www.newgensearch.com/onlineshopping
54.230.111.82301 Moved Permanently 167 B URL HTTP/1.1 www.newgensearch.com/onlineshopping
IP 54.230.111.82:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /onlineshopping HTTP/1.1
Host: www.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 23 Nov 2022 17:34:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.newgensearch.com/onlineshopping
X-Cache: Redirect from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gjG9hMjlImYlPHkeNl5EORce1GUF0fAUz3699g4CYDrWO8qUMc74MA==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7643
Expires: Wed, 23 Nov 2022 19:41:26 GMT
Date: Wed, 23 Nov 2022 17:34:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5950
Cache-Control: max-age=153383
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:03 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:10:26 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 17:17:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1015
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3579
Expires: Wed, 23 Nov 2022 18:33:42 GMT
Date: Wed, 23 Nov 2022 17:34:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OsWg3n8MHbfGvNPz0wz0A/OAda5GOKeXDuqwZwItwBP2f9OLahVQRyaFF+U3+aEUGMyzTJavnv8=
x-amz-request-id: N9DBE3Q3GV7X4ZW6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 16:43:03 GMT
age: 3060
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 17:34:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9d772b37100c87012593770b72a520f6
1a7eab9fc80f077a0ef7c35bd20002a9ac423d19
af13ed428038bb7568fd7ccc5edf6c8aafb00ddea493e9dc9bba8118097ff99d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138413
Date: Wed, 23 Nov 2022 17:34:03 GMT
Etag: "637dd338-1d7"
Expires: Fri, 25 Nov 2022 08:00:56 GMT
Last-Modified: Wed, 23 Nov 2022 08:00:56 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 09tUS_0soESsokfvIMaQRVNd5S142GMVYYlI64okCV5bcCZn_IYnkg==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 17:08:53 GMT
cache-control: public,max-age=3600
age: 1510
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6052
Cache-Control: max-age=148422
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:03 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:47:45 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
cdn.newgensearch.com/serp-ng-static/1.58.0/c6c0b51f.js
54.230.111.68200 OK 16 kB URL HTTP/2 cdn.newgensearch.com/serp-ng-static/1.58.0/c6c0b51f.js
IP 54.230.111.68:0
File type ASCII text, with very long lines (16014), with no line terminators
Hash 003bf7e14c47802f56e955bb56adb635
b00d9b8c6caba982a68b96cfc3634b5fcc8fe5de
9df651d0e1521bd5330c7768a526d49bfbeac83f840b24961f64470b05918fa4
GET /serp-ng-static/1.58.0/c6c0b51f.js HTTP/1.1
Host: cdn.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 16014
last-modified: Wed, 21 Sep 2022 08:39:09 GMT
x-amz-version-id: iRd5Sos_RB5ngema4pW7Kil2ayPzy7pI
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 03:55:33 GMT
etag: "003bf7e14c47802f56e955bb56adb635"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VLB_4DtpGD3SD_Vv_a_ur4zXUNISnOuPJ6mZIrxf6LZ_D8ylP6mBMw==
age: 49111
X-Firefox-Spdy: h2
cdn.newgensearch.com/Logos/newgensearch.com/newgensearch_serp.png
54.230.111.68200 OK 3.1 kB URL HTTP/2 cdn.newgensearch.com/Logos/newgensearch.com/newgensearch_serp.png
IP 54.230.111.68:0
File type PNG image data, 110 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash c8ada0c2a82b5ee200dd3cc8c9762d3d
a44875663e2fcb14f068206b0cfa120aee6ff3da
d9f68a988e23b85f7f9cd43b85103669a1b1db4b1bb40594df735dda6fc97b52
GET /Logos/newgensearch.com/newgensearch_serp.png HTTP/1.1
Host: cdn.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3099
last-modified: Mon, 02 Aug 2021 11:14:28 GMT
x-amz-version-id: yFylvLPfupMmmqDufmISzx8KiMsGBwBi
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 09:29:19 GMT
etag: "c8ada0c2a82b5ee200dd3cc8c9762d3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xuWeX8q_J3448gPRoh8K0YmZvbNSH9Q4JLZoir6wdAt5D9HodnHGcQ==
age: 29085
X-Firefox-Spdy: h2
www.newgensearch.com/onlineshopping
54.230.111.82200 OK 49 kB URL HTTP/2 www.newgensearch.com/onlineshopping
IP 54.230.111.82:0
Hash bb09accce109db21bba017cf43a3aff0
a35adfcf21ef4a62c2b215981ea69a7eaeda7629
24859ff8deaf466888d280af5a48666aa0dc58cb2c2b1ac4dfc4ac54caa2e75f
GET /onlineshopping HTTP/1.1
Host: www.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
accept-ch: Sec-CH-UA-Bitness,Sec-CH-UA-Bitness,Sec-CH-UA-Bitness,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Platform,Sec-CH-UA
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 23 Nov 2022 17:34:03 GMT
server: istio-envoy
set-cookie: cfsfuid=cb8d39e3-4bb5-4891-ab6a-99cbd2e0271b; Max-Age=2592000; Path=/; Expires=Invalid Date
cfsf_session_id=3ed1ea2a-e595-499e-ab43-1ff10640695d; Max-Age=1800; Path=/; Expires=Invalid Date
tfd=bde578ea-9d49-4e91-ab92-ca340ac81393; Max-Age=86400; Path=/; Expires=Invalid Date
subid=0; Max-Age=1800; Path=/; Expires=Wed, 23 Nov 2022 18:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 4
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SNy4dEqgPXjdskseo2huRDConMiR3s4gEzDx0m4s0IBLKc8SlzZW4g==
X-Firefox-Spdy: h2
cdn.newgensearch.com/serp-ng-static/1.58.0/3539189c.js
54.230.111.68200 OK 151 kB URL HTTP/2 cdn.newgensearch.com/serp-ng-static/1.58.0/3539189c.js
IP 54.230.111.68:0
File type ASCII text, with very long lines (65470), with escape sequences
Size 151 kB (151210 bytes)
Hash 1a42ccd6198e3f380f41e3c2eb1241e9
21c3a1f241989338f0e4cdfbdd3bdaf5c44fe95e
63df663a1f92e12361bbeaeca651cf61b0ed4bea45acd0d1e358276d22dad05a
GET /serp-ng-static/1.58.0/3539189c.js HTTP/1.1
Host: cdn.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 151210
last-modified: Wed, 21 Sep 2022 08:39:09 GMT
x-amz-version-id: XBGevKhRYAz6iNS0m..DeMX6aDIe3NHQ
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 06:55:10 GMT
etag: "1a42ccd6198e3f380f41e3c2eb1241e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KsMsn7OnW8aMVFfStFEXN9U1Bw-qMvwWJ2GTe-EDX3_R-FHmShq6fg==
age: 38334
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ae7674294f5a17ef8761b33ac4dad848
30a771e623dd1e3cb8694bb5f71393aaa9e87b6a
