcf8171e5eff20188d5346b8b859814
7e4b8f25d3f8ce8755aefdc09bf9857f322a2bff
7a375cb6ddde20a58648d5d35116e6017024f72957d0190d7c8a013331f85d68
GET /7111995.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:38 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: vNsc2OP96HyBxdnySLZ0Mlm95EnIYR9R4+HdX7v+I4kQKBpxyVhzMpJRtBvg8q+SSGTlEHMtcP8=
x-amz-request-id: 7M7GXGGRAXTYT53X
last-modified: Tue, 25 Oct 2022 21:06:43 GMT
etag: W/"bd057112e89b63a9c53ec74f40794892"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: DnrtZ2D2PSJWqFzRMN5LJuDz7OHPUnKm
access-control-allow-origin: https://www.vitalisium.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Sat, 26 Nov 2022 13:20:38 GMT
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7702e4de9972b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hsleadflows.net/leadflows.js
104.17.230.204200 OK 166 kB URL HTTP/2 js.hsleadflows.net/leadflows.js
IP 104.17.230.204:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 166 kB (166012 bytes)
Hash a76dbec3acd15686746e623db67a947a
d7c2a50d05acdfe6cda234a3f8ab4114c0839855
ae8c341d0f1f248418879125d205f1b9afd02dbb56c188851ef4e28d98a3709a
GET /leadflows.js HTTP/1.1
Host: js.hsleadflows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://forschung.vitalisium.com
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:38 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 17 Nov 2022 02:20:30 UTC
etag: W/"74fae7dd863591ed0e85827bc178f500"
x-amz-server-side-encryption: AES256
x-amz-version-id: WdFozKBx4SUx.lzBGe8mkR8wgVUrEMev
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 0af050b863ec46156a524df4e5d86692.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4
x-amz-cf-id: gENKdKaK0rZ1aEwVbBXaBwHijyQjFDeAgBlOMqL3jyBLOTniuKps7g==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1120/bundle/main/lead-flows-release.js&cfRay=76f8b919a9ebbe3d-IAD
x-hs-target-asset: lead-flows-js/static-1.1120/bundle/main/lead-flows-release.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 86365
server: cloudflare
cf-ray: 7702e4de9b72b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Mon, 06 Nov 2023 03:07:36 GMT
date: Sat, 26 Nov 2022 13:15:39 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
consent.cookiebot.com/982c92cf-8eb7-4c4e-ba87-769d9bcfa561/cc.js?renew=false&referer=forschung.vitalisium.com&dnt=false&init=false
23.72.139.51200 OK 56 kB URL HTTP/2 consent.cookiebot.com/982c92cf-8eb7-4c4e-ba87-769d9bcfa561/cc.js?renew=false&referer=forschung.vitalisium.com&dnt=false&init=false
IP 23.72.139.51:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65499)
Hash 61f21915e88e22154474a4f13c80f12e
a85ed8f503be4cb6badb80561c735c8ed00a3bc5
0ff31cf7335012f674358310f42fceabe9809e687ab1067e0f6c437d4515b9fd
GET /982c92cf-8eb7-4c4e-ba87-769d9bcfa561/cc.js?renew=false&referer=forschung.vitalisium.com&dnt=false&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Sat, 26 Nov 2022 13:15:39 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 56208
date: Sat, 26 Nov 2022 13:15:39 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4cdc49f66c73ee1412b6e4eabe272239
01fdcdfc32eeabe0e1705a8794888fd1db31173f
b75a92f20fb55f6f24a06b2a2578fb736828017907b4e337c9a88fecf5729fa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B75A92F20FB55F6F24A06B2A2578FB736828017907B4E337C9A88FECF5729FA4"
Last-Modified: Thu, 24 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7074
Expires: Sat, 26 Nov 2022 15:13:33 GMT
Date: Sat, 26 Nov 2022 13:15:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fcd944cb9570567abf9e527f8e7b14c7
b1e5ba2503cca2018b7543bc70be3973e0b63cd6
9847e4aad5cb5aa44854efd5cd1ae51ecf4a656515b6a2b4b535562caa28b119
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9847E4AAD5CB5AA44854EFD5CD1AE51ECF4A656515B6A2B4B535562CAA28B119"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=249
Expires: Sat, 26 Nov 2022 13:19:48 GMT
Date: Sat, 26 Nov 2022 13:15:39 GMT
Connection: keep-alive
vl.vitalisium.com/d/.js?lpref=&lpurl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&lpt=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&vtm=1669468539332
18.192.249.87200 OK 1.1 kB URL HTTP/2 vl.vitalisium.com/d/.js?lpref=&lpurl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&lpt=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&vtm=1669468539332
IP 18.192.249.87:0
File type ASCII text, with very long lines (621)
Hash 739f863b4f95ac2b5ef12f50db32f092
91bd43daa43c16db5ed6c03cb61c8a7cb69b3a6c
b0040ebf8c182e000cf57204662d34c39553bb2eb09e8c48d4189cd5a204f77e
GET /d/.js?lpref=&lpurl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&lpt=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&vtm=1669468539332 HTTP/1.1
Host: vl.vitalisium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forschung.vitalisium.com/de-de/lp001-azorica-prf-vsl-pdeazoprf210908?utm_source=azorica&utm_medium=email&utm_campaign=pdeazopst210908&utm_content=prf005-vsl&clickid=wgld9ao9hu7obdok21ig843v
Connection: keep-alive
Cookie: _gcl_au=1.1.1802640712.1669468539; clickid=wgld9ao9hu7obdok21ig843v; utm_source=azorica; utm_medium=email; utm_content=prf005-vsl; utm_campaign=pdeazopst210908; product=prf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:15:39 GMT
content-type: application/javascript;charset=UTF-8
content-length: 1147
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
asset.azdmp.com/mt/zrc/mt.js?t=231871
145.239.193.53200 OK 1.4 kB URL HTTP/1.1 asset.azdmp.com/mt/zrc/mt.js?t=231871
IP 145.239.193.53:0
File type ASCII text, with very long lines (5986), with no line terminators
Hash fd4be0d3366143ce057b27a631b348e1
57a25ce37f5d19caf8c234a3b78b255c718e1ab5
e48c47e050d0cc9a76299a6a3b5552a5be447ef6e2e9811951e9c41e10aed3af
GET /mt/zrc/mt.js?t=231871 HTTP/1.1
Host: asset.azdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:39 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1431
Last-Modified: Tue, 15 Nov 2022 08:52:49 GMT
ETag: "63735361-597"
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
X-IPLB-Request-ID: 5B5A2A9A:C71F_91EFC135:01BB_6382117B_11634E5:195EA
