Submitted URL: http://www.newser.com//contests.aspx
Effective URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Submission: On September 16 via api from US — Scanned from DE

Summary

This website contacted 40 IPs in 5 countries across 27 domains to perform 107 HTTP transactions. The main IP is 40.114.51.62, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.newser.com. The Cisco Umbrella rank of the primary domain is 240927.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 3rd 2024. Valid for: a year.
This is the only time www.newser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 40.114.51.62 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
38 2620:1ec:29:1... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:275... 16509 (AMAZON-02)
3 104.18.21.206 13335 (CLOUDFLAR...)
2 142.250.185.226 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
4 2600:9000:264... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
1 104.26.12.205 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
3 104.16.202.119 13335 (CLOUDFLAR...)
2 157.240.252.13 32934 (FACEBOOK)
2 18.244.18.38 16509 (AMAZON-02)
1 2600:9000:264... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 34.160.152.31 396982 (GOOGLE-CL...)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 2600:9000:223... 16509 (AMAZON-02)
1 18.205.223.166 14618 (AMAZON-AES)
1 2600:9000:225... 16509 (AMAZON-02)
1 172.66.43.157 13335 (CLOUDFLAR...)
1 3.228.121.230 14618 (AMAZON-AES)
1 172.66.40.43 13335 (CLOUDFLAR...)
1 54.81.180.79 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.228.35.64 14618 (AMAZON-AES)
8 18.66.147.49 16509 (AMAZON-02)
1 3.230.82.49 14618 (AMAZON-AES)
2 172.64.144.166 13335 (CLOUDFLAR...)
4 18.207.73.182 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 18.66.147.31 16509 (AMAZON-02)
107 40
Apex Domain
Subdomains
Transfer
42 newser.com
www.newser.com — Cisco Umbrella Rank: 240927
static1-azrcdn.newser.com — Cisco Umbrella Rank: 416782
static2-azrcdn.newser.com — Cisco Umbrella Rank: 506684
img2-azrcdn.newser.com — Cisco Umbrella Rank: 240769
img1-azrcdn.newser.com — Cisco Umbrella Rank: 242487
sli.newser.com — Cisco Umbrella Rank: 483996
347 KB
9 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4181
129 KB
6 pub.network
a.pub.network — Cisco Umbrella Rank: 4376
d.pub.network — Cisco Umbrella Rank: 4828
c.pub.network — Cisco Umbrella Rank: 4455
146 KB
5 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 36869
event.insticator.com — Cisco Umbrella Rank: 26224
395 B
5 cloudfront.net
df80k0z3fi8zg.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
358 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4054
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 688
156 KB
4 gstatic.com
fonts.gstatic.com
73 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3998
i.liadm.com — Cisco Umbrella Rank: 540
rp.liadm.com — Cisco Umbrella Rank: 964
rp4.liadm.com — Cisco Umbrella Rank: 5572
43 KB
3 4dsply.com
cdn.engine.4dsply.com — Cisco Umbrella Rank: 27618
engine.4dsply.com — Cisco Umbrella Rank: 26467
115 KB
3 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 25831
geoip.instiengage.com — Cisco Umbrella Rank: 33331
auth.instiengage.com — Cisco Umbrella Rank: 25882
9 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
180 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1700
134 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 194
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
89 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1497
pixel.quantserve.com — Cisco Umbrella Rank: 1058
10 KB
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1491
28 KB
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1714
load77.exelator.com — Cisco Umbrella Rank: 5119
990 B
1 google.de
www.google.de — Cisco Umbrella Rank: 10137
63 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1564
201 B
1 dotsply.com
dotsply.com — Cisco Umbrella Rank: 40693
1 purple-hit.com
purple-hit.com — Cisco Umbrella Rank: 728545
5 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1541
641 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1876
15 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2048
154 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
105 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
0 simpli.fi Failed
i.simpli.fi Failed
107 27
Domain Requested by
22 img1-azrcdn.newser.com www.newser.com
static1-azrcdn.newser.com
11 img2-azrcdn.newser.com www.newser.com
static1-azrcdn.newser.com
9 cdn.privacy-mgmt.com a.pub.network
cdn.privacy-mgmt.com
4 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
4 fonts.gstatic.com fonts.googleapis.com
4 d3lcz8vpax4lo2.cloudfront.net www.newser.com
d3lcz8vpax4lo2.cloudfront.net
4 static1-azrcdn.newser.com www.newser.com
3 a.pub.network www.newser.com
a.pub.network
3 www.newser.com 2 redirects
2 c.pub.network a.pub.network
2 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
2 cdn.confiant-integrations.net d3lcz8vpax4lo2.cloudfront.net
cdn.confiant-integrations.net
2 region1.analytics.google.com www.googletagmanager.com
2 sb.scorecardresearch.com www.newser.com
2 connect.facebook.net www.newser.com
connect.facebook.net
2 cdn.engine.4dsply.com www.newser.com
cdn.engine.4dsply.com
2 platform.twitter.com static1-azrcdn.newser.com
platform.twitter.com
2 securepubads.g.doubleclick.net www.newser.com
securepubads.g.doubleclick.net
1 sli.newser.com www.newser.com
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 engine.4dsply.com cdn.engine.4dsply.com
1 pixel.quantserve.com www.newser.com
1 rp4.liadm.com www.newser.com
1 rp.liadm.com 1 redirects
1 www.google.de www.newser.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 ping.chartbeat.net www.newser.com
1 dotsply.com cdn.engine.4dsply.com
1 i.liadm.com b-code.liadm.com
1 purple-hit.com www.newser.com
1 auth.instiengage.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.instiengage.com d3lcz8vpax4lo2.cloudfront.net
1 rules.quantcount.com secure.quantserve.com
1 load77.exelator.com www.newser.com
1 d.pub.network www.newser.com
1 static.chartbeat.com www.newser.com
1 secure.quantserve.com www.newser.com
1 api.ipify.org static1-azrcdn.newser.com
1 loadus.exelator.com www.newser.com
1 product.instiengage.com www.newser.com
1 df80k0z3fi8zg.cloudfront.net www.newser.com
1 b-code.liadm.com www.newser.com
1 www.googletagmanager.com www.newser.com
1 static2-azrcdn.newser.com www.newser.com
1 fonts.googleapis.com www.newser.com
0 i.simpli.fi Failed www.newser.com
107 46

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.microsoft.com
www.dojomojo.com
Subject Issuer Validity Valid
*.newser.com
Go Daddy Secure Certificate Authority - G2
2024-01-03 -
2025-02-03
a year crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
static1-azrcdn.newser.com
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
static2-azrcdn.newser.com
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.liadm.com
Amazon RSA 2048 M03
2023-12-02 -
2024-12-29
a year crt.sh
pub.network
WE1
2024-07-21 -
2024-10-19
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA
2024-05-17 -
2025-05-17
a year crt.sh
img2-azrcdn.newser.com
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
img1-azrcdn.newser.com
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.exelator.com
GlobalSign RSA OV SSL CA 2018
2024-05-29 -
2025-06-30
a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-08 -
2025-07-07
a year crt.sh
ipify.org
WE1
2024-09-15 -
2024-12-14
3 months crt.sh
quantserve.com
R11
2024-08-23 -
2024-11-21
3 months crt.sh
4dsply.com
E5
2024-08-24 -
2024-11-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-06-25 -
2024-09-23
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2024-05-15 -
2025-06-06
a year crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
d.pub.network
WR3
2024-09-12 -
2024-12-11
3 months crt.sh
1605158521.rsc.cdn77.org
E6
2024-08-30 -
2024-11-28
3 months crt.sh
purple-hit.com
WE1
2024-08-01 -
2024-10-30
3 months crt.sh
dotsply.com
WE1
2024-08-02 -
2024-10-31
3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1
2023-11-20 -
2024-12-20
a year crt.sh
*.google.de
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M03
2024-09-07 -
2025-10-06
a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA
2024-08-01 -
2025-08-28
a year crt.sh
confiant-integrations.net
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
*.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
c.pub.network
WR3
2024-09-09 -
2024-12-08
3 months crt.sh
sli.newser.com
Amazon RSA 2048 M02
2024-02-29 -
2025-03-30
a year crt.sh

This page contains 6 frames:

Primary Page: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Frame ID: E072837176C97EB7D64980369388FEE8
Requests: 99 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 7468202073529464C83D9AF4236BD186
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-08x8?duid=685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c&euns=0&pt=500&s=&version=v3.0.11&cd=.newser.com
Frame ID: 5F47360C7B39FAA6DAD2C25467CB6B54
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.newser.com
Frame ID: DCC27714DF19ADDA753F86A94A599552
Requests: 1 HTTP requests in this frame

Frame: https://dotsply.com/pixel/fetch
Frame ID: CB191B051D70A97DF015C3A188706DF5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1172510&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Frame ID: AB9989EACB9AD1A7E4BA3F143C678638
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Newser

Page URL History Show full URLs

  1. http://www.newser.com//contests.aspx HTTP 307
    https://www.newser.com//contests.aspx HTTP 307
    http://www.newser.com//contests.aspx HTTP 301
    https://www.newser.com/contests.aspx HTTP 302
    https://www.newser.com/contests/196/win-a-european-river-cruise.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