cac85ed50ce25c45d5093aaaa231a0d1cd9667f47bd2312947070ba202c5d96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/enterprise.js?render=6Lea3XQhAAAAAPdPLDqcKg-CkY1pIAlXcBSKWWA5
142.250.74.164200 OK 615 B URL HTTP/2 www.google.com/recaptcha/enterprise.js?render=6Lea3XQhAAAAAPdPLDqcKg-CkY1pIAlXcBSKWWA5
IP 142.250.74.164:0
File type ASCII text, with very long lines (974), with no line terminators
Hash 63f86f51cce656ef42afca464040a037
6bbafcc12ebed41d5d7dab78dc6e28ae209a8953
4e4a433642aef11b478ec52fe125ffee11e4a1b2186149ce2751edc86697f052
GET /recaptcha/enterprise.js?render=6Lea3XQhAAAAAPdPLDqcKg-CkY1pIAlXcBSKWWA5 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 23 Nov 2022 17:34:03 GMT
date: Wed, 23 Nov 2022 17:34:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 615
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PPFH3SP
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PPFH3SP
IP 142.250.74.168:0
File type ASCII text, with very long lines (14582)
Hash dcbc149075c920a751c090a99d63a004
28aff3a8f0a569bd26f4db544f18264c034bef2d
be040e14b9e8b658e8f9edcd67597693975cf0d4d15f255d9dfc2ba0cef57657
GET /gtm.js?id=GTM-PPFH3SP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 17:34:04 GMT
expires: Wed, 23 Nov 2022 17:34:04 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.189.139.67101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.139.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: B6gmqrGNIZhp2XgMtWn7fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RbP+sALei2aT75fDd4EzwtR2kSk=
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 72ef6fd59125773edaeb74a945755b4f
56fb8de8e26967011d34d2af7ee4b5542ce91c6e
3b196d6ce466ff62a8fa90484ffd7c375daa054585c98a6fa77b3b2273ba4093
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138777
Date: Wed, 23 Nov 2022 17:34:04 GMT
Etag: "637dd4a5-1d7"
Expires: Fri, 25 Nov 2022 08:07:01 GMT
Last-Modified: Wed, 23 Nov 2022 08:07:01 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OaL9LOTokhs0zzGcVYWnpOyr_0WI8UNNw6zti3jLnUaJl9LlL-RehQ==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash da4f96bede1800a0dbf76d4b875c6558
a77879cb93ad1ed9526bf9bd076576941a85bf9d
c23072f34c57158a6cb250b886058933b44efcfae6a58a9cfb82d0f169e3aca3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171535
Date: Wed, 23 Nov 2022 17:34:04 GMT
Etag: "637e549b-1d7"
Expires: Fri, 25 Nov 2022 17:12:59 GMT
Last-Modified: Wed, 23 Nov 2022 17:12:59 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tiaFBypuFtMmzDHjBKqZqPBkxo6XXB4fN0SZ9HmyjEf8htyiq7HE2w==
u.newgensearch.com/v2.0
54.230.111.103200 OK 2 B IP 54.230.111.103:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v2.0 HTTP/1.1
Host: u.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newgensearch.com/
Origin: https://www.newgensearch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, accept, authorization
access-control-allow-method: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
date: Wed, 23 Nov 2022 17:34:04 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: istio-envoy
x-envoy-upstream-service-time: 0
x-powered-by: Express
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yqcjeV3KUdsHLOgajeCp3Llvgq40G2G4FQNkS9Lnb8LMQqzz_pB3wQ==
X-Firefox-Spdy: h2
cdn.newgensearch.com/Logos/newgensearch.com/newgensearch_favicon.png
54.230.111.68200 OK 573 B URL HTTP/2 cdn.newgensearch.com/Logos/newgensearch.com/newgensearch_favicon.png
IP 54.230.111.68:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a504a90680cc582cf9a2695fd279131
239ffa2dc966cbe6e8d26103d06cd0dc52bcd462
540757014679be006002b17de894ee780098a5c69b2514dc633597e66132b9ad
GET /Logos/newgensearch.com/newgensearch_favicon.png HTTP/1.1
Host: cdn.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Cookie: _gcl_au=1.1.1467377493.1669224844
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 573
last-modified: Wed, 24 Feb 2021 10:04:04 GMT
x-amz-version-id: EMYYn3Ha3DZ2JGAzHkM7JRzXKiHrbXNC
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 10:32:49 GMT
etag: "7a504a90680cc582cf9a2695fd279131"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YR3cnGOb0wy8zaESBhjb9Htyf2yQe_anRPZ288DV-0rCebnkA907vA==
age: 25276
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 23 Nov 2022 16:41:08 GMT
expires: Wed, 23 Nov 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 3176
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.newgensearch.com
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:58:48 GMT
expires: Thu, 23 Nov 2023 14:58:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 9316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
u.newgensearch.com/v2.0
54.230.111.103200 OK 2 B IP 54.230.111.103:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /v2.0 HTTP/1.1
Host: u.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 1011
Origin: https://www.newgensearch.com
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, accept, authorization
access-control-allow-method: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
date: Wed, 23 Nov 2022 17:34:04 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: istio-envoy
x-envoy-upstream-service-time: 2
x-powered-by: Express
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FiqmJ5tD-sx9xsOAbqgS_SVVIsgRHd0IjJHykj7WrdDF3O_5RffezA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-186408652-4&cid=1334745659.1669224844&jid=2064218233&gjid=675781772&_gid=612133131.1669224844&_u=YEBAAEAAAAAAACAAI~&z=1602855108
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-186408652-4&cid=1334745659.1669224844&jid=2064218233&gjid=675781772&_gid=612133131.1669224844&_u=YEBAAEAAAAAAACAAI~&z=1602855108
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-186408652-4&cid=1334745659.1669224844&jid=2064218233&gjid=675781772&_gid=612133131.1669224844&_u=YEBAAEAAAAAAACAAI~&z=1602855108 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.newgensearch.com
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.newgensearch.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Nov 2022 17:34:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:46:16 GMT
expires: Fri, 17 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 503268
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 363726