X-IPLB-Instance: 25144
asset.azdmp.com/js/client.js?t=231871
145.239.193.53200 OK 4.2 kB URL HTTP/1.1 asset.azdmp.com/js/client.js?t=231871
IP 145.239.193.53:0
Hash f38264c24e265514eae2ec273681ea04
76cae13e927f92a7d8856c308fa039517736aa4c
f646b8e187c6727afb56711cded724e405ae33a56a76998c4eef392efe80e0cc
GET /js/client.js?t=231871 HTTP/1.1
Host: asset.azdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:39 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 4182
Last-Modified: Tue, 15 Nov 2022 08:52:49 GMT
ETag: "63735361-1056"
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
X-IPLB-Request-ID: 5B5A2A9A:C71F_91EFC135:01BB_6382117B_11634E8:195EA
X-IPLB-Instance: 25144
7111995.fs1.hubspotusercontent-na1.net/hubfs/7111995/DE_Archives/DE_VSLs/VSL%20Primaflex%20neu%20final.mp4/medium.jpg?t=0
104.18.33.40200 OK 76 kB URL HTTP/2 7111995.fs1.hubspotusercontent-na1.net/hubfs/7111995/DE_Archives/DE_VSLs/VSL%20Primaflex%20neu%20final.mp4/medium.jpg?t=0
IP 104.18.33.40:0
Hash 49f710b4e8cf0d850281a9f8f3e4de8e
ce0a06b06542a5b01bd07d48da23da55e9b484ff
13a7e01c4e791dda883ae9fecccb219e81fed0580715faadcf5e7bcdba1ec46e
GET /hubfs/7111995/DE_Archives/DE_VSLs/VSL%20Primaflex%20neu%20final.mp4/medium.jpg?t=0 HTTP/1.1
Host: 7111995.fs1.hubspotusercontent-na1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forschung.vitalisium.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:39 GMT
content-type: image/jpeg
content-length: 62249
cf-ray: 7702e4dd0a020b02-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: "1d5205d1658460cd5e56d4dc0bec3ecf"
last-modified: Mon, 04 Apr 2022 15:33:52 GMT
vary: Accept-Encoding
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
cf-cache-status: MISS
access-control-allow-methods: GET
cache-tag: F-46854203195,FD-45953783152,P-7111995,FLS-ALL
edge-cache-tag: F-46854203195,FD-45953783152,P-7111995,FLS-ALL
x-amz-cf-id: OFNYK3WvpdUMVZbe7cH3F9dMi7DnjmFRzPFarvkZfuxYm2GPc6-I7w==
x-amz-cf-pop: OSL50-C1
x-amz-id-2: XJ7dNXeRMlwNDwyh6o+cnYZRjI1wNhd24rXriqAQ56YP1EEa5qoJmsggVV69l5WYrRgSlFfU0bvIavZSqhkwIw==
x-amz-meta-cache-tag: F-46854203195,FD-45953783152,P-7111995,FLS-ALL
x-amz-meta-created-unix-time-millis: 1620669986245
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
x-amz-request-id: 3RQVFNG7EMN3RFHX
x-amz-server-side-encryption: AES256
x-amz-version-id: mG.nVJD7ug.jMA5uuBUJGO19_B.5A.2L
x-cache: RefreshHit from cloudfront
x-hs-alternate-content-type: text/plain
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-robots-tag: all
server: cloudflare
X-Firefox-Spdy: h2
asset.azdmp.com/client_iframe.html?t=231871
145.239.193.53200 OK 8.9 kB URL HTTP/1.1 asset.azdmp.com/client_iframe.html?t=231871
IP 145.239.193.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26268)
Hash 2847b453a9c33b8eeffb540c9ed65458
7d4046e43cb696c0a96e4e9806bd10f9c2fd624f
870d08f0cb1fdaa1044ca062d7fcc9234355f0549f1b387f1d684f9c76e85221
GET /client_iframe.html?t=231871 HTTP/1.1
Host: asset.azdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:39 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 15 Nov 2022 08:52:49 GMT
Transfer-Encoding: chunked
ETag: W/"63735361-6431"
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:C71F_91EFC135:01BB_6382117B_11634EF:195EA
X-IPLB-Instance: 25144
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a10ca6c7993ca71e1d86df15116b48e
ec8992df2d73ee3e2ad1759037f97c9ac9496c3b
12c0d6b39fe428d068150059c670f34073fffbe719ba3162a0e406d37550618f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12C0D6B39FE428D068150059C670F34073FFFBE719BA3162A0E406D37550618F"
Last-Modified: Thu, 24 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13140
Expires: Sat, 26 Nov 2022 16:54:39 GMT
Date: Sat, 26 Nov 2022 13:15:39 GMT
Connection: keep-alive
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sat, 26 Nov 2022 13:35:39 GMT
Date: Sat, 26 Nov 2022 13:15:39 GMT
Content-Length: 5276
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 407ca8387c360d434a53812c03688310
90e74fa4928adcf8ae410f2eea7956b6ae7f687b
5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4152
Cache-Control: max-age=148350
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Etag: "6381a1c1-1d7"
Expires: Mon, 28 Nov 2022 06:28:09 GMT
Last-Modified: Sat, 26 Nov 2022 05:18:57 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 12:41:08 GMT
expires: Sat, 26 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 2071
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
asset.easydmp.net/client_iframe.html?t=231871
145.239.193.53200 OK 9.5 kB URL HTTP/1.1 asset.easydmp.net/client_iframe.html?t=231871
IP 145.239.193.53:0
Hash 83fa08c70e4bcb5c0802e64ff24dffa5
d2a7d03dcbf973afdce162ad2694babd50c85295
600a2775bb228f51f517968b6b3fe359de739c8996c3469a61e5bb864bf16aca
GET /client_iframe.html?t=231871 HTTP/1.1
Host: asset.easydmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:39 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 15 Nov 2022 08:52:49 GMT
Transfer-Encoding: chunked
ETag: W/"63735361-6431"
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:BB79_91EFC135:01BB_6382117B_838C96:2F1F4
X-IPLB-Instance: 24040
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /BqEHWwVfQzjPFVy+69mI4TetPPDzwW0XoCgAxS7zrEX7+r7PFJaL0XJX3y9mX6crIKWRzHkZAXkNaDnHQCBsw==
content-length: 27340
x-fb-trip-id: 1904183273
date: Sat, 26 Nov 2022 13:15:39 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 13:15:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 407ca8387c360d434a53812c03688310
90e74fa4928adcf8ae410f2eea7956b6ae7f687b
5690f667c20ba6c6daf71668a7c02c6d50383b585521e6f3e7a0ddcf895358d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4152
Cache-Control: max-age=148350
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Etag: "6381a1c1-1d7"
Expires: Mon, 28 Nov 2022 06:28:09 GMT
Last-Modified: Sat, 26 Nov 2022 05:18:57 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&ct_cookie_present=1
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&ct_cookie_present=1