98 %
HTTPS

48 %
IPv6

27
Domains

46
Subdomains

40
IPs

5
Countries

1948 kB
Transfer

6677 kB
Size

72
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.newser.com//contests.aspx HTTP 307
    https://www.newser.com//contests.aspx HTTP 307
    http://www.newser.com//contests.aspx HTTP 301
    https://www.newser.com/contests.aspx HTTP 302
    https://www.newser.com/contests/196/win-a-european-river-cruise.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77
  • https://rp.liadm.com/j?dtstmp=1726463264823&aid=a-08x8&se=e30&duid=685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c&tv=v3.0.11&pu=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&wpn=lc-bundle&wpv=v3.0.11&cd=.newser.com&c=PHRpdGxlPgoJTmV3c2VyCjwvdGl0bGU-PGxpbmsgaWQ9IkxpbmtDYW5vbmljYWwiIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy5uZXdzZXIuY29tL2NvbnRlc3RzLzE5Ni93aW4tYS1ldXJvcGVhbi1yaXZlci1jcnVpc2UuaHRtbCI- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1726463264823&aid=a-08x8&se=e30&duid=685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c&tv=v3.0.11&pu=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&wpn=lc-bundle&wpv=v3.0.11&cd=.newser.com&c=PHRpdGxlPgoJTmV3c2VyCjwvdGl0bGU-PGxpbmsgaWQ9IkxpbmtDYW5vbmljYWwiIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy5uZXdzZXIuY29tL2NvbnRlc3RzLzE5Ni93aW4tYS1ldXJvcGVhbi1yaXZlci1jcnVpc2UuaHRtbCI-&i6=MmEwMTo0YTA6MTMzODo5Mzo6MTA%3D&n3pc=true

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request win-a-european-river-cruise.html
www.newser.com/contests/196/
Redirect Chain
  • http://www.newser.com//contests.aspx
  • https://www.newser.com//contests.aspx
  • http://www.newser.com//contests.aspx
  • https://www.newser.com/contests.aspx
  • https://www.newser.com/contests/196/win-a-european-river-cruise.html
179 KB
58 KB
Document
General
Full URL
https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
144f35b94b65fff856d786ee358ad81b53b309191ef3bb8b4d89c795a9c7bd88

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private, no-store
content-encoding
gzip
content-length
58962
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 05:07:43 GMT
expires
Mon, 16 Sep 2024 05:06:43 GMT
formvariables
newsercookie
USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1704697412&VISITORCLASSIFICATION=P&PWASTATUS=Unknown
pragma
no-cache
rawurl
/contests/196/win-a-european-river-cruise.html
scheme
https
vary
Accept-Encoding

Redirect headers

cache-control
private, no-store
content-length
163
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 05:07:43 GMT
expires
Mon, 16 Sep 2024 05:06:40 GMT
formvariables
location
/contests/196/win-a-european-river-cruise.html
newsercookie
ASP.NET_SessionId=4tepfhf4w2wsz2kk0mowcdo3,USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1704697412&VISITORCLASSIFICATION=P&PWASTATUS=Unknown
pragma
no-cache
rawurl
/contests.aspx
scheme
https
css
fonts.googleapis.com/
21 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a062e0e787bb046a98cffae66da174b664ef4305940eaa11fc0bb04ebaf08bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 05:07:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Sep 2024 05:07:44 GMT
stylesheet.ashx
static1-azrcdn.newser.com/stylesheets/20240912_1100/
157 KB
37 KB
Stylesheet
General
Full URL
https://static1-azrcdn.newser.com/stylesheets/20240912_1100/stylesheet.ashx?file=responsive.css
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f7bf981e07742cd959b3a73ac7f9f71761bd7cdaac70370db0eacc3d77af87b3

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
br
rawurl
/stylesheets/20240912_1100/stylesheet.ashx?file=responsive.css
vary
Accept-Encoding
x-azure-ref
20240916T050744Z-15c6b57478b6h755spqf6xzvac00000006cg000000006xud
content-type
text/css; charset=utf-8
x-cache
TCP_HIT
cache-control
public, max-age=2592000
newsercookie
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
formvariables
scheme
https
jquery-1.12.4.min.js
static1-azrcdn.newser.com/javascript/20240912_1100/
114 KB
45 KB
Script
General
Full URL
https://static1-azrcdn.newser.com/javascript/20240912_1100/jquery-1.12.4.min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
br
last-modified
Fri, 04 Dec 2020 19:36:38 GMT
vary
Accept-Encoding
x-azure-ref
20240916T050744Z-15c6b57478b6h755spqf6xzvac00000006cg000000006xue
content-type
text/javascript
x-cache
TCP_HIT
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
javascript.ashx
static1-azrcdn.newser.com/javascript/20240912_1100/
211 KB
60 KB
Script
General
Full URL
https://static1-azrcdn.newser.com/javascript/20240912_1100/javascript.ashx?file=newser.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc813e1dd1a255a115036362df2e1bd23134d53d216325b461c955963888e6a6

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
br
rawurl
/javascript/20240912_1100/javascript.ashx?file=newser.js
vary
Accept-Encoding
x-azure-ref
20240916T050744Z-15c6b57478b6h755spqf6xzvac00000006cg000000006xuf
content-type
text/javascript; charset=utf-8
x-cache
TCP_HIT
cache-control
public, max-age=2592000
newsercookie
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
formvariables
scheme
https
modernizr-custom.js
static2-azrcdn.newser.com/javascript/20240912_1100/
2 KB
1 KB
Script
General
Full URL
https://static2-azrcdn.newser.com/javascript/20240912_1100/modernizr-custom.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:17 GMT
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/javascript
x-azure-ref
20240916T050744Z-15f966665cftmn89gtryuwkq8000000004sg000000007hk4
cache-control
max-age=604800
x-fd-int-roxy-purgeid
69076744
jcarousel_min.js
static1-azrcdn.newser.com/javascript/20240912_1100/
18 KB
6 KB
Script
General
Full URL
https://static1-azrcdn.newser.com/javascript/20240912_1100/jcarousel_min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:17 GMT
vary
Accept-Encoding
x-azure-ref
20240916T050744Z-15c6b57478b6h755spqf6xzvac00000006cg000000006xuv
content-type
text/javascript
x-cache
TCP_HIT
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
js
www.googletagmanager.com/gtag/
318 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P52WHCWTWV
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a55784be740b950c6fdfd4c7db2202d4869d8bfd47c8da6fe8e04e5044de0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107037
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Sep 2024 05:07:44 GMT
a-08x8.min.js
b-code.liadm.com/
120 KB
42 KB
Script
General
Full URL
https://b-code.liadm.com/a-08x8.min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d48c1bde0b0c0db8213d9083ee7cd04ed7b8cc7c92c6ebf2ec49fa86fe555c03

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 18:01:46 GMT
content-encoding
gzip
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
age
39958
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
x-amz-cf-id
BZFGdewLiDVtWhNkNK_pnTpObgKQV16GWzjE36Wc4sDdhY1oo14_PA==
cls.css
a.pub.network/newser-com/
3 KB
1 KB
Stylesheet
General
Full URL
https://a.pub.network/newser-com/cls.css
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67184300bc2a44c2abc7f5bded0e85cc1d72be986cf3640228a7e7adf2284bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
AD-8ljvQ0LqF8Dq6xn4hU57b5hOMFaRTfrI3eRjKOEW1mgfX7P6aBpgYvEWOHDvY3plHhWa5fPxDEJCKAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Sep 2024 22:20:56 GMT
server
cloudflare
etag
W/"808cf3a3d5bb0e50903cffefa258a1a7"
vary
Accept-Encoding
x-goog-generation
1726179656793980
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=HczKFg==, md5=gIzzo9W7DlCQPP/volihpw==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
3397
cf-ray
8c3e55a88ed6ca85-HAM
expires
Mon, 16 Sep 2024 05:37:44 GMT
pubfig.min.js
a.pub.network/newser-com/
38 KB
15 KB
Script
General
Full URL
https://a.pub.network/newser-com/pubfig.min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7473405d849d60fee21acf5633a9b407098befc396ff55f19081d35753c422ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
283053
x-guploader-uploadid
AD-8ljsoSkRZe4MPQshpZ0Qpu1ue2QsS5bIntDwfU7SLkNxoigH6eyniWDrojO4N8qnGLfYbmvdvFvFufQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Sep 2024 22:20:57 GMT
server
cloudflare
etag
W/"78643af5a82b468a9ee40c62b5295449"
vary
Accept-Encoding
x-goog-generation
1726179657144583
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=VZwHWw==, md5=eGQ69agrRoqe5AxitSlUSQ==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
38988
cf-ray
8c3e55aa7829ca85-HAM
link
<https://d.pub.network/v2/sites/newser-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires
Mon, 16 Sep 2024 05:37:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
104 KB
32 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7418570bf66af9c46ab4d7ee4d94afc5a07b215f5af669cbc689b17b16e0cb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32317
x-xss-protection
0
server
cafe
etag
773 / 19982 / 31087121 / config-hash: 6381089854016581128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Sep 2024 05:07:44 GMT
e00696e5-c08d-4b5c-9057-03b6196101e5.js
df80k0z3fi8zg.cloudfront.net/files/instibid/
519 KB
164 KB
Script
General
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/e00696e5-c08d-4b5c-9057-03b6196101e5.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63b0809d81a3706bd1b1a7ee861c92f6c70d4057b3715457d34598a305275256

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
gaTjjCqqwVNx7xPTlB7k71s1T9VfC4n_
content-encoding
gzip
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 04:58:07 GMT
last-modified
Fri, 23 Aug 2024 16:16:20 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
5691
x-amz-server-side-encryption
AES256
etag
W/"b4196e392cf2587035654e9fa71abbae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xu58OhXXmEGF3mhBlQrn9EdhC0zK6GAFAxaqbyVjKGe3K8nzYTx1dg==
e00696e5-c08d-4b5c-9057-03b6196101e5.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/
45 KB
14 KB
Script
General
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/e00696e5-c08d-4b5c-9057-03b6196101e5.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
048a5b15d77b6cd7bf8ca5c99bbd76981847393d71e97196bb38ba7e5c7cf649

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
dYpzvCpJ.DDnidejvxm8Ec91l4iqWkbK
content-encoding
gzip
via
1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 05:07:45 GMT
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Fri, 23 Aug 2024 16:16:21 GMT
server
AmazonS3
etag
W/"ae308e9b2d363243b8b78031fb2c2ecd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
T_eGZzDFV6oOjoms1BBsG6c2J2jVX1d-_VhR3GkwqmnxjYMUbUpQgg==
e00696e5-c08d-4b5c-9057-03b6196101e5.js
product.instiengage.com/product-loader-code/
31 KB
9 KB
Script
General
Full URL
https://product.instiengage.com/product-loader-code/e00696e5-c08d-4b5c-9057-03b6196101e5.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:3c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
302e9b5294e6f8e7c29938d4c6e8c673fd83a09f160a4593655f104d965e2171