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
beacon.newgensearch.com/?gid=contentpage
143.204.55.103200 OK 3.3 kB URL HTTP/2 beacon.newgensearch.com/?gid=contentpage
IP 143.204.55.103:0
File type ASCII text, with very long lines (3288), with no line terminators
Hash 97517076a42dfc59f086c650bde2072d
89873d2f2be008a50072292595980ee392d03f3c
485b7b9ff4c5825af1b9f924b701fba86498d8682ddbc22f8b8841433891419e
GET /?gid=contentpage HTTP/1.1
Host: beacon.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 3288
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 17:34:04 GMT
etag: W/"cd8-iYc9LyvgCKUAcikllZgO45LQPzw"
expect-ct: max-age=0
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: istio-envoy
set-cookie: be_id=3c0f5790-7680-4231-a083-50b2d7879137; Domain=.newgensearch.com; Path=/; HttpOnly; Secure; SameSite=None
cf_beid=5bdb2b75-578e-4954-ad35-e4dcf61074ea; Domain=.newgensearch.com; Path=/; Expires=Sun, 09 Feb 2031 17:34:04 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 12
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GqNqOpstzCpgYIjY_spTqH5zMrpvq6ZzCCkAIE3mq-uhgS7uFdNa0g==
X-Firefox-Spdy: h2
se-p-static-content.seccint.com/contextual-demo/green_arrow.svg
54.230.111.11200 OK 156 B URL HTTP/2 se-p-static-content.seccint.com/contextual-demo/green_arrow.svg
IP 54.230.111.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash dbb8cb65505ae40ebeddba1171d169bb
370191cc95d705390dd9e30e8f56b70ec24113f6
6a9e962fcee641553b71a03f7227129e6ff897044b6a676e2892ae77fc00e650
Analyzer Verdict Alert fortinet Malware
GET /contextual-demo/green_arrow.svg HTTP/1.1
Host: se-p-static-content.seccint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 156
last-modified: Wed, 18 Sep 2019 11:49:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 22 Nov 2022 22:33:33 GMT
etag: "dbb8cb65505ae40ebeddba1171d169bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a1W0UFbsRk7zwSaeU_VnaR-yw3UGA_c6LT2ssLejKWVxKFq18tCWgw==
age: 68432
X-Firefox-Spdy: h2
se-p-static-content.seccint.com/contextual-demo/blue_arrow.svg
54.230.111.11200 OK 156 B URL HTTP/2 se-p-static-content.seccint.com/contextual-demo/blue_arrow.svg
IP 54.230.111.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash df071e93f475c747d394f53853d5e225
80f5fdefb7b411198748bc59f611df897b76ecc4
5f51c343fec55ebb786ffdd9b7f6e628379981e7d678dccb08918d251b4dbca2
Analyzer Verdict Alert fortinet Malware
GET /contextual-demo/blue_arrow.svg HTTP/1.1
Host: se-p-static-content.seccint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 156
last-modified: Wed, 18 Sep 2019 11:49:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 01:43:45 GMT
etag: "df071e93f475c747d394f53853d5e225"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yyrAftfFQ6D5AhuuYa5ULC5LjlTTRZ0KBBLaH0xMZjGaihqbyfxaKA==
age: 57020
X-Firefox-Spdy: h2
se-p-static-content.seccint.com/contextual-demo/yellow_arrow.svg
54.230.111.11200 OK 156 B URL HTTP/2 se-p-static-content.seccint.com/contextual-demo/yellow_arrow.svg
IP 54.230.111.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 5f4fbc873430a9fe7fdde4ccf8f84e22
ce992eb1dbb088540d14a1ebb314d4e7b5f58db7
11cb44d4707a332b205aaddd31d2da181ff35b0e3c78b6555760bd68901e24bb
Analyzer Verdict Alert fortinet Malware
GET /contextual-demo/yellow_arrow.svg HTTP/1.1
Host: se-p-static-content.seccint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 156
last-modified: Wed, 18 Sep 2019 11:49:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 22 Nov 2022 21:08:43 GMT
etag: "5f4fbc873430a9fe7fdde4ccf8f84e22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MfePoPDFPf39TcutOBTek9WZc3ZgNsBLsBB4L8t99eZKoY-_Y2R7IQ==
age: 73523
X-Firefox-Spdy: h2
se-p-static-content.seccint.com/contextual-demo/purple_arrow.svg
54.230.111.11200 OK 156 B URL HTTP/2 se-p-static-content.seccint.com/contextual-demo/purple_arrow.svg
IP 54.230.111.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash fe75320c427ede7cb751e4a704f81937
20f04447b86691508678d9981cf27b94c0cbb5b4
a4d00cd902218b51baab0ed88dcc7586e0fa496a1582c522e665eb20138bccf4
Analyzer Verdict Alert fortinet Malware
GET /contextual-demo/purple_arrow.svg HTTP/1.1
Host: se-p-static-content.seccint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 156
last-modified: Wed, 18 Sep 2019 11:49:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 01:43:45 GMT
etag: "fe75320c427ede7cb751e4a704f81937"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vz_L5kDz3YJVGKRLZKAZGBYzS51-u8k5ttfMmuQSBJEkMhcLc-W58A==
age: 57021
X-Firefox-Spdy: h2
spider.australiarevival.com/i/2f9b0778dfa406c8b939ae40527f614f.js
143.204.55.107200 OK 30 kB URL HTTP/2 spider.australiarevival.com/i/2f9b0778dfa406c8b939ae40527f614f.js
IP 143.204.55.107:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 53b007d05eea49de496b896fa549e5b9
af41c317dc616baea475fed5e39f2e84d6edeae5
0b7e7200a82a5f7dc4498c93e528ce88a058e73933feaf9899329f07fb38b0cf
GET /i/2f9b0778dfa406c8b939ae40527f614f.js HTTP/1.1
Host: spider.australiarevival.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 30219
content-encoding: gzip
server: Caddy
date: Wed, 23 Nov 2022 13:17:40 GMT
cache-control: max-age=43200
expires: Thu, 24 Nov 2022 01:14:42 GMT
etag: "14341-qnMSq5ohLOv8+WR8abvsIeophmY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KghdICj82tSU6sLkMd-pnn6ZV-k_nZm01tnimMz33i-iOPlPgyBZqQ==
age: 15563
X-Firefox-Spdy: h2
www.newgensearch.com/f_i
54.230.111.82404 Not Found 536 B IP 54.230.111.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (536), with no line terminators
Hash cd121b8e934067d4f7779544c34cc7a2
b0454194ba5409f46e686813532e3c05dd514f16
9b55d1a1fee1014daf83b90d6a2626f703ae11de233d263eb6c9840719a4f0ac
GET /f_i HTTP/1.1
Host: www.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/onlineshopping
Cookie: cfsfuid=cb8d39e3-4bb5-4891-ab6a-99cbd2e0271b; cfsf_session_id=3ed1ea2a-e595-499e-ab43-1ff10640695d; tfd=bde578ea-9d49-4e91-ab92-ca340ac81393; subid=0; _gcl_au=1.1.1467377493.1669224844; _ga=GA1.2.1334745659.1669224844; _gid=GA1.2.612133131.1669224844; _gat_UA-186408652-4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 536
accept-ch: Sec-CH-UA-Bitness,Sec-CH-UA-Bitness,Sec-CH-UA-Bitness,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Platform,Sec-CH-UA