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 13:15:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 13:30:39 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hsappstatic.net/ui-fonts/static-1.269/fonts/AvenirNext-Regular.woff2
104.17.8.210200 OK 25 kB URL HTTP/2 static.hsappstatic.net/ui-fonts/static-1.269/fonts/AvenirNext-Regular.woff2
IP 104.17.8.210:0
File type Web Open Font Format (Version 2), TrueType, length 24592, version 2.6553\012- data
Hash 858e8ae6d87c456ccee6f55e11f62fa9
bfdb49678b2a8a23369d5bf7325a8779a0d0e6a9
6ba9d6b02724501fdf081e5cda09fb72d3c234a154b5ebedabfa393e7496b1f2
GET /ui-fonts/static-1.269/fonts/AvenirNext-Regular.woff2 HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://play.hubspotvideo.com
Connection: keep-alive
Referer: https://static.hsappstatic.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:40 GMT
content-type: application/font-woff2
content-length: 24592
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Nov 2022 13:55:33 GMT
etag: "858e8ae6d87c456ccee6f55e11f62fa9"
x-amz-server-side-encryption: AES256
x-amz-version-id: QOZgXmNjicK6w_ZBj8ZXp5D2DpGZ5O8L
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: _WR9Wf5YHtpjfMN8etFNapgZfJIvwscSZhEDosFuVa-w7l_b0pVMqw==
cf-cache-status: HIT
age: 412806
expires: Sun, 26 Nov 2023 13:15:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnWQRpDOIbOXxD%2BM0e1FyjIMVHdJcLCIJnY%2FbHaWNiNl3IvRbmSRgT70F68Ce252eUJofUIc%2Fl6%2Bq4RxpcWhBaLL61GBXcKSvClYIdATfmqnbUMOP1vn9pC6GLwwMXrqbNfOGytwhz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7702e4e718cab4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip//tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip//tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58087)
Hash 4760e872cf480fb90c3ec3cb9c3cbb3a
2abb493ab9eeae09ddcfd3f83d2ff88d5d3308e6
b0b74ea6188c73149afdd5aba467f626112394e6b2185f6795215170fe63058b
GET /libtrc/unip//tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: prcV8GjjW0YpFRN3qSYEenvBJzLYwQz3/naJb6/p//WqS1vCArOugVB384+F8najx+RXxnLS8lQ=
x-amz-request-id: 1JTAJ9ZJM8MY9WXG
x-amz-replication-status: COMPLETED
last-modified: Thu, 24 Nov 2022 10:43:34 GMT
etag: "4f4eeeca9f9fc91b0e9a06d505ec7afe"
x-amz-version-id: dB.O5IJ2nO2s090awRZt.T4A1wL8ZXUy
content-type: application/javascript; charset=utf-8
server: AmazonS3
fastly-restarts: 1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 13:15:40 GMT
via: 1.1 varnish
age: 151
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 559
x-timer: S1669468540.853605,VS0,VE195
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 15
content-length: 17625
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.hubspotvideo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Nov 2022 13:15:40 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1642
x-timer: S1669468540.187848,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/622901180/?random=1669468539259&cv=11&fst=1669468539259&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=UFb1CL-W87QDELzvgqkC&hn=www.google.com&frm=0&url=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&tiba=Die%20Geheimnisse%20schmerzfreier%20und%20flexibler%20Gelenke&value=0&bttype=purchase&auid=1802640712.1669468539&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forschung.vitalisium.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 13:15:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
asset.azdmp.com/etag.php
145.239.193.53200 OK 20 B IP 145.239.193.53:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /etag.php HTTP/1.1
Host: asset.azdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: only-if-cached
Connection: keep-alive
Referer: https://asset.azdmp.com/client_iframe.html?t=231871
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: private, max-age=31536000
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:C71F_91EFC135:01BB_6382117B_11634F3:195EA
X-IPLB-Instance: 25144
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d994d8771a7b630cfa6daf4adb569a66
91a19be3373318649c02a8cb5a8880089ffd197b
a56f8726b7a957ce829ba2e520177c37e5dc5994d2f7d34e37cbdcc4d196a38b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4077
Cache-Control: max-age=123809
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:15:40 GMT
Etag: "63814230-1d7"
Expires: Sun, 27 Nov 2022 23:39:09 GMT
Last-Modified: Fri, 25 Nov 2022 22:31:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
asset.easydmp.net/etag.php
145.239.193.53200 OK 20 B URL HTTP/1.1 asset.easydmp.net/etag.php
IP 145.239.193.53:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /etag.php HTTP/1.1
Host: asset.easydmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: only-if-cached
Connection: keep-alive
Referer: https://asset.easydmp.net/client_iframe.html?t=231871
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: private, max-age=31536000
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:BB79_91EFC135:01BB_6382117B_838C9D:2F1F4
X-IPLB-Instance: 24040
www.facebook.com/tr/?id=803155720313879&ev=PageView&dl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&rl=&if=false&ts=1669468540346&cd[content_category]=vsl&cd[content_name]=prf&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669468540345.234208876&it=1669468540022&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=803155720313879&ev=PageView&dl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&rl=&if=false&ts=1669468540346&cd[content_category]=vsl&cd[content_name]=prf&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669468540345.234208876&it=1669468540022&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=803155720313879&ev=PageView&dl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&rl=&if=false&ts=1669468540346&cd[content_category]=vsl&cd[content_name]=prf&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669468540345.234208876&it=1669468540022&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Nov 2022 13:15:40 GMT
X-Firefox-Spdy: h2