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
PoJrZIvcNoTgVyhTbNRZ1a2urpRYlyWa
content-encoding
br
via
1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 05:07:43 GMT
last-modified
Thu, 22 Aug 2024 15:02:54 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
18
x-amz-server-side-encryption
AES256
etag
W/"6fba9831cbaf4ff87c6fdaecbd47cce5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600,public
x-amz-cf-id
BvQ5hCuSUh7dPft8PFJbOU0IkyzpePKnAPPOqUevy2ym7KdQ4d-7cQ==
Back-Arrow-Button5.png
img2-azrcdn.newser.com/images/header/
267 B
511 B
Image
General
Full URL
https://img2-azrcdn.newser.com/images/header/Back-Arrow-Button5.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5f4dab3572c89dac7558d2ca1f0796c28a1a556f3b98114a629bf1fbf618415

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Thu, 20 Oct 2022 14:20:47 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p000000000633p
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
267
NewserLogo2.png
img1-azrcdn.newser.com/images/header/
4 KB
4 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/NewserLogo2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
652a0a2dedd0fca57dc278b3f353136bad04c2fca0f5ba53356d7a28675b4330

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Thu, 20 Oct 2022 14:19:32 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vfg
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
3844
menu2.png
img1-azrcdn.newser.com/images/header/
265 B
508 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/menu2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vfr
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
265
next-active.png
img1-azrcdn.newser.com/images/header/
1 KB
1 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/next-active.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vfs
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1304
next-inactive.png
img1-azrcdn.newser.com/images/header/
1 KB
1 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/next-inactive.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vfv
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1096
prev-active.png
img1-azrcdn.newser.com/images/header/
1 KB
1 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/prev-active.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vg6
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1295
prev-inactive.png
img1-azrcdn.newser.com/images/header/
1 KB
1 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/prev-inactive.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vg7
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1071
spacer.gif
img1-azrcdn.newser.com/images/
43 B
285 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/spacer.gif
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vg8
x-cache
TCP_HIT
content-type
image/gif
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
43
Suggest_Icon.png
img1-azrcdn.newser.com/images/
723 B
966 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/Suggest_Icon.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vg9
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
723
Apple.png
img1-azrcdn.newser.com/images/footer/
511 B
754 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/footer/Apple.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vga
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
511
Android.png
img1-azrcdn.newser.com/images/footer/
647 B
890 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/footer/Android.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgb
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
647
Windows.png
img1-azrcdn.newser.com/images/footer/
573 B
816 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/footer/Windows.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgc
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
573
icon-72r2.png
img2-azrcdn.newser.com/images/pwa/
2 KB
2 KB
Image
General
Full URL
https://img2-azrcdn.newser.com/images/pwa/icon-72r2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:15 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p0000000006344
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
2120
1557586-0-20240916000743.jpeg
img1-azrcdn.newser.com/image/
52 KB
52 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/image/1557586-0-20240916000743.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9f30a720da615dfd871c1ec93735f88983f4001c48cd893a09c13d16d7b9bcc

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
rawurl
/image/1557586-0-20240916000743.jpeg
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgd
x-cache
TCP_MISS
content-type
image/jpeg
cache-control
public, max-age=86400
newsercookie
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
53000
formvariables
scheme
https
1556172-0-20240916000743.jpeg
img1-azrcdn.newser.com/image/
52 KB
52 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/image/1556172-0-20240916000743.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a6872d67ee63fba07581f72b52c599327f2d69d41dacbea353ea2cf8cfe193ae

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
rawurl
/image/1556172-0-20240916000743.jpeg
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vge
x-cache
TCP_MISS
content-type
image/jpeg
cache-control
public, max-age=86400
newsercookie
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
53393
formvariables
scheme
https
suggest2.png
img2-azrcdn.newser.com/images/footer/
560 B
803 B
Image
General
Full URL
https://img2-azrcdn.newser.com/images/footer/suggest2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5ec8330a90caef4a8979d42f25f7e37780ad2cf4d86902b9e47eb57b00eee66

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p0000000006345
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
560
settings2-white.png
img1-azrcdn.newser.com/images/footer/
709 B
952 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/footer/settings2-white.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1b54acfbe06d7df692389f781ce59e80007ee8fb61e64b00156668858113a29

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgf
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
709
newsletter_white.svg
img2-azrcdn.newser.com/images/header/
912 B
1 KB
Image
General
Full URL
https://img2-azrcdn.newser.com/images/header/newsletter_white.svg
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p0000000006346
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
912
sitemap_white.png
img1-azrcdn.newser.com/images/header/
387 B
630 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/sitemap_white.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b16c65034fa0ea7fe927b302d2042b038b94d18a1ac0d4d53a0d1f8e7093f16b

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Tue, 29 Jun 2021 21:11:48 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgk
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
387
/
loadus.exelator.com/load/
124 B
506 B
Script
General
Full URL
https://loadus.exelator.com/load/?p=320&g=001&c=700151&ctg=&subctg=&ag=&gd=
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Mon, 16 Sep 2024 05:07:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
content-type
application/x-javascript;charset=UTF-8
dpx.js
i.simpli.fi/
0
0

abp.png
img2-azrcdn.newser.com/images/
2 KB
2 KB
Image
General
Full URL
https://img2-azrcdn.newser.com/images/abp.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p0000000006347
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1639
ubo.png
img2-azrcdn.newser.com/images/
2 KB
2 KB
Image
General
Full URL
https://img2-azrcdn.newser.com/images/ubo.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p0000000006348
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1613
ghostery.png
img1-azrcdn.newser.com/images/
2 KB
2 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/images/ghostery.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgm
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1612
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20240912_1100/javascript.ashx?file=newser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 05:07:44 GMT
Content-Encoding
gzip
Age
348
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/6795)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
/
api.ipify.org/
21 B
154 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20240912_1100/jquery-1.12.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f716ce32b51c41b869f3e2325257c5fd04db650d2ff14ee234ec1e7fe54126b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8c3e55aade57bbbf-FRA
content-length
21
quant.js
secure.quantserve.com/
23 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 23 Sep 2024 05:07:44 GMT
infinity.js.aspx
cdn.engine.4dsply.com/Scripts/
167 KB
52 KB
Script
General
Full URL
https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ca4e17ddbe6896b44dfe7f7e349a9b28d57fb50d34348a073d7f1df9822e80

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Sep 2024 05:01:34 GMT
server
cloudflare
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=900
cf-ray
8c3e55aaec8c6a61-HAM
alt-svc
h3=":443"; ma=86400
expires
Mon, 16 Sep 2024 05:22:44 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
b8a750a563d51523e1abb19818a24857fdfbd8d20489eb7054845a93f0ca2240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Sep 2024 05:07:44 GMT
content-md5
ZjERmQbG678XZ6jXG1xMow==
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4457, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
jwefoPtEi4NuhPbIJsRCMo7h++oKM7gMyGqcEtDErp/7yUdr9iZgzYWn2IOnMEOdKKVHZh9eRSA6aFR++Lfu9g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a0169026b2ace7c4af950e0ed59a39c0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"739dcd6f3f31b0f32779736bb1e5fbf3"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 16 Sep 2024 05:13:26 GMT
calendar_close.png
img1-azrcdn.newser.com/images/
303 B
546 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/calendar_close.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgn
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
303
left_month.png
img1-azrcdn.newser.com/images/
274 B
517 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/left_month.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgp
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
274
right_month.png
img2-azrcdn.newser.com/images/
259 B
502 B
Image
General
Full URL
https://img2-azrcdn.newser.com/images/right_month.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p0000000006349
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
259
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:18:59 GMT
content-encoding
gzip
via
1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
last-modified
Fri, 03 May 2024 13:20:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
10126
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
Lodd5itrzAaMUseYW-UUInVpA2seQveX0_Ruy1hCJrs5u3Flfl7i1w==
chartbeat.js
static.chartbeat.com/js/
38 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:7800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 16:21:36 GMT
content-encoding
gzip
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 00:13:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
45968
etag
W/"665fad8c-9895"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ed_01Fwwpa2NosEpo0UfOd54--Yds7EuJr9oo9EB-ENe3aAmSl8ewA==
expires
Mon, 16 Sep 2024 16:21:36 GMT
triangle_white_down.svg
img1-azrcdn.newser.com/images/header/
618 B
865 B
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/triangle_white_down.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20240912_1100/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgq
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
618
user_white.svg
img2-azrcdn.newser.com/images/header/
1 KB
999 B
Image
General
Full URL
https://img2-azrcdn.newser.com/images/header/user_white.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20240912_1100/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
vary
Accept-Encoding
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p000000000634b
content-type
image/svg+xml
x-cache
TCP_HIT
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
search_white.svg
img2-azrcdn.newser.com/images/header/
916 B
1 KB
Image
General
Full URL
https://img2-azrcdn.newser.com/images/header/search_white.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20240912_1100/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p000000000634c
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
916
info-white.png
img2-azrcdn.newser.com/images/header/
433 B
676 B
Image
General
Full URL
https://img2-azrcdn.newser.com/images/header/info-white.png
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20240912_1100/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p000000000634d
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
433
settings2-white.jpg
img1-azrcdn.newser.com/images/header/
1 KB
1 KB
Image
General
Full URL
https://img1-azrcdn.newser.com/images/header/settings2-white.jpg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20240912_1100/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15f966665cfklw2vww8kcp34cs0000000530000000005vgr
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1244
emailbox.svg
img2-azrcdn.newser.com/images/inputboxes/
967 B
1 KB
Image
General
Full URL
https://img2-azrcdn.newser.com/images/inputboxes/emailbox.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20240912_1100/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a8d51e44aebeb14e1eaf612b0af9fd0e05e81bf5c6f191bc52d8f1a3fcd79a9d