access-control-allow-origin: *
date: Wed, 23 Nov 2022 17:34:05 GMT
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-cache: Error from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SGFpdktK5nzMWfr79_FK1TsUmfdUgbTBWMoomBcFxe0OTydB0I1HWQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7408
Expires: Wed, 23 Nov 2022 19:37:33 GMT
Date: Wed, 23 Nov 2022 17:34:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7408
Expires: Wed, 23 Nov 2022 19:37:33 GMT
Date: Wed, 23 Nov 2022 17:34:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7408
Expires: Wed, 23 Nov 2022 19:37:33 GMT
Date: Wed, 23 Nov 2022 17:34:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7408
Expires: Wed, 23 Nov 2022 19:37:33 GMT
Date: Wed, 23 Nov 2022 17:34:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or1B6k7o4cYqVXfndjJsKLOV-aYKX8bfHCQIUqNzvofjQSnIf8f04A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:42 GMT
age: 70883
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:27:21 GMT
age: 68804
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:52 GMT
age: 71293
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 69657
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.idp-cf.com/serve?tagid=tagId1&ctype=1&sid=3ed1ea2a-e595-499e-ab43-1ff10640695d&domain=newgensearch&gd=sy1003377&encextparams=&encurl=https%3A%2F%2Fwww.newgensearch.com%2Fonlineshopping&isautomation=0&click=null
54.230.111.96200 OK 14 kB URL HTTP/2 www.idp-cf.com/serve?tagid=tagId1&ctype=1&sid=3ed1ea2a-e595-499e-ab43-1ff10640695d&domain=newgensearch&gd=sy1003377&encextparams=&encurl=https%3A%2F%2Fwww.newgensearch.com%2Fonlineshopping&isautomation=0&click=null
IP 54.230.111.96:0
Hash 94ff2f881cb4177b69b89c384f1af737
c98c37af6fbbdab053617e7a1545906aaa2742c3
30bdba4644b39c8ba2ddad07af30731b959fcdc417982462b57b8c3e0203dd72
GET /serve?tagid=tagId1&ctype=1&sid=3ed1ea2a-e595-499e-ab43-1ff10640695d&domain=newgensearch&gd=sy1003377&encextparams=&encurl=https%3A%2F%2Fwww.newgensearch.com%2Fonlineshopping&isautomation=0&click=null HTTP/1.1
Host: www.idp-cf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newgensearch.com/
Origin: https://www.newgensearch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'
date: Wed, 23 Nov 2022 17:34:04 GMT
etag: W/"18947-A3eFusbh0WcsW4sIPYlfMUqfYKA"
expect-ct: max-age=0
referrer-policy: no-referrer
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 14
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rAmbHkrXZCj2QgDLS5w0AZc4oI6_9GSzJCoEU_dWSmFV9UnXbZxIQw==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gtzOoH3--VR9BQTHvU5vInc6yhBcK0-O1oBbVJpAhpRRqqKY8vAf_g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:48 GMT
age: 71297
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash a20c448cad2b176ab81f22e8da9dc451
734bdb649c380cdf20c9c40a7dd3b877c3d7f403
bcf942d2e8812e5ca92eb1a56741dc9fdddb689518b33e6cea4462fff22c7262
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 23 Nov 2022 17:34:05 GMT
Last-Modified: Wed, 23 Nov 2022 16:02:53 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OdNc7g1GCIXceAh506kZGJ7JmlFx1liJcoHMbhzbILMBCUm4Y0CpgQ==
Age: 5472
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash a20c448cad2b176ab81f22e8da9dc451
734bdb649c380cdf20c9c40a7dd3b877c3d7f403
bcf942d2e8812e5ca92eb1a56741dc9fdddb689518b33e6cea4462fff22c7262
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129854
Date: Wed, 23 Nov 2022 17:34:05 GMT
Etag: "637db18d-1d7"
Expires: Fri, 25 Nov 2022 05:38:19 GMT
Last-Modified: Wed, 23 Nov 2022 05:37:17 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ad9njSpdwNjsP2ZJZF5n2csRgqze8Kg-KwvcFqsFxPh5Wbn2uj2ahQ==
Age: 62
www.newgensearch.com/assessment?token=03AEkXODCriQHiahbJFNs2DRNuwc-95Z06EdYG6ZecpkvERIFTeQUfA2BNvQuwQmk9ziYAul3RKXXXDxX5BTAaVTmZ--_h5VkyCgs84HYzgsnChmTWa6KBNhdAGPhD3rnbsUugW-gPDIZv6s8XttucJ_K4uSLMl9NAJKZCKFS7XyCBdH18te_Hq7FQToQsbnwPd5YVlZvFFOa_Lxsm9IT1uZb4tY13HKaJMY8JHYmfyn-vp-ZLQ5G1-Cb-CWnPcBCb8QePGlFzRhzpD4-SE0DUucgdcwfy8l-Xzh1WQy98oaZ4n3oDEAk0ibuTu4LSqKRQ6q9hqVK76mVAtxkr27o_ORD5EUEkLQRsZ9GVFQuM5iXxzu-x6vG9Rs5RQIvRXa_QvRefjAd9BSL6RIjOjlIYwN0PCzbeWWa1mAWOPGxg5GqYR4k_lvn1cw0A0idPSWRWYpBX-H7vOISBuydvrokgnhR9afMwILXF-ovCgRANla9xi8yWgKxRjV8s5KnxqMbuZVDafigpasEZuTovlHPvbuoYhYfAydSohSUnrNMaS1h7Ah68pbxMNoiKMP2MPJS6UE6jYGXMODauo-h5zeZ9lEo94flpppqKQ_fX0O1RBgFAJoe_4lpVXXspvTT9LKw4ZJpRVguJdXjKowtIU4Buu7vFTCwunYNJeS05XxbR_mJM-wWCIVpkFqyp_CxWGt0U4Q3Sj4pQxJesUX3jzSp59iKpnFUWo58A5hl-wgFG2d37k_IQzKuvAzlqEADqnoXyfRSO0K-a8_55ItZIyEfAFLe6YgDY5mPl_8sFNdcm1srSd1mY2G-GA8UiDHL0Oo_QX0SDCnMn7Td5FsMHG9PXcdtjUQRBDIZxKEJJ6UyHA9EQyYIMsYZnra7hJ0KMDVcfkfJcKRHC7rw7rkUCf3Xbt5__u-sfOz5Krt8G-caen45t3oodSewmsqInx4jI7FAANXh4eJHtmX-hu4NCHL7spIEBd-D6KBD2CNgmH6xBO1wj1TJhnRIwneEDa6m7nBqVIJpahR5CtxgbiJ3obrd3lEDEyHUOUyzUG2PbDOPIBWEavtM2XK6qLTat0Os2K_NSMRIJCXTPEUkKCTDaCV2688pnkKrbGkBHtN6YywAUTumJWfPkwot8cMr4yOyja6u9kkcNODxWvUsXW76yHlWgDCemEMZxP6VOMMqby6eiGt6JPV_9OK6RCM2Af_-W8di_arNT_9qPnNUH47ZHc9fc93eWk1Seb6C1Lw&gd=sy1003377&page=content_page<=2662
54.230.111.82200 OK 2 B URL HTTP/2 www.newgensearch.com/assessment?token=03AEkXODCriQHiahbJFNs2DRNuwc-95Z06EdYG6ZecpkvERIFTeQUfA2BNvQuwQmk9ziYAul3RKXXXDxX5BTAaVTmZ--_h5VkyCgs84HYzgsnChmTWa6KBNhdAGPhD3rnbsUugW-gPDIZv6s8XttucJ_K4uSLMl9NAJKZCKFS7XyCBdH18te_Hq7FQToQsbnwPd5YVlZvFFOa_Lxsm9IT1uZb4tY13HKaJMY8JHYmfyn-vp-ZLQ5G1-Cb-CWnPcBCb8QePGlFzRhzpD4-SE0DUucgdcwfy8l-Xzh1WQy98oaZ4n3oDEAk0ibuTu4LSqKRQ6q9hqVK76mVAtxkr27o_ORD5EUEkLQRsZ9GVFQuM5iXxzu-x6vG9Rs5RQIvRXa_QvRefjAd9BSL6RIjOjlIYwN0PCzbeWWa1mAWOPGxg5GqYR4k_lvn1cw0A0idPSWRWYpBX-H7vOISBuydvrokgnhR9afMwILXF-ovCgRANla9xi8yWgKxRjV8s5KnxqMbuZVDafigpasEZuTovlHPvbuoYhYfAydSohSUnrNMaS1h7Ah68pbxMNoiKMP2MPJS6UE6jYGXMODauo-h5zeZ9lEo94flpppqKQ_fX0O1RBgFAJoe_4lpVXXspvTT9LKw4ZJpRVguJdXjKowtIU4Buu7vFTCwunYNJeS05XxbR_mJM-wWCIVpkFqyp_CxWGt0U4Q3Sj4pQxJesUX3jzSp59iKpnFUWo58A5hl-wgFG2d37k_IQzKuvAzlqEADqnoXyfRSO0K-a8_55ItZIyEfAFLe6YgDY5mPl_8sFNdcm1srSd1mY2G-GA8UiDHL0Oo_QX0SDCnMn7Td5FsMHG9PXcdtjUQRBDIZxKEJJ6UyHA9EQyYIMsYZnra7hJ0KMDVcfkfJcKRHC7rw7rkUCf3Xbt5__u-sfOz5Krt8G-caen45t3oodSewmsqInx4jI7FAANXh4eJHtmX-hu4NCHL7spIEBd-D6KBD2CNgmH6xBO1wj1TJhnRIwneEDa6m7nBqVIJpahR5CtxgbiJ3obrd3lEDEyHUOUyzUG2PbDOPIBWEavtM2XK6qLTat0Os2K_NSMRIJCXTPEUkKCTDaCV2688pnkKrbGkBHtN6YywAUTumJWfPkwot8cMr4yOyja6u9kkcNODxWvUsXW76yHlWgDCemEMZxP6VOMMqby6eiGt6JPV_9OK6RCM2Af_-W8di_arNT_9qPnNUH47ZHc9fc93eWk1Seb6C1Lw&gd=sy1003377&page=content_page<=2662