bam-cell.nr-data.net/1/f9d051f404?a=968236338&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1599&ck=0&ref=https://play.hubspotvideo.com/v/7111995/id/46854203211&be=795&fe=1469&dc=1314&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669468538613,%22n%22:0,%22f%22:0,%22dn%22:9,%22dne%22:13,%22c%22:14,%22s%22:17,%22ce%22:46,%22rq%22:46,%22rp%22:661,%22rpe%22:661,%22dl%22:688,%22di%22:1286,%22ds%22:1314,%22de%22:1315,%22dc%22:1468,%22l%22:1468,%22le%22:1470%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7111995,%22package%22:%22video-player-ui%22,%22packageVersion%22:%221.6840%22,%22template%22:%22player.html.js%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.8402%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/id/:videoId%22%7D&jsonp=NREUM.setToken
162.247.241.2200 OK 77 B URL HTTP/1.1 bam-cell.nr-data.net/1/f9d051f404?a=968236338&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1599&ck=0&ref=https://play.hubspotvideo.com/v/7111995/id/46854203211&be=795&fe=1469&dc=1314&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669468538613,%22n%22:0,%22f%22:0,%22dn%22:9,%22dne%22:13,%22c%22:14,%22s%22:17,%22ce%22:46,%22rq%22:46,%22rp%22:661,%22rpe%22:661,%22dl%22:688,%22di%22:1286,%22ds%22:1314,%22de%22:1315,%22dc%22:1468,%22l%22:1468,%22le%22:1470%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7111995,%22package%22:%22video-player-ui%22,%22packageVersion%22:%221.6840%22,%22template%22:%22player.html.js%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.8402%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/id/:videoId%22%7D&jsonp=NREUM.setToken
IP 162.247.241.2:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/f9d051f404?a=968236338&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1599&ck=0&ref=https://play.hubspotvideo.com/v/7111995/id/46854203211&be=795&fe=1469&dc=1314&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669468538613,%22n%22:0,%22f%22:0,%22dn%22:9,%22dne%22:13,%22c%22:14,%22s%22:17,%22ce%22:46,%22rq%22:46,%22rp%22:661,%22rpe%22:661,%22dl%22:688,%22di%22:1286,%22ds%22:1314,%22de%22:1315,%22dc%22:1468,%22l%22:1468,%22le%22:1470%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0%22,%22supportsPromiseRejectionEvent%22:true,%22cpuCores%22:16,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:7111995,%22package%22:%22video-player-ui%22,%22packageVersion%22:%221.6840%22,%22template%22:%22player.html.js%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22reactRhumbVersion%22:%221.8402%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/id/:videoId%22%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.hubspotvideo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:40 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7702e4e8fed1b4f1-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zp9%2FceVNTbj0fr0JG0Wx8ndMQPnEq8m48zbN106vtMx4%2FtGbuPgrqoSSLNRel8aWcH9K1IdGDAZo7vA2QpN7PWeBAXI7yyQXck5yTyaLoSMbYzmbhnJR2d2K5GJ%2BpW8PibboF5YB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
static.hsappstatic.net/video-player-ui/static-1.6840/video-player-ui-lang-de.js
104.17.8.210200 OK 3.4 kB URL HTTP/2 static.hsappstatic.net/video-player-ui/static-1.6840/video-player-ui-lang-de.js
IP 104.17.8.210:0
File type Unicode text, UTF-8 text, with very long lines (8171)
Hash e6c574450db920736b402bd6890d1fcc
d518ba9ae97be680f6468116fc0791afa4dacd3f
4b3fdced40c9718103dfd652f1df96404932ac10121515173a9707b63086b1aa
GET /video-player-ui/static-1.6840/video-player-ui-lang-de.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.hubspotvideo.com
Connection: keep-alive
Referer: https://play.hubspotvideo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:39 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Nov 2022 18:22:33 GMT
etag: W/"8b0bde32b4246139954f693111a844ab"
x-amz-server-side-encryption: AES256
x-amz-version-id: FDHL2wZ8DRjCjSCwkxo4JeBZg38PWGaL
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d009c4305a73ef1e26138117423d6076.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: UQIVhz_tPWEFwk_YwWE7SaBU8o28w4IMlfDWkH04776it0LcI7KHUw==
cf-cache-status: HIT
age: 409262
expires: Sun, 26 Nov 2023 13:15:39 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQVhvPmB7Iy3OH482jQQO2hHKkG2r2YPvDN1FXqXWTLwv%2BLhSONscPlGWKWB5XNEVdCEKtxjxWFNMpCET44NNW9NPH%2FNhsGp8kE6bLIOEP7kOBlpLRSIOxDuzh%2BgxPsRD5CoEzhAuSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7702e4e66815b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00f70d8686131fbbc800301eeef1538945&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&optOut=false&bust=04947179216242491&referrer=
64.202.112.223200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00f70d8686131fbbc800301eeef1538945&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&optOut=false&bust=04947179216242491&referrer=
IP 64.202.112.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00f70d8686131fbbc800301eeef1538945&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fforschung.vitalisium.com%2Fde-de%2Flp001-azorica-prf-vsl-pdeazoprf210908%3Futm_source%3Dazorica%26utm_medium%3Demail%26utm_campaign%3Dpdeazopst210908%26utm_content%3Dprf005-vsl%26clickid%3Dwgld9ao9hu7obdok21ig843v&optOut=false&bust=04947179216242491&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:40 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: e0dfcc5621fb2c784182275c579d995e
content-encoding: gzip
image.mux.com/Ssgo928g022iTyM029vzBt00m4QFuZvjEXYoVRJzWsmvm00/storyboard.vtt
151.101.86.217200 OK 14 kB URL HTTP/2 image.mux.com/Ssgo928g022iTyM029vzBt00m4QFuZvjEXYoVRJzWsmvm00/storyboard.vtt
IP 151.101.86.217:0
Hash 52c9bba3442cef3b4dd98707544127ae
b4785a20c16735b26be5a2d4f1196e78024117f9
2dcf3309012975558795f0b525c7aec8025fb2ef86a7c6fe7d54a4cd45887a57
GET /Ssgo928g022iTyM029vzBt00m4QFuZvjEXYoVRJzWsmvm00/storyboard.vtt HTTP/1.1
Host: image.mux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.hubspotvideo.com
Connection: keep-alive
Referer: https://play.hubspotvideo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN
cache-control: max-age=86400
content-type: text/vtt
grpc-metadata-content-type: application/grpc