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref
20240916T050744Z-15c6b57478b2fzllxygfh5s0vw00000005p000000000634e
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
967
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 14:58:56 GMT
x-content-type-options
nosniff
age
137328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Sep 2025 14:58:56 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 01:09:23 GMT
x-content-type-options
nosniff
age
187101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18492
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Sep 2025 01:09:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:09:53 GMT
x-content-type-options
nosniff
age
313071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Sep 2025 14:09:53 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 22:11:57 GMT
x-content-type-options
nosniff
age
197747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Sep 2025 22:11:57 GMT
configs
d.pub.network/v2/sites/newser-com/
105 KB
8 KB
Other
General
Full URL
https://d.pub.network/v2/sites/newser-com/configs?env=PROD
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5aac7fc7be126dc2287be4976ab0a78e7135fd728471feb9c20cab5bcdc2f82f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel.gif
load77.exelator.com/
43 B
484 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 16 Sep 2024 05:07:44 GMT
x-amz-request-id
tx0000064c9fcf37ed56883-00669f961d-aef81a4-nyc
x-accel-date-max
1722420271
x-77-cache
HIT
x-cache
HIT
x-age
581375
x-accel-date
1725881889
content-length
43
x-77-nzt
A6mW/7Y3Nzf//94IACUTwjE3Nzf/EnYKAM/T1GY29CoA
x-accel-expires
@1726918689
x-77-age
581375
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
15b3c711d93f9e4e20bde76693cc4223
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes
sdk.js
connect.facebook.net/en_US/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ee9cafa6112f4e05cddc92f101e93c4f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
bdf99ed9596c1e94631860d2a1cb13ba9caea1eae77167d083d179e3174766de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Sep 2024 05:07:44 GMT
content-md5
d0zpgJggU6gXXzu9I+xzTw==
document-policy
force-load-at-top
x-fb-server-load
24
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89219
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4423, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
w6Y1fVRu7NGGJE3J5tAfZTOM33MDA/YonZ2wEpETwwZOjMH5hl9GGv4F6SKhSy4GXi5l0ZsRa7q8KzN9f/GBFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f7a6471273007681077a5f4b583670f7
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"cc5234388fa024969e31de5273e6150b"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 16 Sep 2025 03:33:35 GMT
b
sb.scorecardresearch.com/
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035830&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1726463264528&ns_c=UTF-8&c7=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&c8=Newser&c9=
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
via
1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-amz-cf-id
1nQqoqDg8iW29jOl8KAPxmi49Fw8iS7JjykHqtZedPKhslENNrhbig==
x-cache
Miss from cloudfront
rules-p-8dMeaPxgtnRKk.js
rules.quantcount.com/
160 B
641 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-8dMeaPxgtnRKk.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0aebe0cef4647af2abdef1cf9aa06eafb565089bf76d99c6d837614bdaeb7092

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:34:34 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:23:40 GMT
server
AmazonS3
etag
"1b09857b27d8da12321de8a857d50189"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
A9g7hhkJIsCme1CtYc12b3aDsOhHTYOvdTvz6lQ60crKE-mUvO1Cbw==
e2d1ca27-0361-4054-b939-37342059d317.js
d3lcz8vpax4lo2.cloudfront.net/files/instibid/e00696e5-c08d-4b5c-9057-03b6196101e5/
519 KB
147 KB
Script
General
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/e00696e5-c08d-4b5c-9057-03b6196101e5/e2d1ca27-0361-4054-b939-37342059d317.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/e00696e5-c08d-4b5c-9057-03b6196101e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2587a34c6022f66e9d932aa250c86750d14c63e8b0e998b7803f15b03c55b80

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 02:32:12 GMT
x-amz-version-id
TVXQ0ytPiLgr.av6Umoi4FWpYGgrwcLG
content-encoding
br
via
1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
9332
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 23 Aug 2024 16:16:19 GMT
server
AmazonS3
etag
W/"a09c2f2510f6fd50e33660abdc734ee6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
3hjmfTX7sVjA90jK0RXm7KCCKKcuoRg0nTSNAj4dyC2gczS7U9CYuQ==
e2d1ca27-0361-4054-b939-37342059d317-hb.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/
125 KB
29 KB
Script
General
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/e2d1ca27-0361-4054-b939-37342059d317-hb.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/e00696e5-c08d-4b5c-9057-03b6196101e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26416cb24da219f4e197d603db69783969e112a13560fbcd81d3af8cb143262e

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
muWiXK_ktVo0oyeh5aJDL2bHpAQsPrP6
content-encoding
br
via
1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 05:07:45 GMT
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Fri, 23 Aug 2024 16:16:18 GMT
server
AmazonS3
etag
W/"8b3e4729e634c3899d275293f5d8392d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
HypoiZWzTiA_EYtgKifmuStt6ziY2ScNI7uoGKcQYYCyr-lzDkdcZw==
e2d1ca27-0361-4054-b939-37342059d317-dmp.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/
15 KB
5 KB
Script
General
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/e2d1ca27-0361-4054-b939-37342059d317-dmp.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/e00696e5-c08d-4b5c-9057-03b6196101e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:a800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1dccccf58a6319a45280ae34a36943e15d0d06a51aaedc2946b5144fbaeaaf8

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
NCxMtf30oVTXcYiIWZAiSVSJS25Q_QhV
content-encoding
br
via
1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 05:07:45 GMT
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Fri, 23 Aug 2024 16:16:18 GMT
server
AmazonS3
etag
W/"c0134fb117426e201b95c3fbbcb92108"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
ctiH_4e8HLAAJ-Sx7vZesq-Rx3ACdkEuVYkwTeBTwWxGjzSwEnwexQ==
/
geoip.instiengage.com/json/
209 B
395 B
XHR
General
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/e00696e5-c08d-4b5c-9057-03b6196101e5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.223.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-223-166.compute-1.amazonaws.com
Software
/
Resource Hash
bb3320365bf4a5951218c409be194f37865e2bbbe101889e9060d2a92bdd0dd0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 16 Sep 2024 05:07:44 GMT
access-control-allow-credentials
true
x-database-date
Mon, 16 Sep 2024 02:18:29 GMT
content-length
209
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 7468
0
0
Document
General
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/e00696e5-c08d-4b5c-9057-03b6196101e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
54
cache-control
max-age=300
content-length
75
content-type
text/html
date
Mon, 16 Sep 2024 05:06:51 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Tue, 16 Jul 2024 12:05:16 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
x-amz-cf-id
1Bg9T34O5gTYA0BthFQ0dbUYmlb_gSSl-KcesMzhaSyiC-rTxbyULw==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
moPMP4k2cVXVdeI1Q.tOg6xtomkFE0ZD
x-cache
Hit from cloudfront
Tag.a1b
purple-hit.com/-120/7f1a7287-2f7e-4f83-800d-06bd711ee14e/71307/asynch/null/123/null/true/60/1/1600/1200/null/1600x1200//
5 KB
5 KB
Script
General
Full URL
https://purple-hit.com/-120/7f1a7287-2f7e-4f83-800d-06bd711ee14e/71307/asynch/null/123/null/true/60/1/1600/1200/null/1600x1200//Tag.a1b
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf0be20579bca4e18efb2d82c0ffef3ccf1b2f4ddd35b0e9c26c04de75f0795

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
private, no-transform
cf-ray
8c3e55ac1a7c6301-HAM
alt-svc
h3=":443"; ma=86400
a-08x8
i.liadm.com/s/c/ Frame 5F47
0
0
Document
General
Full URL
https://i.liadm.com/s/c/a-08x8?duid=685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c&euns=0&pt=500&s=&version=v3.0.11&cd=.newser.com
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-08x8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.121.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-121-230.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
669
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Sep 2024 05:07:45 GMT
Request-Time
24
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame DCC2
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.newser.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
15124022
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Sep 2024 05:07:44 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
fetch
dotsply.com/pixel/ Frame CB19
0
0
Document
General
Full URL
https://dotsply.com/pixel/fetch
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
age
3286
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
8c3e55acdbf862e0-HAM
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 05:07:44 GMT
expires
Tue, 17 Sep 2024 03:07:21 GMT
last-modified
Mon, 16 Sep 2024 03:07:21 GMT
p3p
CP="CAO PSA OUR IND"
server
cloudflare
vary
*, Accept-Encoding
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=newser.com&p=%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&u=Dr2I0aCsdFNQDWYxhh&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1315&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&b=7738&t=CC2J9hC48KDhBKX7MbDdPEk4qEZB2&V=147&i=Newser&tz=-120&sn=1&sv=DWGr-jnVAVqBMnlFVDyBrf_DfXTt1&sr=external&sd=1&im=062b073f&_
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.180.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-180-79.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Mon, 16 Sep 2024 05:07:45 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
content-type
image/gif
pubfig.engine.js
a.pub.network/core/pubfig/5.110.1/
427 KB
121 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/5.110.1/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/newser-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e26142677c175caabf55e1d722bc88dc8a92b1e17fe03fcd927c5d993e0400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
289594
x-guploader-uploadid
AD-8ljs_4LZ4SYxT8xSPNWcZvyP1bmWc0njpjXMPCYD_kKRDFJmBqqPokyCyJH493OCBNsjqShfoQzl3SA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Sep 2024 17:43:18 GMT
server
cloudflare
etag
W/"325fe34e3dfa7497785d8057c7ea2675"
vary
Accept-Encoding
x-goog-hash
crc32c=HVoY/Q==, md5=Ml/jTj36dJd4XYBXx+omdQ==
x-goog-generation
1726162998840909
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
436763
access-control-expose-headers
*
cf-ray
8c3e55ac897dca85-HAM
expires
Mon, 16 Sep 2024 06:07:44 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P52WHCWTWV&gtm=45je4990v878680620za200&_p=1726463264330&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1875794821.1726463265&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726463264&sct=1&seg=0&dl=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&dt=Newser&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.visitorclassification=P&ep.pwa=N&ep.aistory=N&tfd=7847
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P52WHCWTWV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 05:07:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
254 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P52WHCWTWV&cid=1875794821.1726463265&gtm=45je4990v878680620za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P52WHCWTWV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 05:07:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P52WHCWTWV&cid=1875794821.1726463265&gtm=45je4990v878680620za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=8383166
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 05:07:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1726463264823&aid=a-08x8&se=e30&duid=685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c&tv=v3.0.11&pu=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise...
  • https://rp4.liadm.com/j?dtstmp=1726463264823&aid=a-08x8&se=e30&duid=685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c&tv=v3.0.11&pu=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruis...
43 B
377 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1726463264823&aid=a-08x8&se=e30&duid=685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c&tv=v3.0.11&pu=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&wpn=lc-bundle&wpv=v3.0.11&cd=.newser.com&c=PHRpdGxlPgoJTmV3c2VyCjwvdGl0bGU-PGxpbmsgaWQ9IkxpbmtDYW5vbmljYWwiIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy5uZXdzZXIuY29tL2NvbnRlc3RzLzE5Ni93aW4tYS1ldXJvcGVhbi1yaXZlci1jcnVpc2UuaHRtbCI-&i6=MmEwMTo0YTA6MTMzODo5Mzo6MTA%3D&n3pc=true
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Server
3.228.35.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-35-64.compute-1.amazonaws.com
Software
/
Resource Hash
635962b9e55fc9a14ac46f4e0acf51b7f7703567ab33abfbfb779a25fd0ce583