IP 54.230.111.82:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /assessment?token=03AEkXODCriQHiahbJFNs2DRNuwc-95Z06EdYG6ZecpkvERIFTeQUfA2BNvQuwQmk9ziYAul3RKXXXDxX5BTAaVTmZ--_h5VkyCgs84HYzgsnChmTWa6KBNhdAGPhD3rnbsUugW-gPDIZv6s8XttucJ_K4uSLMl9NAJKZCKFS7XyCBdH18te_Hq7FQToQsbnwPd5YVlZvFFOa_Lxsm9IT1uZb4tY13HKaJMY8JHYmfyn-vp-ZLQ5G1-Cb-CWnPcBCb8QePGlFzRhzpD4-SE0DUucgdcwfy8l-Xzh1WQy98oaZ4n3oDEAk0ibuTu4LSqKRQ6q9hqVK76mVAtxkr27o_ORD5EUEkLQRsZ9GVFQuM5iXxzu-x6vG9Rs5RQIvRXa_QvRefjAd9BSL6RIjOjlIYwN0PCzbeWWa1mAWOPGxg5GqYR4k_lvn1cw0A0idPSWRWYpBX-H7vOISBuydvrokgnhR9afMwILXF-ovCgRANla9xi8yWgKxRjV8s5KnxqMbuZVDafigpasEZuTovlHPvbuoYhYfAydSohSUnrNMaS1h7Ah68pbxMNoiKMP2MPJS6UE6jYGXMODauo-h5zeZ9lEo94flpppqKQ_fX0O1RBgFAJoe_4lpVXXspvTT9LKw4ZJpRVguJdXjKowtIU4Buu7vFTCwunYNJeS05XxbR_mJM-wWCIVpkFqyp_CxWGt0U4Q3Sj4pQxJesUX3jzSp59iKpnFUWo58A5hl-wgFG2d37k_IQzKuvAzlqEADqnoXyfRSO0K-a8_55ItZIyEfAFLe6YgDY5mPl_8sFNdcm1srSd1mY2G-GA8UiDHL0Oo_QX0SDCnMn7Td5FsMHG9PXcdtjUQRBDIZxKEJJ6UyHA9EQyYIMsYZnra7hJ0KMDVcfkfJcKRHC7rw7rkUCf3Xbt5__u-sfOz5Krt8G-caen45t3oodSewmsqInx4jI7FAANXh4eJHtmX-hu4NCHL7spIEBd-D6KBD2CNgmH6xBO1wj1TJhnRIwneEDa6m7nBqVIJpahR5CtxgbiJ3obrd3lEDEyHUOUyzUG2PbDOPIBWEavtM2XK6qLTat0Os2K_NSMRIJCXTPEUkKCTDaCV2688pnkKrbGkBHtN6YywAUTumJWfPkwot8cMr4yOyja6u9kkcNODxWvUsXW76yHlWgDCemEMZxP6VOMMqby6eiGt6JPV_9OK6RCM2Af_-W8di_arNT_9qPnNUH47ZHc9fc93eWk1Seb6C1Lw&gd=sy1003377&page=content_page<=2662 HTTP/1.1
Host: www.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newgensearch.com/onlineshopping
Connection: keep-alive
Cookie: cfsfuid=cb8d39e3-4bb5-4891-ab6a-99cbd2e0271b; cfsf_session_id=3ed1ea2a-e595-499e-ab43-1ff10640695d; tfd=bde578ea-9d49-4e91-ab92-ca340ac81393; subid=0; _gcl_au=1.1.1467377493.1669224844; _ga=GA1.2.1334745659.1669224844; _gid=GA1.2.612133131.1669224844; _gat_UA-186408652-4=1; be_id=3c0f5790-7680-4231-a083-50b2d7879137; cf_beid=5bdb2b75-578e-4954-ad35-e4dcf61074ea; _cq_duid=1.1669224845.zhmQM0OqVxfA5Klz; _cq_suid=1.1669224845.ESYp1ZGcT7id8EKR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 2
accept-ch: Sec-CH-UA-Bitness,Sec-CH-UA-Bitness,Sec-CH-UA-Bitness,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Platform,Sec-CH-UA
access-control-allow-origin: *
date: Wed, 23 Nov 2022 17:34:05 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cu5b9gbffom9SsVVaBsr4OWxLP80X9T_AOejVYHilv69OGHgdYZNhA==
X-Firefox-Spdy: h2
beacon.newgensearch.com/met
143.204.55.103204 No Content 0 B URL HTTP/2 beacon.newgensearch.com/met
IP 143.204.55.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /met HTTP/1.1
Host: beacon.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 451
Origin: https://www.newgensearch.com
Connection: keep-alive
Referer: https://www.newgensearch.com/
Cookie: _gcl_au=1.1.1467377493.1669224844; _ga=GA1.2.1334745659.1669224844; _gid=GA1.2.612133131.1669224844; _gat_UA-186408652-4=1; be_id=3c0f5790-7680-4231-a083-50b2d7879137; cf_beid=5bdb2b75-578e-4954-ad35-e4dcf61074ea
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 17:34:05 GMT
expect-ct: max-age=0
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 2
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _W2jaoR0-mmQ4WePZYGTTbpnL4DTDH5wO4hvoqcpkSrP5Dh2E8NoLg==
X-Firefox-Spdy: h2
sns-p-search-event-tracker-us-east-1-k8s.seccint.com/?eventtype=idp_impression&src=5
52.71.20.68204 No Content 0 B URL HTTP/1.1 sns-p-search-event-tracker-us-east-1-k8s.seccint.com/?eventtype=idp_impression&src=5
IP 52.71.20.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /?eventtype=idp_impression&src=5 HTTP/1.1
Host: sns-p-search-event-tracker-us-east-1-k8s.seccint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newgensearch.com/
Origin: https://www.newgensearch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Nov 2022 17:34:05 GMT
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
vary: Access-Control-Request-Headers
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Connection: keep-alive
bite.australiarevival.com/ct?id=7934&url=https%3A%2F%2Fwww.newgensearch.com%2Fonlineshopping&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669224845157&hl=1&op=0&ag=1317291471&rand=647251958628188906150808210071681199579295561750122888226806106856111526817&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDQyNzhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDEsMCwwLDEsMCwwLDAsMCwxLDMsMCwyLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNSJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI4LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZGF0YUxheWVyXCIsXCJyZV9hY3Rpb25cIixcImN1c3RvbVwiLFwid2VicGFja0NodW5rc2VhcmNoX3NlcnBfYXJiaXRyYWdlXCIsXCJkZXBsb3lKYXZhXCIsXCJEZXRlY3RvclwiLFwic3dmb2JqZWN0XCIsXCJtdXJtdXJoYXNoM18zMl9nY1wiLFwiQ2xpZW50SlNcIixcIlVBUGFyc2VyXCIsXCJfX2NvcmUtanNfc2hhcmVkX19cIixcIiRNVUlEXCIsXCIkVzEwTk9PUFwiLFwiJGluaXRDb21wb25lbnRzXCIsXCIkTUNcIixcIl9fX2dyZWNhcHRjaGFfY2ZnXCIsXCJncmVjYXB0Y2hhXCIsXCJfX3JlY2FwdGNoYV9hcGlcIixcIl9fZ29vZ2xlX3JlY2FwdGNoYV9jbGllbnRcIixcImV4ZWN1dGVcIixcInJjY3BfdGltZVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImdhcGx1Z2luc1wiLFwiZ2FHbG9iYWxcIixcImdhRGF0YVwiLFwid2FpdEZvclZpZXdhYmxlXCIsXCJzZXRJbm5lckhUTUxcIixcImNmYXV4XCIsXCJyZWNhcHRjaGFcIixcImNsb3N1cmVfbG1fOTYxMTk5XCIsXCJjZm1wcm1zXCIsXCJjZmJjb25cIixcImNmYnVybFwiLFwibVVybFwiLFwiZ2RcIixcImNmYnRlcm1cIixcInNyY1NjcmlwdGNoZXFcIixcImVycm9yRGF0YVwiLFwiZnBcIixcInBcIixcInBhaW50XCIsXCJiZWFjb25cIixcImJsb2JcIixcInNlbmRNZXRyaWNcIixcIm9uQ2hlcVJlc3BvbnNlXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJcInVuc3BlY2lmaWVkXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiMTYiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMDIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDkzOSwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjEzMzQ3NDU2NTkuMTY2OTIyNDg0NCJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTIyNDg0NTEzMiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMzk2LDAsMzEsMCwwLDMwNCwyNjcsLTEsMCwsMTIyMywyNDIxLDI0MjAiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltdLFwiZFwiOltdLFwiYlwiOltcIl8xXCIsXCIzNjQzNDg5Mjg1XCJdLFwic1wiOjF9Il0sWyJkZGIiLCIwLDcsMCwxLDAsMywwLDAsMCwwLDAsMCwwLDAsMSwwLDIsMSwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDIsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDMsMywwLDE0LDAsMiwwLDAsMCwwLDAiXSxbImJuY2giLDY5XSxbImFibmNoIiw2OV1d&dep=0&pre=0&sdd=%7B%7D&cri=ziZ85AZt2K&pto=2446&ver=48&gac=1334745659.1669224844&mei=&ap=&duid=1.1669224845.zhmQM0OqVxfA5Klz&suid=1.1669224845.ESYp1ZGcT7id8EKR&tuid=1.1669224845.sJLHohLYBfPhcDB8&fbc=->m=W10%3D&it=25%2C2250%2C23&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