x-origin-version: 1669219605-88799-72ff63625a
accept-ranges: bytes
date: Sat, 26 Nov 2022 13:15:40 GMT
via: 1.1 varnish
age: 71682
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669468541.841239,VS0,VE2
x-cdn-version: 1669306923-88811-4dad23c3c6
x-request-id: 17c39f72-8d13-4926-b623-9d4a98cc6d2f
x-cdn: fastly
content-length: 13741
X-Firefox-Spdy: h2
asset.azdmp.com/collect_v3.php
145.239.193.53200 OK 114 B URL HTTP/1.1 asset.azdmp.com/collect_v3.php
IP 145.239.193.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 514e245b632d63bb4566174816563cd8
62373fb489c6cf42bc885a45abfbf8b6bb1d0965
71a7269f0c0db868a466edb9208235288ce9c038e7709c72472c0aa44ae52c74
POST /collect_v3.php HTTP/1.1
Host: asset.azdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Content-type: application/x-www-form-urlencoded
Content-Length: 121
Origin: https://asset.azdmp.com
Connection: keep-alive
Referer: https://asset.azdmp.com/client_iframe.html?t=231871
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:40 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-UID: 166946854083488326
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:C71F_91EFC135:01BB_6382117C_1163524:195EA
X-IPLB-Instance: 25144
asset.easydmp.net/get_delivery_data.php
145.239.193.53200 OK 397 B URL HTTP/1.1 asset.easydmp.net/get_delivery_data.php
IP 145.239.193.53:0
File type JSON data\012- , ASCII text, with very long lines (609), with no line terminators
Hash e90862e66b68b986fc18b935abe22f86
f5a2799261cd4fb8899be973315c99a2f32f480c
aa875ebf43e6d1d285297cdd33241544135869e7239310f4322e82aad837192d
POST /get_delivery_data.php HTTP/1.1
Host: asset.easydmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Content-type: application/x-www-form-urlencoded
Content-Length: 22
Origin: https://asset.easydmp.net
Connection: keep-alive
Referer: https://asset.easydmp.net/client_iframe.html?t=231871
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:40 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-UID: 166946854083584758
Set-Cookie: capping=eyJlbWRtcGVhc3k6bGl2ZXJhbXAiOiIxNjY5NDY4NTQwIiwiZW1kbXBlYXN5OndlYm9yYW1hX21ya3Rlc3Bfc3luYyI6IjE2Njk0Njg1NDAiLCJlbWRtcGVhc3k6d2Vicml2YWdlX3BpY2tpbmciOiIxNjY5NDY4NTQwIn0%3D; Expires=1700953200; Max-Age=31484660; Path=/; domain=.easydmp.net; SameSite=None; Secure
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:BB79_91EFC135:01BB_6382117C_838CAD:2F1F4
X-IPLB-Instance: 24040
vl.vitalisium.com/postback?cid=undefined&et=vsl
18.192.249.87400 Bad Request 152 B URL HTTP/2 vl.vitalisium.com/postback?cid=undefined&et=vsl
IP 18.192.249.87:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
GET /postback?cid=undefined&et=vsl HTTP/1.1
Host: vl.vitalisium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forschung.vitalisium.com/de-de/lp001-azorica-prf-vsl-pdeazoprf210908?utm_source=azorica&utm_medium=email&utm_campaign=pdeazopst210908&utm_content=prf005-vsl&clickid=wgld9ao9hu7obdok21ig843v
Connection: keep-alive
Cookie: _gcl_au=1.1.1802640712.1669468539; clickid=wgld9ao9hu7obdok21ig843v; utm_source=azorica; utm_medium=email; utm_content=prf005-vsl; utm_campaign=pdeazopst210908; product=prf; _ga=GA1.2.720312215.1669468540; _gid=GA1.2.659045940.1669468540; _gat_UA-166056735-1=1; _fbp=fb.1.1669468540345.234208876; __hstc=130024592.9ca330108ae8d482765339fc5183b02d.1669468540760.1669468540760.1669468540760.1; hubspotutk=9ca330108ae8d482765339fc5183b02d; __hssrc=1; __hssc=130024592.1.1669468540760
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Sat, 26 Nov 2022 13:15:40 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
asset.azdmp.com/etag.php
145.239.193.53200 OK 90 B IP 145.239.193.53:0
File type ASCII text, with no line terminators
Hash 2563f02bf5491a507804302a0d586ee5
566d995d6ad4719e7f335fb7140c18e252005298
231097b1acc6c69987619a942f6939a0dbeba17044db1504623a1b3fbdf49cb8
GET /etag.php HTTP/1.1
Host: asset.azdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Warning: set
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slpNi9ueP4YmodMqriq9n9pEvEBcptM6XBgCs0Ql1;
Connection: keep-alive
Referer: https://asset.azdmp.com/client_iframe.html?t=231871
Cookie: ecdstpds1=000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slpNi9ueP4YmodMqriq9n9pEvEBcptM6XBgCs0Ql1%3B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: private, max-age=31536000
Etag: W/"c2d85c2cbc5896af67ba9e5d38fba066"
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:C71F_91EFC135:01BB_6382117C_1163550:195EA
X-IPLB-Instance: 25144
asset.easydmp.net/etag.php
145.239.193.53200 OK 90 B URL HTTP/1.1 asset.easydmp.net/etag.php
IP 145.239.193.53:0
File type ASCII text, with no line terminators
Hash 5ca198d2c0e2b91dd4db15530a7f35b3
287b36986e0a7c7732e5056213893ac7a37947ed
9f5ca39b062d072ea7ffa75944a4df66712dbfcc6e5bf0fbe94818793c559f37
GET /etag.php HTTP/1.1
Host: asset.easydmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Warning: set
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slpNi9ueP4YmodMqvCq5mcZIvEBcptM6XBgCr0wld;
Connection: keep-alive
Referer: https://asset.easydmp.net/client_iframe.html?t=231871
Cookie: capping=eyJlbWRtcGVhc3k6bGl2ZXJhbXAiOiIxNjY5NDY4NTQwIiwiZW1kbXBlYXN5OndlYm9yYW1hX21ya3Rlc3Bfc3luYyI6IjE2Njk0Njg1NDAiLCJlbWRtcGVhc3k6d2Vicml2YWdlX3BpY2tpbmciOiIxNjY5NDY4NTQwIn0%3D; ecdstpds1=000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slpNi9ueP4YmodMqvCq5mcZIvEBcptM6XBgCr0wld%3B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: private, max-age=31536000
Etag: W/"23da488ee2e45981ecfbf84255f8ceab"
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:BB79_91EFC135:01BB_6382117C_838CBB:2F1F4
X-IPLB-Instance: 24040
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash daf5984226a272d126cf82d057cc5ea2
d097a2b8d014dfc169e1b504174fcce6e28b4921
a929ea0794d0676a470e00383acde6ef02e5bd84e7c22ad18cf30e09c9163cc7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 13:42:55 GMT
Expires: Wed, 30 Nov 2022 13:42:54 GMT
Etag: "d097a2b8d014dfc169e1b504174fcce6e28b4921"
Cache-Control: max-age=346633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7702e4ecff07b51e-OSL