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
x-pixel-event-id
d7783336-af01-4f13-bae9-d4c5c10b5ffc
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
43

Redirect headers

location
https://rp4.liadm.com/j?dtstmp=1726463264823&aid=a-08x8&se=e30&duid=685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c&tv=v3.0.11&pu=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&wpn=lc-bundle&wpv=v3.0.11&cd=.newser.com&c=PHRpdGxlPgoJTmV3c2VyCjwvdGl0bGU-PGxpbmsgaWQ9IkxpbmtDYW5vbmljYWwiIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy5uZXdzZXIuY29tL2NvbnRlc3RzLzE5Ni93aW4tYS1ldXJvcGVhbi1yaXZlci1jcnVpc2UuaHRtbCI-&i6=MmEwMTo0YTA6MTMzODo5Mzo6MTA%3D&n3pc=true
access-control-allow-origin
https://www.newser.com
date
Mon, 16 Sep 2024 05:07:45 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
pixel;r=721942665;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html;uht=2;fpan=1;fpa=P0-1616369666-1726463264537;pbc=;ns=0;ce=1;qjs=1;qv=15...
pixel.quantserve.com/
35 B
455 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=721942665;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html;uht=2;fpan=1;fpa=P0-1616369666-1726463264537;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=newser.com;dst=1;et=1726463264824;tzo=-120;ogl=;ses=16d18a69-dbc3-4166-85a1-4664ad8b3984;mdl=
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 05:07:44 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
Tag.engine
engine.4dsply.com/
6 KB
5 KB
Script
General
Full URL
https://engine.4dsply.com/Tag.engine?time=-120&id=7f1a7287-2f7e-4f83-800d-06bd711ee14e&rand=13079&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&kw=&bp=%7B%7D
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7373bc35786408eb4fdcf88064afd79152d66ab029cb30a29488adf68a24897

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
private, no-transform
cf-ray
8c3e55ad8e006a61-HAM
alt-svc
h3=":443"; ma=86400
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/
129 KB
39 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.110.1/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
336e624766f4d2eff6c85301f831bbaf2d640556581d3df97513b13c6aee4e79

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:49:27 GMT
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Aug 2024 14:24:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1099
x-amz-server-side-encryption
AES256
etag
W/"468bcb2080ccc49cfba2e9e85e5d9e6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
5qxeUKhmoEYz72B2BMmyazQ8xbYBhjU8Z9HWaFByVyKqqvx2ttPVHA==
/
geoip.insticator.com/json/
209 B
395 B
Fetch
General
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/e2d1ca27-0361-4054-b939-37342059d317-hb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.82.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-82-49.compute-1.amazonaws.com
Software
/
Resource Hash
bb3320365bf4a5951218c409be194f37865e2bbbe101889e9060d2a92bdd0dd0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 16 Sep 2024 05:07:45 GMT
access-control-allow-credentials
true
x-database-date
Sun, 15 Sep 2024 14:10:00 GMT
content-length
209
vary
Origin
content-type
application/json
config.js
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/
129 KB
28 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/e2d1ca27-0361-4054-b939-37342059d317-hb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661039fb47d6f7dab11271074de6d92c5c272777dd5c91c7f91222d326d9c6

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
YMJ630GXD0QR8FD4
age
110
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
28347
x-amz-id-2
c/UC+izE8kKtZfMgI5WZ7ZMaJOxgCBNqtFdJzD7snV5A9VGKWv8g04LcJbuNiCv31A9c3yEoc1Yy49DEvaSX7OrA4Hk+ZbPa5P9xVeitJtc=
last-modified
Mon, 16 Sep 2024 04:37:34 GMT
server
cloudflare
etag
"bf34578b3b8e7ce718367bfeeaa64af4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
cf-ray
8c3e55aebc5a6a78-TXL
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130401/
476 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130401/pubads_impl.js?cb=31087121
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
876a0cdb111525de57543701e3cc7388932950292fe8b2a5c04a13e989ea6c32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 19:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
33515
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151865
x-xss-protection
0
server
cafe
etag
14043918729147540172
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 15 Sep 2025 19:49:10 GMT
event
event.insticator.com/v1/
0
0
Fetch
General
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/e2d1ca27-0361-4054-b939-37342059d317-dmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.73.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-73-182.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 16 Sep 2024 05:07:45 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame
0
0
Preflight
General
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.73.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-73-182.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.newser.com
access-control-max-age
3600
content-length
0
date
Mon, 16 Sep 2024 05:07:45 GMT
vary
Origin
gdpr-tcf.0b327789b5d246674c71.bundle.js
cdn.privacy-mgmt.com/unified/4.25.2/
156 KB
24 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/4.25.2/gdpr-tcf.0b327789b5d246674c71.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
167422f9a1a89f8df2d51908c362a3058da461c734bc4323db6ee039c6159f45

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 14:25:35 GMT
content-encoding
br
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified
Wed, 14 Aug 2024 19:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
2731331
etag
W/"9ef6bbaf6775bf1b7a1ddd9d8051d03a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
qdQat_g1AP9h1zSbi51MnHFy3-MSN5Z8Dx4QZDW1950OSo7Jnby5-A==
usnat.9dc87f68478d1cf38b3d.bundle.js
cdn.privacy-mgmt.com/unified/4.25.2/
207 KB
25 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/4.25.2/usnat.9dc87f68478d1cf38b3d.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b59557209ef6d4088084aa94deadf086557ff61e3517ba2602a85900296442c5

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 14:26:41 GMT
content-encoding
br
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified
Wed, 14 Aug 2024 19:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
2731265
etag
W/"0cf04c6e5e0e70f533197e747735ea23"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
kuqdMvyDrkQauEXD1qJeuiNy6Gh86aDOCPGxQdbtIMPxRC6Q2EM4vA==
get_site_data
cdn.privacy-mgmt.com/mms/v2/
200 B
614 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.newser.com&account_id=1638
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
/
Resource Hash
121b049b5502e03bd4c52d8e37fc6fe4cfc522fba12ff0e947d818b8a8159ba2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 10:17:36 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-37-54
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
67809
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
rerPlHDWI4NCjDeKLnMwoVUIA1Jx4zN04q0vCwtFtIrQmcuM5dshHw==
154013155
fundingchoicesmessages.google.com/i/
208 KB
69 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130401/pubads_impl.js?cb=31087121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45dd0eafd3f7eba54eca79a05d24749c24f3579274449b3586d5838ca2ec7764
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zTZ58nHtTkGCMS3M7uu_VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zTZ58nHtTkGCMS3M7uu_VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B-IlERdZDyVeZDVUuMTqCMSqPZdYTYH4_rpLrM-BeO_HS6xHgbhI4gprExAL8XAs_DVvO5vAg9ZLixmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDY30DEzjCwwAQXVBsw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202408281111/
297 KB
106 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202408281111/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2626696382e9b963bbb2163ce47381c09359af9dea37965a9303b6ae1c1834

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
SSQWYQF98F3B57JY
age
1599158
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
107889
x-amz-id-2
F1OjrNoQMwSws0ydvQ2A1lneLz//82TWQ3/21OKMo9E3wC5VUUasTl/xBoTigNVTXi9hoROIpWY=
last-modified
Wed, 28 Aug 2024 15:18:26 GMT
server
cloudflare
etag
"4bba3a5ce05019f13906b73afe3a64fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3e55af8df26a78-TXL
meta-data
cdn.privacy-mgmt.com/wrapper/v2/
448 B
977 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1638&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%2C%22usnat%22%3A%7B%7D%7D&propertyId=33270&scriptVersion=4.25.2&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
ccdc817ee91bee15288efb71eb835e4a8c49c1a16a608fb688858bca96e22fd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
448
x-amz-cf-id
_vSltWQlwyGUXD5WFIbpNk8k_l500oY6wgaAKlN6WbtwlQHFYJoloA==
b.js
cdn.engine.4dsply.com/Scripts/MediaScripts/
179 KB
58 KB
Script
General
Full URL
https://cdn.engine.4dsply.com/Scripts/MediaScripts/b.js?v=4
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e61067a212deb6afc647fa5e6f8b5e158232cedc38d45f69ec5cb3f67a76d8

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Sep 2024 04:30:56 GMT
server
cloudflare
age
596
vary
*, Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=300
cf-ray
8c3e55b05fd76a61-HAM
alt-svc
h3=":443"; ma=86400
expires
Mon, 16 Sep 2024 05:12:45 GMT
messages
cdn.privacy-mgmt.com/wrapper/v2/
280 KB
40 KB
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1638%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%2C%22usnat%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.newser.com%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%2C%22usnat%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=45459479746375404351364545950706927&scriptVersion=4.25.2&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
1e4105a860ca4a72a2ea48b630b8fd9b935b72dc2c83a549da5de3aeee06109d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
rsVG6j18LFin7jVKdBiBCJI-il88p_4MuAVxxyFbxF_COkBogHkX_g==
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.110.1/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0ad5ec69e791cbf1ac245741bca267602c676ec56656d8653e19df50f93e49a3