34.199.234.25200 OK 992 B URL HTTP/2 bite.australiarevival.com/ct?id=7934&url=https%3A%2F%2Fwww.newgensearch.com%2Fonlineshopping&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669224845157&hl=1&op=0&ag=1317291471&rand=647251958628188906150808210071681199579295561750122888226806106856111526817&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDQyNzhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDEsMCwwLDEsMCwwLDAsMCwxLDMsMCwyLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNSJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI4LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZGF0YUxheWVyXCIsXCJyZV9hY3Rpb25cIixcImN1c3RvbVwiLFwid2VicGFja0NodW5rc2VhcmNoX3NlcnBfYXJiaXRyYWdlXCIsXCJkZXBsb3lKYXZhXCIsXCJEZXRlY3RvclwiLFwic3dmb2JqZWN0XCIsXCJtdXJtdXJoYXNoM18zMl9nY1wiLFwiQ2xpZW50SlNcIixcIlVBUGFyc2VyXCIsXCJfX2NvcmUtanNfc2hhcmVkX19cIixcIiRNVUlEXCIsXCIkVzEwTk9PUFwiLFwiJGluaXRDb21wb25lbnRzXCIsXCIkTUNcIixcIl9fX2dyZWNhcHRjaGFfY2ZnXCIsXCJncmVjYXB0Y2hhXCIsXCJfX3JlY2FwdGNoYV9hcGlcIixcIl9fZ29vZ2xlX3JlY2FwdGNoYV9jbGllbnRcIixcImV4ZWN1dGVcIixcInJjY3BfdGltZVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImdhcGx1Z2luc1wiLFwiZ2FHbG9iYWxcIixcImdhRGF0YVwiLFwid2FpdEZvclZpZXdhYmxlXCIsXCJzZXRJbm5lckhUTUxcIixcImNmYXV4XCIsXCJyZWNhcHRjaGFcIixcImNsb3N1cmVfbG1fOTYxMTk5XCIsXCJjZm1wcm1zXCIsXCJjZmJjb25cIixcImNmYnVybFwiLFwibVVybFwiLFwiZ2RcIixcImNmYnRlcm1cIixcInNyY1NjcmlwdGNoZXFcIixcImVycm9yRGF0YVwiLFwiZnBcIixcInBcIixcInBhaW50XCIsXCJiZWFjb25cIixcImJsb2JcIixcInNlbmRNZXRyaWNcIixcIm9uQ2hlcVJlc3BvbnNlXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJcInVuc3BlY2lmaWVkXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiMTYiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMDIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDkzOSwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjEzMzQ3NDU2NTkuMTY2OTIyNDg0NCJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTIyNDg0NTEzMiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMzk2LDAsMzEsMCwwLDMwNCwyNjcsLTEsMCwsMTIyMywyNDIxLDI0MjAiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltdLFwiZFwiOltdLFwiYlwiOltcIl8xXCIsXCIzNjQzNDg5Mjg1XCJdLFwic1wiOjF9Il0sWyJkZGIiLCIwLDcsMCwxLDAsMywwLDAsMCwwLDAsMCwwLDAsMSwwLDIsMSwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDIsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDMsMywwLDE0LDAsMiwwLDAsMCwwLDAiXSxbImJuY2giLDY5XSxbImFibmNoIiw2OV1d&dep=0&pre=0&sdd=%7B%7D&cri=ziZ85AZt2K&pto=2446&ver=48&gac=1334745659.1669224844&mei=&ap=&duid=1.1669224845.zhmQM0OqVxfA5Klz&suid=1.1669224845.ESYp1ZGcT7id8EKR&tuid=1.1669224845.sJLHohLYBfPhcDB8&fbc=->m=W10%3D&it=25%2C2250%2C23&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
IP 34.199.234.25:0
File type HTML document, ASCII text, with very long lines (2728), with no line terminators
Hash 8a0a3dcffb17b2a237856c5b5d78fdc0
18ecf001fd4e0af093c9513f22716a313e0b6ccd
25a1f99ffc02f86ea0e040ee44b9af8c03899c8f2a484447198cdce32c23910b
GET /ct?id=7934&url=https%3A%2F%2Fwww.newgensearch.com%2Fonlineshopping&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669224845157&hl=1&op=0&ag=1317291471&rand=647251958628188906150808210071681199579295561750122888226806106856111526817&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDQyNzhdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDEsMCwwLDEsMCwwLDAsMCwxLDMsMCwyLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNSJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI4LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZGF0YUxheWVyXCIsXCJyZV9hY3Rpb25cIixcImN1c3RvbVwiLFwid2VicGFja0NodW5rc2VhcmNoX3NlcnBfYXJiaXRyYWdlXCIsXCJkZXBsb3lKYXZhXCIsXCJEZXRlY3RvclwiLFwic3dmb2JqZWN0XCIsXCJtdXJtdXJoYXNoM18zMl9nY1wiLFwiQ2xpZW50SlNcIixcIlVBUGFyc2VyXCIsXCJfX2NvcmUtanNfc2hhcmVkX19cIixcIiRNVUlEXCIsXCIkVzEwTk9PUFwiLFwiJGluaXRDb21wb25lbnRzXCIsXCIkTUNcIixcIl9fX2dyZWNhcHRjaGFfY2ZnXCIsXCJncmVjYXB0Y2hhXCIsXCJfX3JlY2FwdGNoYV9hcGlcIixcIl9fZ29vZ2xlX3JlY2FwdGNoYV9jbGllbnRcIixcImV4ZWN1dGVcIixcInJjY3BfdGltZVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJnb29nbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcImdhcGx1Z2luc1wiLFwiZ2FHbG9iYWxcIixcImdhRGF0YVwiLFwid2FpdEZvclZpZXdhYmxlXCIsXCJzZXRJbm5lckhUTUxcIixcImNmYXV4XCIsXCJyZWNhcHRjaGFcIixcImNsb3N1cmVfbG1fOTYxMTk5XCIsXCJjZm1wcm1zXCIsXCJjZmJjb25cIixcImNmYnVybFwiLFwibVVybFwiLFwiZ2RcIixcImNmYnRlcm1cIixcInNyY1NjcmlwdGNoZXFcIixcImVycm9yRGF0YVwiLFwiZnBcIixcInBcIixcInBhaW50XCIsXCJiZWFjb25cIixcImJsb2JcIixcInNlbmRNZXRyaWNcIixcIm9uQ2hlcVJlc3BvbnNlXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJcInVuc3BlY2lmaWVkXCIiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiMTYiXSxbLTE4LCJbMSwwLDAsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMDIsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDkzOSwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjEzMzQ3NDU2NTkuMTY2OTIyNDg0NCJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTIyNDg0NTEzMiwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMzk2LDAsMzEsMCwwLDMwNCwyNjcsLTEsMCwsMTIyMywyNDIxLDI0MjAiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltdLFwiZFwiOltdLFwiYlwiOltcIl8xXCIsXCIzNjQzNDg5Mjg1XCJdLFwic1wiOjF9Il0sWyJkZGIiLCIwLDcsMCwxLDAsMywwLDAsMCwwLDAsMCwwLDAsMSwwLDIsMSwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDIsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDMsMywwLDE0LDAsMiwwLDAsMCwwLDAiXSxbImJuY2giLDY5XSxbImFibmNoIiw2OV1d&dep=0&pre=0&sdd=%7B%7D&cri=ziZ85AZt2K&pto=2446&ver=48&gac=1334745659.1669224844&mei=&ap=&duid=1.1669224845.zhmQM0OqVxfA5Klz&suid=1.1669224845.ESYp1ZGcT7id8EKR&tuid=1.1669224845.sJLHohLYBfPhcDB8&fbc=->m=W10%3D&it=25%2C2250%2C23&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: bite.australiarevival.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Wed, 23 Nov 2022 17:34:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=ffa360efd15cc594fd844430ec9e666d; Max-Age=29030400; Path=/; Expires=Wed, 25 Oct 2023 17:34:05 GMT; HttpOnly; Secure; SameSite=None