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-166056735-1&cid=720312215.1669468540&jid=1830462430&gjid=2060400492&_gid=659045940.1669468540&_u=YEBAAUAAAAAAACAAI~&z=498591842
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-166056735-1&cid=720312215.1669468540&jid=1830462430&gjid=2060400492&_gid=659045940.1669468540&_u=YEBAAUAAAAAAACAAI~&z=498591842
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-166056735-1&cid=720312215.1669468540&jid=1830462430&gjid=2060400492&_gid=659045940.1669468540&_u=YEBAAUAAAAAAACAAI~&z=498591842 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://forschung.vitalisium.com
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://forschung.vitalisium.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 13:15:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
idsync.rlcdn.com/461249.gif?partner_uid=166946854083584758
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/461249.gif?partner_uid=166946854083584758
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /461249.gif?partner_uid=166946854083584758 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asset.easydmp.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2Njk0Njg1NDA4MzU4NDc1OBAAGg0I_aKInAYSBQjoBxAAQgBKAA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=dGGO4N27waVq6XHVA27SING56NpkEhqxWoA+A52RdD4=; Path=/; Domain=rlcdn.com; Expires=Sun, 26 Nov 2023 13:15:41 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Wed, 25 Jan 2023 13:15:41 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sat, 26 Nov 2022 13:15:41 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bam-cell.nr-data.net/events/1/f9d051f404?a=968236338&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=2276&ck=0&ref=https://play.hubspotvideo.com/v/7111995/id/46854203211
162.247.241.2200 OK 24 B URL HTTP/1.1 bam-cell.nr-data.net/events/1/f9d051f404?a=968236338&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=2276&ck=0&ref=https://play.hubspotvideo.com/v/7111995/id/46854203211
IP 162.247.241.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/f9d051f404?a=968236338&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=2276&ck=0&ref=https://play.hubspotvideo.com/v/7111995/id/46854203211 HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1233
Origin: https://play.hubspotvideo.com
Connection: keep-alive
Referer: https://play.hubspotvideo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:41 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7702e4ecba59b4f1-OSL
Access-Control-Allow-Origin: https://play.hubspotvideo.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeWglP3%2FVP8oTwuJlbCm8O9p7085IWatZnziLd5xnGy%2F732wgMrKO1wQlJ3LuT%2F21wYt%2B8QK5Ri4pklZrrP71KIPUxSNISgC7vYzCNFjtiTpHvtbSq0Pm4ANpFfAaCmxB3GUbWQA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 976c8f2f052c15d13418dd2998d17942
4a736e3e7b25ebddc39d643c02936a4fda51e894
bc43b5dd44d281d6050d0a3b6c7d41968bb4bbf51b6858363a9b4097bfdc340d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103057
Date: Sat, 26 Nov 2022 13:15:41 GMT
Etag: "6380fbd5-1d7"
Expires: Sun, 27 Nov 2022 17:53:18 GMT
Last-Modified: Fri, 25 Nov 2022 17:31:01 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RaQH2FZT6_X8QswkGvDV4Z8Y_ClYmOiqZ-_2WtP2kz0PzmNpIWk_2g==
Age: 1337
idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2Njk0Njg1NDA4MzU4NDc1OBAAGg0I_aKInAYSBQjoBxAAQgBKAA
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2Njk0Njg1NDA4MzU4NDc1OBAAGg0I_aKInAYSBQjoBxAAQgBKAA
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2Njk0Njg1NDA4MzU4NDc1OBAAGg0I_aKInAYSBQjoBxAAQgBKAA HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asset.easydmp.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CP2iiJwGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Wed, 25 Jan 2023 13:15:41 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sat, 26 Nov 2022 13:15:41 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash b6176242d45695c23bacd081f142ddbd
176d448810c3430fa8e120df30721518e3d9af9c
1ecc4ddd967e564e94e4d7406ef3dafdd256b111ed173d2193bb1923ba4b99fe
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 13:15:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 21:37:38 GMT
Expires: Sat, 26 Nov 2022 21:37:38 GMT
ETag: "176d448810c3430fa8e120df30721518e3d9af9c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sqa.azandclic.com/tmpPds/get?callback=callback954428770
145.239.193.53200 OK 51 B URL HTTP/1.1 sqa.azandclic.com/tmpPds/get?callback=callback954428770
IP 145.239.193.53:0
File type ASCII text, with no line terminators
Hash a59adc03468d153b71bb59a55bcdbaa6
90b11aec0bac6fd21406d0bab893d3f2c8ceea0a
2f0059d7c4c8503d2bb8e4b43ce331531d8997f9078bc93ce005f5c448cf13ef
GET /tmpPds/get?callback=callback954428770 HTTP/1.1
Host: sqa.azandclic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asset.azdmp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:A6BB_91EFC135:01BB_6382117D_116F40A:217A1
X-IPLB-Instance: 25143
rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166946854083584758%26webo_id%3D{WEBO_CID}
35.190.24.218302 Found 0 B URL HTTP/2 rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166946854083584758%26webo_id%3D{WEBO_CID}
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166946854083584758%26webo_id%3D{WEBO_CID} HTTP/1.1
Host: rd.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Sat, 26 Nov 2022 13:15:40 GMT
content-length: 0
location: https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166946854083584758%26webo_id%3D%7BWEBO_CID%7D&bounce=1&random=2184470120
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sat, 26 Nov 2022 13:15:41 GMT
set-cookie: AFFICHE_W=PJgsu3Fclc0816; expires=Sun, 24 Dec 2023 13:15:41 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
142.250.74.162302 Found 280 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ad57934105b73bb8d1eab3c90f628c7c
beeba2c3c1eb5a5b94d423b11146614a9bb0800d
c245bf6b77b072fa762edc06470b831cb07344e044e37c4a0810d90d14685325