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.newser.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 16 Sep 2024 05:07:45 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
event
event.insticator.com/v1/
0
0
Fetch
General
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/e2d1ca27-0361-4054-b939-37342059d317-dmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.73.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-73-182.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 16 Sep 2024 05:07:45 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/
0
0
Fetch
General
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/e00696e5-c08d-4b5c-9057-03b6196101e5/e2d1ca27-0361-4054-b939-37342059d317-dmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.73.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-73-182.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 16 Sep 2024 05:07:45 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
AGSKWxUf9F-UNwBFOwn74HEeAtYzIXqJ_6MCCxCeKg62crPKQEFvgSWiUzbj2pDE7bs7exYyl3CihqZOi62vNN3t-NuSr8ryfU35RrYZ8L7UPap4QDunKDVHUuwOtX84uuj2L9kbRXsAEA==
fundingchoicesmessages.google.com/f/
692 KB
87 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUf9F-UNwBFOwn74HEeAtYzIXqJ_6MCCxCeKg62crPKQEFvgSWiUzbj2pDE7bs7exYyl3CihqZOi62vNN3t-NuSr8ryfU35RrYZ8L7UPap4QDunKDVHUuwOtX84uuj2L9kbRXsAEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI2NDYzMjY1LDQ3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubmV3c2VyLmNvbS9jb250ZXN0cy8xOTYvd2luLWEtZXVyb3BlYW4tcml2ZXItY3J1aXNlLmh0bWwiLG51bGwsW1s4LCJnVDZfSkl2VnF0QSJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gT6_JIvVqtA.es5.O/am=KBg/d=1/rs=AJlcJMwRpqh1JG3EKV2wxWctSdZmYHrOrA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21eda68ba0b50f0f9adc58121d63432464faf291267bc8461f797ef2290f958e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-K6h8HU1UMKyJBKEfPSBjwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-K6h8HU1UMKyJBKEfPSBjwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B-IlERdZDyReZDVUuMRqD8SqPZdYjYH4_rpLrM-BeO_HS6xHgbhI4gprAxAL8XAs_DVvO5vAjW_fJjIpaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRhYGhrpGZjGFxgAAEkmQhI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
baker
sli.newser.com/
0
538 B
Image
General
Full URL
https://sli.newser.com/baker?dtstmp=1726463264823
Requested by
Host: www.newser.com
URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:2:af31:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
referrer-policy
same-origin
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
server
CloudFront
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
x-content-type-options
nosniff
x-frame-options
DENY
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
0
x-amz-cf-id
qprXIbaTECH3Myv1719kRx8lLrhaM7VhSB_YgxfxMiIVb8nXLXHT6Q==
x-xss-protection
1; mode=block
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45459479746375404351364545950706927&scriptVersion=4.25.2&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newser.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.newser.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 05:07:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-id
pto7Xwg1-nsVP8wSP_FxcGJMWGA627QJSbSMyKCJIgBVRevvS8SnJw==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/
194 B
730 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=45459479746375404351364545950706927&scriptVersion=4.25.2&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
0137a3d46b67717987744eec5a090348652c0631b065486b476fb481cd753af8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
194
x-amz-cf-id
Bg_DYpWQ-6nstA2_5_29-cfnKFgLdeOoPtCe1Ee8zWiTfDb2FidUvg==
index.html
cdn.privacy-mgmt.com/ Frame AB99
0
0
Document
General
Full URL
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1172510&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
1560
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Mon, 16 Sep 2024 04:41:46 GMT
etag
W/"72d65f01a58c964e2b78f707c8429ea3"
last-modified
Mon, 09 Sep 2024 15:06:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-id
0chKb7L6gILlyGRWgyUm8FHbNdREF2AUaJcq-PaHrOr5eoYYjpRgiA==
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
favicon.ico
img1-azrcdn.newser.com/
1 KB
2 KB
Other
General
Full URL
https://img1-azrcdn.newser.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
468855e377198e91c65d4fe2dc5b19bf9bfba5cefc95866d65277f00596a2813

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
last-modified
Mon, 06 Jul 2020 18:03:59 GMT
x-azure-ref
20240916T050745Z-15f966665cfklw2vww8kcp34cs0000000530000000005vmq
x-cache
TCP_HIT
content-type
image/x-icon
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1406
favicon.ico
img1-azrcdn.newser.com/
1 KB
0
Other
General
Full URL
https://img1-azrcdn.newser.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
468855e377198e91c65d4fe2dc5b19bf9bfba5cefc95866d65277f00596a2813

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:07:45 GMT
last-modified
Mon, 06 Jul 2020 18:03:59 GMT
x-azure-ref
20240916T050745Z-15f966665cfklw2vww8kcp34cs0000000530000000005vmq
x-cache
TCP_HIT
content-type
image/x-icon
cache-control
max-age=604800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
69076744
accept-ranges
bytes
content-length
1406
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P52WHCWTWV&gtm=45je4990v878680620za200&_p=1726463264330&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1875794821.1726463265&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1726463264&sct=1&seg=0&dl=https%3A%2F%2Fwww.newser.com%2Fcontests%2F196%2Fwin-a-european-river-cruise.html&dt=Newser&en=scroll&ep.visitorclassification=P&ep.pwa=N&ep.aistory=N&epn.percent_scrolled=90&_et=34&tfd=12883
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P52WHCWTWV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.newser.com/contests/196/win-a-european-river-cruise.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 05:07:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.simpli.fi
URL
https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Verdicts & Comments Add Verdict or Comment