content-length: 992
X-Firefox-Spdy: h2
sns-p-search-event-tracker-us-east-1-k8s.seccint.com/?eventtype=idp_impression&src=5
52.71.20.68204 No Content 0 B URL HTTP/1.1 sns-p-search-event-tracker-us-east-1-k8s.seccint.com/?eventtype=idp_impression&src=5
IP 52.71.20.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?eventtype=idp_impression&src=5 HTTP/1.1
Host: sns-p-search-event-tracker-us-east-1-k8s.seccint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newgensearch.com/
Content-Type: application/json
Origin: https://www.newgensearch.com
Content-Length: 1699
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
access-control-allow-origin: *
date: Wed, 23 Nov 2022 17:34:05 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 4
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Connection: keep-alive
bite.australiarevival.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c537ee4f8e989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59188e693b19501a0ca1bfea87231fd3808f0779694fff7d24578232db34930c3401279052550c3c5159c0b83f5d79b06da277d35bf99225f95271a80f337b14de41f054bbd4829d6ce67d59bb6ccaba2832c45d6d1f205b9cc80274ed15f6b882bc0a0cad37eba738e83fda60d437dc5b26aa2615b112420f3c890f24a7dfb9ea67f66d9a538f48ac517373b8d737783b7b49f33ccbc84faf4c2af993b43c4d683ec4c47b61998a4e17294271040fa08a2f682c54a6f94b2a8fa3f32f96b40f204b2dacf0f0909f24acc1cc04be44965e3f66d1fadff7aa269aceba2fd3734ddbe6d66b5f51e93f3aefc7413aad8daa36dc5ee115edd9079d11979621917b6dc9d967813bc7c0f4e1dbbaf1132bea3df4eeab6a0e6aaed96091b75ea116540bc5232597ccc3c881a4d57e883dd3deedde36ae6c7c3083683b9384d1166790a633aa0ba7cb0dd639ef71415f5fc935a906d1cbee27f88b78895ce28cfdd56c89555246fb1e4c132d182f91f935e3118397cb77f1ca3eadc07a80d4bfbe33cfb4e77e68758fe5486fddf7511a4db4a2a224f82890815ff3e32fb160bd379553c809d4ae38aa0635b0ebcb322d357202340a5a11a3e38e68da06b25b041b7499c94fa0d97e44a8c9dac1e026d0f1f6bfc3a1fbe3415d3de54680b0506c81476d1fd27d281205b67ac5014aa6ec98378215ac4799b73e89fd54cd690533211c7d159ac9e6d93873519f0606efafa1e4e8b63a77c8d0e52ee2bd7b69c4c0507c3feb9bb23b3da565c1068d10e223894b98b1538ae66db1c0d18ccf5568b9b16720d73b&cri=ziZ85AZt2K&ts=517&cb=1669224845674
34.199.234.25200 OK 43 B URL HTTP/2 bite.australiarevival.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c537ee4f8e989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59188e693b19501a0ca1bfea87231fd3808f0779694fff7d24578232db34930c3401279052550c3c5159c0b83f5d79b06da277d35bf99225f95271a80f337b14de41f054bbd4829d6ce67d59bb6ccaba2832c45d6d1f205b9cc80274ed15f6b882bc0a0cad37eba738e83fda60d437dc5b26aa2615b112420f3c890f24a7dfb9ea67f66d9a538f48ac517373b8d737783b7b49f33ccbc84faf4c2af993b43c4d683ec4c47b61998a4e17294271040fa08a2f682c54a6f94b2a8fa3f32f96b40f204b2dacf0f0909f24acc1cc04be44965e3f66d1fadff7aa269aceba2fd3734ddbe6d66b5f51e93f3aefc7413aad8daa36dc5ee115edd9079d11979621917b6dc9d967813bc7c0f4e1dbbaf1132bea3df4eeab6a0e6aaed96091b75ea116540bc5232597ccc3c881a4d57e883dd3deedde36ae6c7c3083683b9384d1166790a633aa0ba7cb0dd639ef71415f5fc935a906d1cbee27f88b78895ce28cfdd56c89555246fb1e4c132d182f91f935e3118397cb77f1ca3eadc07a80d4bfbe33cfb4e77e68758fe5486fddf7511a4db4a2a224f82890815ff3e32fb160bd379553c809d4ae38aa0635b0ebcb322d357202340a5a11a3e38e68da06b25b041b7499c94fa0d97e44a8c9dac1e026d0f1f6bfc3a1fbe3415d3de54680b0506c81476d1fd27d281205b67ac5014aa6ec98378215ac4799b73e89fd54cd690533211c7d159ac9e6d93873519f0606efafa1e4e8b63a77c8d0e52ee2bd7b69c4c0507c3feb9bb23b3da565c1068d10e223894b98b1538ae66db1c0d18ccf5568b9b16720d73b&cri=ziZ85AZt2K&ts=517&cb=1669224845674
IP 34.199.234.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c537ee4f8e989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59188e693b19501a0ca1bfea87231fd3808f0779694fff7d24578232db34930c3401279052550c3c5159c0b83f5d79b06da277d35bf99225f95271a80f337b14de41f054bbd4829d6ce67d59bb6ccaba2832c45d6d1f205b9cc80274ed15f6b882bc0a0cad37eba738e83fda60d437dc5b26aa2615b112420f3c890f24a7dfb9ea67f66d9a538f48ac517373b8d737783b7b49f33ccbc84faf4c2af993b43c4d683ec4c47b61998a4e17294271040fa08a2f682c54a6f94b2a8fa3f32f96b40f204b2dacf0f0909f24acc1cc04be44965e3f66d1fadff7aa269aceba2fd3734ddbe6d66b5f51e93f3aefc7413aad8daa36dc5ee115edd9079d11979621917b6dc9d967813bc7c0f4e1dbbaf1132bea3df4eeab6a0e6aaed96091b75ea116540bc5232597ccc3c881a4d57e883dd3deedde36ae6c7c3083683b9384d1166790a633aa0ba7cb0dd639ef71415f5fc935a906d1cbee27f88b78895ce28cfdd56c89555246fb1e4c132d182f91f935e3118397cb77f1ca3eadc07a80d4bfbe33cfb4e77e68758fe5486fddf7511a4db4a2a224f82890815ff3e32fb160bd379553c809d4ae38aa0635b0ebcb322d357202340a5a11a3e38e68da06b25b041b7499c94fa0d97e44a8c9dac1e026d0f1f6bfc3a1fbe3415d3de54680b0506c81476d1fd27d281205b67ac5014aa6ec98378215ac4799b73e89fd54cd690533211c7d159ac9e6d93873519f0606efafa1e4e8b63a77c8d0e52ee2bd7b69c4c0507c3feb9bb23b3da565c1068d10e223894b98b1538ae66db1c0d18ccf5568b9b16720d73b&cri=ziZ85AZt2K&ts=517&cb=1669224845674 HTTP/1.1
Host: bite.australiarevival.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Cookie: cg_uuid=ffa360efd15cc594fd844430ec9e666d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Wed, 23 Nov 2022 17:34:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-186408652-4&cid=1334745659.1669224844&jid=2064218233&_u=YEBAAEAAAAAAACAAI~&z=1911159106
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-186408652-4&cid=1334745659.1669224844&jid=2064218233&_u=YEBAAEAAAAAAACAAI~&z=1911159106
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-186408652-4&cid=1334745659.1669224844&jid=2064218233&_u=YEBAAEAAAAAAACAAI~&z=1911159106 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 17:34:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 17:34:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beacon.newgensearch.com/met
143.204.55.103204 No Content 0 B URL HTTP/2 beacon.newgensearch.com/met
IP 143.204.55.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /met HTTP/1.1
Host: beacon.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 531