GET /pixel?google_nid=epsilon&google_cm HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asset.easydmp.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
date: Sat, 26 Nov 2022 13:15:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 280
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 13:30:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166946854083584758%26webo_id%3D%7BWEBO_CID%7D&bounce=1&random=2184470120
35.190.24.218204 No Content 0 B URL HTTP/2 rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166946854083584758%26webo_id%3D%7BWEBO_CID%7D&bounce=1&random=2184470120
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fasset.easydmp.net%2Fcollect_v2.img.php%3Fdmp%3Dcomact%26uid%3D166946854083584758%26webo_id%3D%7BWEBO_CID%7D&bounce=1&random=2184470120 HTTP/1.1
Host: rd.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Sat, 26 Nov 2022 13:15:40 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sat, 26 Nov 2022 13:15:41 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
142.250.74.162302 Found 247 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6b68f634888137576f09fdb919ac5b3d
8aebfb1fe7e93aaa2a2cf45dfa2228f0d254920c
df98a4b4762cb4ff336265748e3a01b6980f5f4a3695abd1daf5481fb77b2de1
GET /pixel?google_nid=epsilon&google_cm=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asset.easydmp.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://idsync.rlcdn.com/362358.gif?google_error=3
date: Sat, 26 Nov 2022 13:15:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash b6176242d45695c23bacd081f142ddbd
176d448810c3430fa8e120df30721518e3d9af9c
1ecc4ddd967e564e94e4d7406ef3dafdd256b111ed173d2193bb1923ba4b99fe
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 13:15:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 21:37:38 GMT
Expires: Sat, 26 Nov 2022 21:37:38 GMT
ETag: "176d448810c3430fa8e120df30721518e3d9af9c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
idsync.rlcdn.com/362358.gif?google_error=3
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/362358.gif?google_error=3
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /362358.gif?google_error=3 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asset.easydmp.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Wed, 25 Jan 2023 13:15:41 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sat, 26 Nov 2022 13:15:41 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash daf5984226a272d126cf82d057cc5ea2
d097a2b8d014dfc169e1b504174fcce6e28b4921
a929ea0794d0676a470e00383acde6ef02e5bd84e7c22ad18cf30e09c9163cc7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:15:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 13:42:55 GMT
Expires: Wed, 30 Nov 2022 13:42:54 GMT
Etag: "d097a2b8d014dfc169e1b504174fcce6e28b4921"
Cache-Control: max-age=346632,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7702e4edcfedb51e-OSL
v3.api.optinproject.com/sqdt/picking
52.213.30.254200 OK 0 B URL HTTP/2 v3.api.optinproject.com/sqdt/picking
IP 52.213.30.254:0
GET /sqdt/picking HTTP/1.1
Host: v3.api.optinproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:41 GMT
content-type: image/gif
server: nginx
pragma: no-cache
cache-control: must_revalidate, no_cache, no_store, post_check="", pre_check="", private
x-correlation-id: 7a43a56c-dbe5-439b-800d-ab7dadf88e7b
X-Firefox-Spdy: h2
tr.affaz1.com/343e704a-6c31-4d70-bac0-f51fd3f57be0?erp=&subid=4&clickid=102123a2d98c9851902fce3dda9eb7
18.194.134.212200 OK 0 B URL HTTP/2 tr.affaz1.com/343e704a-6c31-4d70-bac0-f51fd3f57be0?erp=&subid=4&clickid=102123a2d98c9851902fce3dda9eb7
IP 18.194.134.212:0
GET /343e704a-6c31-4d70-bac0-f51fd3f57be0?erp=&subid=4&clickid=102123a2d98c9851902fce3dda9eb7 HTTP/1.1
Host: tr.affaz1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:15:37 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 343e704a-6c31-4d70-bac0-f51fd3f57be0-v4=FBC1DMzGYgy9dVDUyXWDofiHuNq4_5_KtYwJypY61c0; Max-Age=86400; Expires=Sun, 27-Nov-2022 13:15:37 GMT; Domain=tr.affaz1.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=WrLCi85hJsM5q6xDqt8Lf%2Fp%2Bmxk%2Fp9JSFt%2FbmPSXqcDdNOHfbfKVVMuE5RiNXiml9nZhWiStPxH1KModRUrLjipqPY%2FbMClRg0q0KBV3d27uh7WzEN7dQYyKXFWbmP10CgxmkyP0dBtCj680BL5F5Q%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 13:15:37 GMT; Domain=tr.affaz1.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
forschung.vitalisium.com/de-de/lp001-azorica-prf-vsl-pdeazoprf210908?utm_source=azorica&utm_medium=email&utm_campaign=pdeazopst210908&utm_content=prf005-vsl&clickid=wgld9ao9hu7obdok21ig843v
199.60.103.28200 OK 0 B URL HTTP/2 forschung.vitalisium.com/de-de/lp001-azorica-prf-vsl-pdeazoprf210908?utm_source=azorica&utm_medium=email&utm_campaign=pdeazopst210908&utm_content=prf005-vsl&clickid=wgld9ao9hu7obdok21ig843v
IP 199.60.103.28:0
ASN #209242 Cloudflare London, LLC
GET /de-de/lp001-azorica-prf-vsl-pdeazoprf210908?utm_source=azorica&utm_medium=email&utm_campaign=pdeazopst210908&utm_content=prf005-vsl&clickid=wgld9ao9hu7obdok21ig843v HTTP/1.1
Host: forschung.vitalisium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:37 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10800, max-age=0
etag: W/"51a2a6929aa0fa19645ac6fc38b127d3"
last-modified: Mon, 21 Nov 2022 13:56:52 GMT
link: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>; rel=preload; as=script,</hs/hsstatic/slick/static-1.56/bundles/project.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-54787794762,P-7111995,L-48252741158,CW-25412819989,CW-30906188018,E-37203479143,PGS-ALL,SW-4
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-combine-css: Disabled
x-hs-content-campaign-id: 4c861f7b-4c85-4a30-85a5-2593973adaf4
x-hs-content-id: 54787794762
x-hs-hub-id: 7111995
x-hs-prerendered: Mon, 21 Nov 2022 13:56:52 GMT
x-powered-by: HubSpot
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nvLPzA9DnfEMBkKrkTx39x871E7WMPDPOLzbhe%2BcB73QisYh35Zk%2FKB32n%2B%2Fy8iqbqVX8ws55KZQ6eAaLY%2Fx%2Bj3yboNuLqXBKSdHYJi3XNiQfN5%2Bkds6Na8SrlTAUrJ1J9I2GmIfnAqtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=LRxzr4zl_W3oGfz6daYhacJ3GHf6ESvsy5vY0I.e3Ac-1669468537-0-Aek0jabTbVz7UHnjmJlM5fSz5FYb+bfcZGaPJBJ1CIMa+moRl6WwP9SEt0Nwz7zXdKR2876AaVniH1WGa/yfJrw=; path=/; expires=Sat, 26-Nov-22 13:45:37 GMT; domain=.forschung.vitalisium.com; HttpOnly; Secure; SameSite=None