476 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 number| _sf_startpt function| $ function| jQuery function| css_browser_selector number| rolloverTimeoutId number| readTimeout number| clearReadTimeout boolean| loaded boolean| ready string| browserWidthCode function| setLoaded function| setReady function| isEmpty function| IsPWAInstalled function| IsPWAStandalone function| IsPWA function| IsPWAURL function| IsPWACompatibleIOS function| IsMobile function| IsTablet function| IsDesktop function| IsMobilePWA function| IsTabletPWA function| IsDesktopPWA function| IsMobileNonPWA function| IsTabletNonPWA function| IsDesktopNonPWA function| isMobile function| BoolToString function| dateAddMinutes function| dateDiffMinutes function| compareVersions function| GetOS function| GetOSVersion function| GetOSAndVersion function| GetBrowser function| GetBrowserVersion function| GetBrowserAndVersion function| AjaxCall function| AjaxCallPost function| AjaxCallSync function| adjustVoteBoxes function| AjaxReplace function| AjaxUpdate function| AjaxUpdateAndRefresh function| ScrollTop function| GetMonthAbbreviation function| EmailAStoryShow function| EmailAStoryClose function| sendEmailStory function| sendEmailStorySuccess function| sendEmailStoryError function| ReportAStoryErrorShow function| ReportAStoryErrorClose function| ReportAStoryError function| ReportAStoryErrorSuccess function| ReportAStoryErrorError number| icurscroll number| qcurscroll function| play function| pause function| playpause function| prevImage function| nextImage function| iScrollTo function| changeiScrollCount function| checkPrevNextImage number| icruscroll2 function| play2 function| pause2 function| playpause2 function| prevImage2 function| nextImage2 function| iScrollTo2 function| changeiScrollCount2 function| checkPrevNextImage2 function| prevVideo function| nextVideo function| vScrollTo function| changeVideoCount function| checkPrevNextVideo function| playQuote function| pauseQuote function| playpauseQuote function| prevQuote function| nextQuote function| qScrollTo function| changeqScrollCount function| checkPrevNextQuote function| BuildAjaxURL function| StoryGetRows function| StoryGetRowsBuffer function| StoryGetRowsBufferCall function| StoryGetRowsBufferCallSuccess function| StoryGetRowsBufferCallError function| StoryAddToGrid function| StoryShowNBUFrontPage function| StoryShowLatest function| StoryShowPopular function| GridMainNavSelect function| ResetGridNav function| StoryShowLatestAll function| StoryShowLatestToday function| StoryShowLatestYesterday function| StoryShowLatestPickADate function| StoryShowPopularType function| StoryShowDate function| StoryReloadGrid function| StoryGetNewGrid function| StoryGetNewGridSuccess function| StoryGetNewGridError function| StoryNewGrid function| StoryStartAutorefresh function| StoryCancelAutorefresh function| StoryAutorefresh function| StoryAutorefreshSuccess function| StoryAutorefreshError function| StoryCheckAutorefresh function| StoryScrolledToTop function| StoryCheckAutorefreshScroll function| StoryViewHide function| StoryViewHideCalendar function| GetCalendarDate function| ChangeHardSoftSliderValue function| ConvertHardSoftValueToSliderValue function| ConvertSliderValueToHardSoftValue function| HardSoftLeft function| HardSoftRight function| HardSoftReset function| StoryHandleGridScroll function| Calendar function| calendarGoToDate function| calendarShowNextMonth function| calendarShowPrevMonth object| DYNIFS function| doPopup function| doPopupShow function| closePopup function| HoverScreen function| UnhoverScreen function| storyParagraphLinks function| carousel_itemLoadCallback function| carousel_initCallback object| addedItems function| carousel_itemAddCallback function| carousel_getItemHTML function| CheckForCarouselSameLink function| StoryCarouselNext function| CheckAdForRefresh function| HideSpinner function| wait function| initCarousel object| imageIDs object| mediaCount function| stopError function| sizeThis function| initCarouselGallery function| initjCarouselGallery function| initMediaArray function| selectMedia function| goNextImage function| goPrevImage function| goPlayPause function| pauseLarge function| playLarge function| checkLoadLargeMediaAd function| showAd function| hideAd function| initVideoArray function| selectVideo function| goNextVideo function| goPrevVideo function| AnalyticsCustomEvent function| VideoAnalyticsCustomEvent function| closePromotion function| closePromotionSuccess function| NavMouseOver function| NavMouseOut function| SubMenu function| showSubMenu function| hideSubMenu function| hideOverlay function| CustomizeSettingsOpen function| CustomizeSettingsClose function| markStoryRead function| isRead function| ShowLightBox function| HideLightBox function| getPageSize function| ParseMessage function| mouseLeaves function| containsForMouseLeaves function| stringTrim function| getIEVersion function| trim function| renderSquareNew function| renderSquareNewStory function| renderSquare function| IsLoggedIn function| GetCookie function| ExtractCookieValue function| createCookie function| readCookie function| GetCurrentTime function| sleep function| sleep2 object| Mouse function| mouseMoveHandler object| PositionNew function| Slider function| ToggleMyAccount function| OpenRegister function| CloseRegister function| CloseShare function| YesNoToggleClick function| ShowWhatIsThis function| HideWhatIsThis function| ShowHelp function| HideHelp function| SizeShade function| GetComments function| GetCommentsSuccess function| GetCommentsError function| ReplaceInterrupter function| InterrupterCallbackSuccess function| InterrupterCallbackError function| ScrollToId function| refreshAd function| SubmitStoryTrack function| StoryImageGalleryMore function| ScrolledToTop function| LazyLoadImagesReady function| LazyLoadImagesScroll function| alignSkin function| AreCookiesEnabled function| GetCookieValue function| GetKeyValuePair function| NewsletterSignUp function| fb_click function| tw_click function| HeaderSearch function| ShowLogin function| ShowNewserSignUp function| ShowLoggedIn function| ShowMegaMenu function| HideOtherMegaMenus function| redirectToComments function| redirectToStory function| redirectToStoryMobile function| removeQuerystring function| BuildCarouselUrl function| GetCarouselCallSuccess function| GetCarouselCallError function| ConnectionsFacebookConnect function| ConnectionsFacebookConnectSuccess function| ConnectionsFacebookDisconnect function| ConnectionsFacebookDisconnectSuccess function| ConnectionsTwitterConnect function| LogIntoNewser function| ConnectWithFacebook function| LoginWithFacebook function| TwitterResponse function| Register function| vote function| votenew function| parseQueryString function| isIE function| checkEnter function| ScrollToViewMoreImages function| StoryMediaViewMore function| MediaGetDataSuccess function| MediaGetDataError function| MediaAllResize function| MediaMainResize function| MediaOtherResize function| MediaOtherLoad function| overrideRecaptcha function| CloseAppPromo function| UpdatePageMetaData function| VotingShowResults function| CloseActionBar function| ABSwap function| RefreshGoogleAd function| doPopupR function| MetricsABR function| ABPopupShow function| ABPopupClose function| ResponsiveCheckSize function| debounce function| HomeSideBySideNavigate function| HomeSideBySideNavigateSuccess function| HomeSideBySideNavigateError function| ToggleNav function| ShowCopyURLMsg function| handleTouchStart function| handleTouchMove function| SwipeLeft function| SwipeRight boolean| IsPageVisible string| hidden string| visibilityChange function| handleVisibilityChange object| PageActivityTime function| myActivityMouseDownCheck function| myActivityTouchStartCheck function| myActivityKeyDownCheck function| myActivityScrollCheck function| myActivityMouseMoveCheck function| myActivityFocusCheck function| myActivityOnlineCheck function| myActivityResumeCheck function| MyActivity function| PageInactivitySeconds function| CheckForTopOfGridPage function| GetPageStoryIdIfNoPrev function| CheckForUpdatesStart function| CheckForUpdatesCancel function| CheckForUpdates function| CheckForUpdatesSuccess function| CheckForUpdatesError function| CheckForUpdatesDone function| ProcessUpdates function| UpdateInAppBadge function| RemoveInAppBadge function| SetInAppBadge function| FixAdsForNativo function| ShowPWAInstallPromptAndHeaderFooterIcon function| PresentAddToHome function| PresentAddToHomeStandard function| PresentAddToHomeiOS function| myAppInstalledEventHandler function| AppInstalledEventHandler function| PWAInstall function| PWAInstallSuccess function| PWAInstallError function| PWAUninstall function| PWAUninstallSuccess function| PWAUninstallError function| PWAVisit function| PWAVisitSuccess function| PWAVisitError string| ip function| NewserLog function| FlushCachedPagesFromCache function| CountWordsHTML function| CountCharsHTML function| RefreshAdsGridLoad function| RefreshAdsImageGallery function| RefreshAdsBrowserResize function| ResetPlayWireProperties function| RefreshAdsFreestar function| RefreshAdsFreestarReload function| RefreshAdsProperNewPage function| RefreshAdsProperBuildSlots function| RefreshAdsPlayWireReinit function| RefreshAdsPlayWireImageGallery function| IsPlayWireMobileMainImageStoryPage function| PlayWireMainImageNonLazy function| RefreshAllGoogleAds function| UsageUpdate function| StoryRightRailHeight number| width number| height object| jscd object| twttr function| gtag object| dataLayer object| _qevents string| NewserClassification boolean| UsingFreestarAds object| freestar object| Insticator string| ajaxAdControl object| c object| responsiveSize number| responsiveOldSize number| responsiveNewSize function| myResponsiveCheck number| pageHeight number| pageWidth object| arrayPageSize object| jQuery112406057597777551946 object| theForm function| __doPostBack string| FBAPI function| fbAsyncInit string| sitePageName object| calObj function| focusOn boolean| PWAEnabled object| checkForUpdatesTimeOfLastCall number| checkForUpdatesRefreshSeconds number| checkForUpdatesInactivitySeconds object| _comscore object| _sf_async_config function| LazyLoadBindScroll object| _pubfigInstanceManagerConfig object| FB object| COMSCORE object| ns_p function| quantserve function| __qc object| ezt object| $jscomp function| $jscomp$lookupPolyfilledValue boolean| headerTagInjected number| insticator_tg object| federatedObj object| instBid object| InsticatorXmess object| Modernizr number| c_start number| c_end function| UserAgentParser object| g367CB268B1094004A3689751E7AC568F object| LI object| liQHub object| liQ object| liQ_instances object| __twttrll object| __twttr function| UAParser object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| fsprebid object| google_tag_manager object| google_tag_data object| __buffer object| instBidChunk object| _pbjsGlobals object| regeneratorRuntime object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| _sp_queue object| _sp_ function| _typeof function| __tcfapi function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp object| settings object| confiant object| ggeac object| google_js_reporting_queue object| InsticatorApp string| insticatorHeaderCodeVersion boolean| isPageviewSent object| _sp_wp_jsonp object| google_reactive_ads_global_state object| jQuery183045583407378094853 object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady

72 Cookies

Domain/Path Name / Value
www.newser.com/contests/196 Name: BrowserWidthCode
Value: D
www.newser.com/contests/196 Name: PWA
Value: N
www.newser.com/contests/196 Name: DeviceWidth
Value: 1600
www.newser.com/contests/196 Name: g36FastPopSessionRequestNumber
Value: 2
i.liadm.com/s Name: _li_ss
Value: CjYKBQgKEPIYCgYI3QEQ8hgKBgjhARDyGAoGCIEBEPIYCgYIogEQ8hgKBgjSARDyGAoFCH4Q8hg
.liadm.com/j Name: lidid
Value: d1eb4888-e83c-4c86-a763-ce9e27cf08a7
www.newser.com/ Name: ASP.NET_SessionId
Value: 4tepfhf4w2wsz2kk0mowcdo3
www.newser.com/ Name: USERCREDENTIALS
Value: EMAIL=&PASSWORD=&USERID=0&VISITORID=1704697412&VISITORCLASSIFICATION=P&PWASTATUS=Unknown
.newser.com/ Name: __asAB
Value: true
.newser.com/ Name: _li_dcdm_c
Value: .newser.com
.newser.com/ Name: _lc2_fpi
Value: 685da7e0008c--01j7wknhtzspgzxj1vyc9gm00c
.newser.com/ Name: _cb
Value: Dr2I0aCsdFNQDWYxhh
.newser.com/ Name: _chartbeat2
Value: .1726463264697.1726463264697.1.DWGr-jnVAVqBMnlFVDyBrf_DfXTt1.1
.newser.com/ Name: _cb_svref
Value: external
.newser.com/ Name: _ga
Value: GA1.1.1875794821.1726463265
.newser.com/ Name: _ga_P52WHCWTWV
Value: GS1.1.1726463264.1.0.1726463264.60.0.0
.quantserve.com/ Name: mc
Value: 66e7bd20-cef3f-57b20-e6851
.newser.com/ Name: __qca
Value: P0-1616369666-1726463264537
www.newser.com/ Name: plsVisitorGeo
Value: DE
www.newser.com/ Name: plsVisitorCity
Value:
www.newser.com/ Name: instiPubProvided
Value: e2cabbf3-7c4a-4b06-9a4a-6ec451fb7b70
.newser.com/ Name: _pubcid
Value: 3a5dd085-602d-491a-9684-60c91462255c
.newser.com/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.newser.com/ Name: InstiSession
Value: eyJpZCI6ImIxM2E0YWM3LTU2YjEtNDFlYy1iYTUxLTAyZGZkOGNmY2Y0MiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
purple-hit.com/ Name: IKSR
Value: {}
purple-hit.com/ Name: INF_DFL8
Value: false
purple-hit.com/ Name: IUID
Value: 9d9d3b18-b023-4adc-b761-bef260a59a55
purple-hit.com/ Name: ISSH
Value: 76090F
purple-hit.com/ Name: VMI
Value:
purple-hit.com/ Name: CHN
Value: #[]
purple-hit.com/ Name: MSSH
Value: #{}
purple-hit.com/ Name: MSRH
Value: #{}
purple-hit.com/ Name: ILP
Value: null
purple-hit.com/ Name: ILPLU
Value: #1/1/0001 12:00:00 AM
purple-hit.com/ Name: ILEALC
Value: #1/1/0001 12:00:00 AM
purple-hit.com/ Name: ILMPF
Value: #False
purple-hit.com/ Name: IPMPLU
Value: #1/1/0001 12:00:00 AM
purple-hit.com/ Name: IPMUID
Value: #
purple-hit.com/ Name: BSWUID
Value: #
purple-hit.com/ Name: IBL
Value: #[]
purple-hit.com/ Name: IOPT
Value: #[]
purple-hit.com/ Name: ISH
Value: #{"1148":[{"SId":"76090F","D":"24/9/15T22:7:45"}]}
purple-hit.com/ Name: ISH_Q
Value: #[1148]
.liadm.com/ Name: lidid
Value: d1eb4888-e83c-4c86-a763-ce9e27cf08a7
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
engine.4dsply.com/ Name: IKSR
Value: {}
engine.4dsply.com/ Name: INF_DFL8
Value: false
engine.4dsply.com/ Name: IUID
Value: 444d83cc-ea60-4d82-9b33-001e78ded2b8
engine.4dsply.com/ Name: ISSH
Value: 76090F
engine.4dsply.com/ Name: VMI
Value:
engine.4dsply.com/ Name: CHN
Value: #[]
engine.4dsply.com/ Name: MSSH
Value: #{}
engine.4dsply.com/ Name: MSRH
Value: #{}
engine.4dsply.com/ Name: ILP
Value: null
engine.4dsply.com/ Name: ILPLU
Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/ Name: ILEALC
Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/ Name: ILMPF
Value: #False
engine.4dsply.com/ Name: IPMPLU
Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/ Name: IPMUID
Value: #
engine.4dsply.com/ Name: BSWUID
Value: #
engine.4dsply.com/ Name: IBL
Value: #[]
engine.4dsply.com/ Name: IOPT
Value: #[]
engine.4dsply.com/ Name: ISH
Value: #{"1148":[{"SId":"76090F","D":"24/9/15T22:7:45"}]}
engine.4dsply.com/ Name: ISH_Q
Value: #[1148]
.demdex.net/ Name: demdex
Value: 90035233651213109921443758039647285948
.turn.com/ Name: uid
Value: 3675485415566725611
.dpm.demdex.net/ Name: dpm
Value: 90035233651213109921443758039647285948
www.newser.com/ Name: plsVisitorIp
Value: 80.255.7.116
www.newser.com/ Name: plsGeoObj
Value: {"ip":"80.255.7.116","country":"DE","region":"","city":"","zip":"","location":"51.2993,9.491"}
.rezync.com/ Name: zync-uuid
Value: 014275cc-dc84-41ab-b3a8-fc3df2b91b7d:1726463265.3240275
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiMDE0Mjc1Y2MtZGM4NC00MWFiLWIzYTgtZmMzZGYyYjkxYjdkOjE3MjY0NjMyNjUuMzI0MDI3NSJ9.Zue9IQ.cxCEbXF8WJhaOhMbCmAckpOCSxU
.newser.com/ Name: consentUUID
Value: f667f08c-b4f5-401a-857b-4835b5521d56