Origin: https://www.newgensearch.com
Connection: keep-alive
Referer: https://www.newgensearch.com/
Cookie: _gcl_au=1.1.1467377493.1669224844; _ga=GA1.2.1334745659.1669224844; _gid=GA1.2.612133131.1669224844; _gat_UA-186408652-4=1; be_id=3c0f5790-7680-4231-a083-50b2d7879137; cf_beid=5bdb2b75-578e-4954-ad35-e4dcf61074ea; _cq_duid=1.1669224845.zhmQM0OqVxfA5Klz; _cq_suid=1.1669224845.ESYp1ZGcT7id8EKR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 17:34:06 GMT
expect-ct: max-age=0
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: istio-envoy
set-cookie: cheq=1pEWIyn4xXTl3ro2wf8t1gKx%2BPHdf3e%2FnizwydnWUWfC8B5kTtvJIiDIHCNmD1ZKzXrr; Domain=.newgensearch.com; Path=/; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 3
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rsitPbRLdxM5iEQWj_DE1OzyJIVlnyasCPYAudn-WWWEFWG8Xb0WaQ==
X-Firefox-Spdy: h2
sns-p-search-event-tracker-us-east-1-k8s.seccint.com/?eventtype=idp_viewability&src=5
52.71.20.68204 No Content 0 B URL HTTP/1.1 sns-p-search-event-tracker-us-east-1-k8s.seccint.com/?eventtype=idp_viewability&src=5
IP 52.71.20.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /?eventtype=idp_viewability&src=5 HTTP/1.1
Host: sns-p-search-event-tracker-us-east-1-k8s.seccint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newgensearch.com/
Origin: https://www.newgensearch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Nov 2022 17:34:06 GMT
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
vary: Access-Control-Request-Headers
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Connection: keep-alive
sns-p-search-event-tracker-us-east-1-k8s.seccint.com/?eventtype=idp_viewability&src=5
52.71.20.68204 No Content 0 B URL HTTP/1.1 sns-p-search-event-tracker-us-east-1-k8s.seccint.com/?eventtype=idp_viewability&src=5
IP 52.71.20.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?eventtype=idp_viewability&src=5 HTTP/1.1
Host: sns-p-search-event-tracker-us-east-1-k8s.seccint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newgensearch.com/
Content-Type: application/json
Origin: https://www.newgensearch.com
Content-Length: 1539
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
access-control-allow-origin: *
date: Wed, 23 Nov 2022 17:34:06 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 38
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Connection: keep-alive
bite.australiarevival.com/mon
34.199.234.25200 OK 0 B URL HTTP/2 bite.australiarevival.com/mon
IP 34.199.234.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: bite.australiarevival.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1345
Origin: https://www.newgensearch.com
Connection: keep-alive
Referer: https://www.newgensearch.com/
Cookie: cg_uuid=ffa360efd15cc594fd844430ec9e666d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.newgensearch.com
content-type: application/json
date: Wed, 23 Nov 2022 17:34:06 GMT
content-length: 0
X-Firefox-Spdy: h2
bite.australiarevival.com/mon
34.199.234.25200 OK 0 B URL HTTP/2 bite.australiarevival.com/mon
IP 34.199.234.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: bite.australiarevival.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1345
Origin: https://www.newgensearch.com
Connection: keep-alive
Referer: https://www.newgensearch.com/
Cookie: cg_uuid=ffa360efd15cc594fd844430ec9e666d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.newgensearch.com
content-type: application/json
date: Wed, 23 Nov 2022 17:34:08 GMT
content-length: 0
X-Firefox-Spdy: h2
bite.australiarevival.com/mon
34.199.234.25200 OK 0 B URL HTTP/2 bite.australiarevival.com/mon
IP 34.199.234.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: bite.australiarevival.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1345
Origin: https://www.newgensearch.com
Connection: keep-alive
Referer: https://www.newgensearch.com/
Cookie: cg_uuid=ffa360efd15cc594fd844430ec9e666d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.newgensearch.com
content-type: application/json
date: Wed, 23 Nov 2022 17:34:10 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.newgensearch.com/serp-ng-static/1.58.0/97c0e6ec.css
54.230.111.68200 OK 0 B URL HTTP/2 cdn.newgensearch.com/serp-ng-static/1.58.0/97c0e6ec.css
IP 54.230.111.68:0
GET /serp-ng-static/1.58.0/97c0e6ec.css HTTP/1.1
Host: cdn.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 21 Sep 2022 08:39:09 GMT
x-amz-version-id: kphMaeXluUlyS6vB3RbqNXIiXCEcZzZU
server: AmazonS3
content-encoding: gzip
date: Wed, 23 Nov 2022 13:36:06 GMT
etag: W/"b56641bc28e83b0222ee0e134edf7555"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mLVCsTK62ihBuNDo3aNE5EwnEICbJOPlPYvutvHy1po1CrV34rc0kQ==
age: 14278
X-Firefox-Spdy: h2
cdn.newgensearch.com/serp-ng-static/js/client.min.js
54.230.111.68200 OK 0 B URL HTTP/2 cdn.newgensearch.com/serp-ng-static/js/client.min.js
IP 54.230.111.68:0
GET /serp-ng-static/js/client.min.js HTTP/1.1
Host: cdn.newgensearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 09 Jun 2021 12:10:42 GMT
x-amz-version-id: WmqLmL9LsPNLbRmEJiWDzwHeAfI9DkuF
server: AmazonS3
content-encoding: gzip
date: Tue, 22 Nov 2022 23:00:47 GMT
etag: W/"8211e8cabd327c8db58a2854c4b89636"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: azvgv2h4bsKQKWB4uIrvjEjkJPL1WfxWXuWhCCGFxLURT7gKm3jJug==
age: 66797
X-Firefox-Spdy: h2
www.idp-cf.com/tag?&tagId=tagId1&cType=1&sid=3ed1ea2a-e595-499e-ab43-1ff10640695d&domain=newgensearch&gd=sy1003377&encExtParams=
54.230.111.96200 OK 0 B URL HTTP/2 www.idp-cf.com/tag?&tagId=tagId1&cType=1&sid=3ed1ea2a-e595-499e-ab43-1ff10640695d&domain=newgensearch&gd=sy1003377&encExtParams=
IP 54.230.111.96:0
GET /tag?&tagId=tagId1&cType=1&sid=3ed1ea2a-e595-499e-ab43-1ff10640695d&domain=newgensearch&gd=sy1003377&encExtParams= HTTP/1.1
Host: www.idp-cf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.newgensearch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Wed, 23 Nov 2022 17:34:04 GMT
etag: W/"3f4e-J4P0Wxf5JDZxkjiMCS+vQnH7yDA"
expect-ct: max-age=0
referrer-policy: no-referrer
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 4
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ESmTMmU35GxAEUWL4aF3t_GjF7b51D3-QOX9DaMa_MkD4Uo-q59dyQ==
X-Firefox-Spdy: h2