__cfruid=4addc0e3007cb9767c1022470c9eecb95dd5c5fb-1669468537; path=/; domain=.forschung.vitalisium.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7702e4d8eec10b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>,</hs/hsstatic/slick/static-1.56/bundles/project.js>
X-Firefox-Spdy: h2
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1668781720118/hubspot/hubspot_default/shared/responsive/layout.min.css
104.17.240.204200 OK 0 B URL HTTP/2 cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1668781720118/hubspot/hubspot_default/shared/responsive/layout.min.css
IP 104.17.240.204:0
GET /hub/7052064/hub_generated/template_assets/1668781720118/hubspot/hubspot_default/shared/responsive/layout.min.css HTTP/1.1
Host: cdn2.hubspot.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:38 GMT
content-type: text/css
cf-ray: 7702e4db2898b505-OSL
access-control-allow-origin: *
age: 686753
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
last-modified: Fri, 18 Nov 2022 14:28:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET
x-amz-cf-pop: IAD55-P5
x-amz-meta-created-unix-time-millis: 1668781722102
x-amz-replication-status: PENDING
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-alternate-content-type: text/plain
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm8Pg%2F9sUAqLojqp4Q3yHQjMXJvtoV90m9cb5cHbc1xxVUlnr7EHB5DVWJbzedaSJ2X5ARgXcEaxqcqQPmeFe4VqeivKkwHFy0R0Yk73uV41Nipy5BgcN3%2BNM7AaxsKq0sc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
api-na1.hubapi.com/video/v1/public/46854203211/poster?portalId=7111995
104.17.201.204307 Temporary Redirect 0 B URL HTTP/2 api-na1.hubapi.com/video/v1/public/46854203211/poster?portalId=7111995
IP 104.17.201.204:0
GET /video/v1/public/46854203211/poster?portalId=7111995 HTTP/1.1
Host: api-na1.hubapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
date: Sat, 26 Nov 2022 13:15:38 GMT
location: https://api-na1.hubapi.com/filemanager/api/v3/files/thumbnail-redirect/46854203195?portalId=7111995&size=medium
x-trace: 2B2EA24F200A861B7F18F80EAF4349FB7D5753B914000000000000000000
x-hubspot-correlation-id: bc8bbcb5-5b3f-4380-a9a0-ae2c240c9013
access-control-allow-credentials: false
vary: origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mbE%2BvZ0nZm%2BdnLIoi1x4n3aBLpJwwtZdjvCGtopyQIQnXFYgvra2mDtw3OmNjX6SzNKQQ9aYR89pV%2FxtN3G8SLaoi0X7dOyfyZ9gHuQLZ4JY2MQgblPwHq9TB1b7gAj3MOUGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7702e4db4a3fb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/video-embed/ex/loader.js
104.17.8.210200 OK 0 B URL HTTP/2 static.hsappstatic.net/video-embed/ex/loader.js
IP 104.17.8.210:0
GET /video-embed/ex/loader.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:38 GMT
content-type: application/javascript
x-amz-replication-status: PENDING
last-modified: Mon, 21 Nov 2022 18:34:30 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: TykkSc7ZVMovd.j6qjnJ0.TzugbR1F1E
etag: W/"671ab42c24863fcf4dde5a28edd5d363"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 cb05e10ed4a973b87ff15498c30d269c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 2EPHDuXvoK9Bo7UWjgqDK72HkKkL-41K-7ypBy_4Hjz_cZEQoXJUeg==
cf-cache-status: HIT
expires: Sat, 26 Nov 2022 13:16:38 GMT
cache-control: public, max-age=60
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngJzUniGiXkQ6Sl%2F444%2FV5g%2FVnJsw1SEoW%2BxaiBA024hHpGhGRcc16clVw6cvSF%2FrT0YWnGe8UsV7CZ8nGOw%2B9%2FjPv8aEMVjwnVoWxkk1U19nV7N%2Fz72hCm5VDQZ163XcU3yYRPbrXs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7702e4db6c47b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.hubspotvideo.com/v/7111995/id/46854203211?hiddenControls=true&renderContext=rich-text-placeholder&parentOrigin=https%3A%2F%2Fforschung.vitalisium.com&pageId=54787794762&locale=de-de
104.18.33.18200 OK 0 B URL HTTP/2 play.hubspotvideo.com/v/7111995/id/46854203211?hiddenControls=true&renderContext=rich-text-placeholder&parentOrigin=https%3A%2F%2Fforschung.vitalisium.com&pageId=54787794762&locale=de-de
IP 104.18.33.18:0
GET /v/7111995/id/46854203211?hiddenControls=true&renderContext=rich-text-placeholder&parentOrigin=https%3A%2F%2Fforschung.vitalisium.com&pageId=54787794762&locale=de-de HTTP/1.1
Host: play.hubspotvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forschung.vitalisium.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:39 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Nov 2022 06:34:29 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {"allowIFrame":true}
x-amz-version-id: bS.5Ko4o19qFsWZYcf7aBRU5Q5xL5iy_
etag: W/"d9921316472dcbec3786c6ec2bb0b3bd"
vary: origin
x-cache: Hit from cloudfront
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: wD407JvmJ4sR85Ehe-qNXkZ-9h8fYpCYuw0adxw8rIZ59trFoTZbUA==
age: 901
access-control-allow-credentials: false
cache-control: max-age=600
x-hs-target-asset: video-player-ui/static-1.6840/html/player.html
x-hs-cache-status: MISS
cache-tag: staticjsapp-video-player-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7702e4deaa5ab4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1669468500000/7111995.js
104.17.67.176200 OK 0 B URL HTTP/2 js.hs-analytics.net/analytics/1669468500000/7111995.js
IP 104.17.67.176:0
GET /analytics/1669468500000/7111995.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forschung.vitalisium.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:15:40 GMT
content-type: text/javascript
x-amz-id-2: XqgZRDVemMMDuXkVjkWKk366QOHZ6w3HDhVQRZK/2sbwScazpjMN0H4RDJeT0jXDfAlMRhzS3S4=
x-amz-request-id: 8G75AN78NR5FJ67Y
last-modified: Fri, 04 Nov 2022 20:36:47 GMT
etag: W/"bff8bbe3115609c7be5c0293c62ba598"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Sat, 26 Nov 2022 13:20:40 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7702e4e5da52b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2