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript warning URL: https://www.newser.com/contests/196/win-a-european-river-cruise.html
Message:
The resource https://df80k0z3fi8zg.cloudfront.net/files/instibid/e00696e5-c08d-4b5c-9057-03b6196101e5.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
api.ipify.org
auth.instiengage.com
b-code.liadm.com
c.pub.network
cdn.confiant-integrations.net
cdn.engine.4dsply.com
cdn.privacy-mgmt.com
connect.facebook.net
d.pub.network
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dotsply.com
engine.4dsply.com
event.insticator.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geoip.insticator.com
geoip.instiengage.com
i.liadm.com
i.simpli.fi
img1-azrcdn.newser.com
img2-azrcdn.newser.com
load77.exelator.com
loadus.exelator.com
ping.chartbeat.net
pixel.quantserve.com
platform.twitter.com
product.instiengage.com
purple-hit.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
sli.newser.com
static.chartbeat.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
www.newser.com
i.simpli.fi
104.16.202.119
104.18.21.206
104.26.12.205
142.250.185.226
142.250.185.67
157.240.252.13
172.64.144.166
172.66.40.43
172.66.43.157
18.205.223.166
18.207.73.182
18.244.18.38
18.66.147.31
18.66.147.49
2001:4860:4802:32::36
2600:1f18:730:b120:cfd2:84de:c173:b11f
2600:9000:21f3:a200:2:af31:b980:93a1
2600:9000:223c:7000:6:44e3:f8c0:93a1
2600:9000:225b:3c00:9:78a:e540:93a1
2600:9000:225b:5a00:10:3422:3f00:21
2600:9000:225b:8200:9:78a:e540:93a1
2600:9000:2644:a800:1c:386f:ec80:21
2600:9000:2646:7800:18:1fcd:354:4b41
2600:9000:275d:a00:8:8845:1500:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:29:1::45
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c0a::9b
2a02:6ea0:c700::112
3.228.121.230
3.228.35.64
3.230.82.49
34.160.152.31
40.114.51.62
54.78.254.47
54.81.180.79
0137a3d46b67717987744eec5a090348652c0631b065486b476fb481cd753af8
048a5b15d77b6cd7bf8ca5c99bbd76981847393d71e97196bb38ba7e5c7cf649
0a062e0e787bb046a98cffae66da174b664ef4305940eaa11fc0bb04ebaf08bf
0ad5ec69e791cbf1ac245741bca267602c676ec56656d8653e19df50f93e49a3
0aebe0cef4647af2abdef1cf9aa06eafb565089bf76d99c6d837614bdaeb7092
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a
121b049b5502e03bd4c52d8e37fc6fe4cfc522fba12ff0e947d818b8a8159ba2
12e26142677c175caabf55e1d722bc88dc8a92b1e17fe03fcd927c5d993e0400
144f35b94b65fff856d786ee358ad81b53b309191ef3bb8b4d89c795a9c7bd88
167422f9a1a89f8df2d51908c362a3058da461c734bc4323db6ee039c6159f45
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e4105a860ca4a72a2ea48b630b8fd9b935b72dc2c83a549da5de3aeee06109d
21eda68ba0b50f0f9adc58121d63432464faf291267bc8461f797ef2290f958e
26416cb24da219f4e197d603db69783969e112a13560fbcd81d3af8cb143262e
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba
302e9b5294e6f8e7c29938d4c6e8c673fd83a09f160a4593655f104d965e2171
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b
336e624766f4d2eff6c85301f831bbaf2d640556581d3df97513b13c6aee4e79
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
45dd0eafd3f7eba54eca79a05d24749c24f3579274449b3586d5838ca2ec7764
468855e377198e91c65d4fe2dc5b19bf9bfba5cefc95866d65277f00596a2813
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4f2626696382e9b963bbb2163ce47381c09359af9dea37965a9303b6ae1c1834
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56ca4e17ddbe6896b44dfe7f7e349a9b28d57fb50d34348a073d7f1df9822e80
5aac7fc7be126dc2287be4976ab0a78e7135fd728471feb9c20cab5bcdc2f82f
5f716ce32b51c41b869f3e2325257c5fd04db650d2ff14ee234ec1e7fe54126b
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec
635962b9e55fc9a14ac46f4e0acf51b7f7703567ab33abfbfb779a25fd0ce583
63b0809d81a3706bd1b1a7ee861c92f6c70d4057b3715457d34598a305275256
652a0a2dedd0fca57dc278b3f353136bad04c2fca0f5ba53356d7a28675b4330
67184300bc2a44c2abc7f5bded0e85cc1d72be986cf3640228a7e7adf2284bec
6cf0be20579bca4e18efb2d82c0ffef3ccf1b2f4ddd35b0e9c26c04de75f0795
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14
7418570bf66af9c46ab4d7ee4d94afc5a07b215f5af669cbc689b17b16e0cb6c
7473405d849d60fee21acf5633a9b407098befc396ff55f19081d35753c422ee
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
7a55784be740b950c6fdfd4c7db2202d4869d8bfd47c8da6fe8e04e5044de0de
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95
876a0cdb111525de57543701e3cc7388932950292fe8b2a5c04a13e989ea6c32
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b
a1b54acfbe06d7df692389f781ce59e80007ee8fb61e64b00156668858113a29
a1dccccf58a6319a45280ae34a36943e15d0d06a51aaedc2946b5144fbaeaaf8
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67
a5ec8330a90caef4a8979d42f25f7e37780ad2cf4d86902b9e47eb57b00eee66
a6872d67ee63fba07581f72b52c599327f2d69d41dacbea353ea2cf8cfe193ae
a8d51e44aebeb14e1eaf612b0af9fd0e05e81bf5c6f191bc52d8f1a3fcd79a9d
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6
a9f30a720da615dfd871c1ec93735f88983f4001c48cd893a09c13d16d7b9bcc
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b16c65034fa0ea7fe927b302d2042b038b94d18a1ac0d4d53a0d1f8e7093f16b
b59557209ef6d4088084aa94deadf086557ff61e3517ba2602a85900296442c5
b7373bc35786408eb4fdcf88064afd79152d66ab029cb30a29488adf68a24897
b7e61067a212deb6afc647fa5e6f8b5e158232cedc38d45f69ec5cb3f67a76d8
b8a750a563d51523e1abb19818a24857fdfbd8d20489eb7054845a93f0ca2240
bb3320365bf4a5951218c409be194f37865e2bbbe101889e9060d2a92bdd0dd0
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703
bdf99ed9596c1e94631860d2a1cb13ba9caea1eae77167d083d179e3174766de
ccdc817ee91bee15288efb71eb835e4a8c49c1a16a608fb688858bca96e22fd3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c
d48c1bde0b0c0db8213d9083ee7cd04ed7b8cc7c92c6ebf2ec49fa86fe555c03
d5661039fb47d6f7dab11271074de6d92c5c272777dd5c91c7f91222d326d9c6
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3
f2587a34c6022f66e9d932aa250c86750d14c63e8b0e998b7803f15b03c55b80
f5f4dab3572c89dac7558d2ca1f0796c28a1a556f3b98114a629bf1fbf618415
f7bf981e07742cd959b3a73ac7f9f71761bd7cdaac70370db0eacc3d77af87b3
fc813e1dd1a255a115036362df2e1bd23134d53d216325b461c955963888e6a6
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8