login.statesman.com Open in urlscan Pro
151.101.130.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://user.statesman.com/user/enewspaper/
Effective URL:
https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspap...
Submission: On August 23 via manual (August 23rd 2024, 5:54:02 pm UTC) from US — Scanned from CA

Summary HTTP 18 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 9 domains to perform 18 HTTP transactions. The main IP is 151.101.130.62, located in San Francisco, United States and belongs to FASTLY, US. The main domain is login.statesman.com.
TLS certificate: Issued by R10 on July 6th 2024. Valid for: 3 months.

This is the only time login.statesman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 16	151.101.130.62 151.101.130.62	54113 (FASTLY) (FASTLY)
1 1	151.101.194.62 151.101.194.62	54113 (FASTLY) (FASTLY)
1	151.101.2.62 151.101.2.62	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
1 2	108.139.47.50 108.139.47.50	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.65.195 142.250.65.195	15169 (GOOGLE) (GOOGLE)
18	8

16 151.101.130.62 (San Francisco, United States) 5 redirects

ASN54113 (FASTLY, US)

user.statesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.statesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticassets.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.statesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.62 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

user.usatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.62 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.47.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-50.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	statesman.com 5 redirects user.statesman.com — Cisco Umbrella Rank: 450132 login.statesman.com www.statesman.com — Cisco Umbrella Rank: 207117	52 KB
3	gannettdigital.com staticassets.gannettdigital.com — Cisco Umbrella Rank: 408689	9 KB
3	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 16479	25 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481	247 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 278	1013 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 9677	63 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 238
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	92 KB
1	usatoday.com 1 redirects user.usatoday.com — Cisco Umbrella Rank: 33521	744 B
18	9

	Domain	Requested by
9	login.statesman.com	4 redirects login.statesman.com
3	staticassets.gannettdigital.com	login.statesman.com
3	www.gannett-cdn.com	login.statesman.com
2	sb.scorecardresearch.com	1 redirects login.statesman.com
1	www.google.ca
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.gannett-cdn.com
1	www.statesman.com	www.gannett-cdn.com
1	user.usatoday.com	1 redirects
1	user.statesman.com	1 redirects
18	12

This site contains links to these domains. Also see Links.

Domain
www.statesman.com
user.gcion.com
cm.statesman.com

Subject Issuer	Validity	Valid
statesman.com R10	`2024-07-06` - `2024-10-04`	3 months	crt.sh
usatoday.com R10	`2024-07-27` - `2024-10-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
Frame ID: 80EC609B34549D0FA238AC570F7830C1
Requests: 17 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-5JJXNTWR1D&gacid=1469287791.1724435631688&gtm=45je48l0v887636012za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1220514998
Frame ID: 65AD82A485D29FFBE1EA4393E585D768
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In - Austin American-Statesman

Page URL History Show full URLs

https://user.statesman.com/user/enewspaper/ HTTP 302
https://login.statesman.com/NAAS-GUP/authenticate?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GU... HTTP 301
https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-G... HTTP 302
https://user.usatoday.com/USAT-GUP-COOKIESERVICE/cookies/?get=returning-user&return-url=https%3A%2F%2F... HTTP 302
https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-G... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

18
Requests

83 %
HTTPS

44 %
IPv6

9
Domains

12
Subdomains

8
IPs

1
Countries

177 kB
Transfer

520 kB
Size

11
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.statesman.com/

Search URL Search Domain Scan URL

URL: https://user.gcion.com/GANNETT-GUP-PSA/psa/facebook/?return-url=https%3A%2F%2Flogin.statesman.com%2FNAAS-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26cookies%3D%26from-state%3Dmethod-select
Title: Facebook

Search URL Search Domain Scan URL

URL: https://user.gcion.com/GANNETT-GUP-PSA/psa/apple/?return-url=https%3A%2F%2Flogin.statesman.com%2FNAAS-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26cookies%3D%26from-state%3Dmethod-select
Title: Apple

Search URL Search Domain Scan URL

URL: https://user.gcion.com/GANNETT-GUP-PSA/psa/googleplus/?return-url=https%3A%2F%2Flogin.statesman.com%2FNAAS-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26cookies%3D%26from-state%3Dmethod-select
Title: Google

Search URL Search Domain Scan URL

URL: https://cm.statesman.com/account-activation/
Title: Already have a subscription? Let's activate your account

Search URL Search Domain Scan URL

URL: https://cm.statesman.com/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://cm.statesman.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cm.statesman.com/your-privacy-choices/
Title: Your Privacy Choices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://user.statesman.com/user/enewspaper/ HTTP 302
https://login.statesman.com/NAAS-GUP/authenticate?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D HTTP 301
https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D HTTP 302
https://user.usatoday.com/USAT-GUP-COOKIESERVICE/cookies/?get=returning-user&return-url=https%3A%2F%2Flogin.statesman.com%2FNAAS-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26from-state%3Dreturning-user-get-redirect HTTP 302
https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://login.statesman.com/NAAS-GUP/resources/global/gup/social/social-icons.png HTTP 301
https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/social-icons.png

Request Chain 8

https://login.statesman.com/NAAS-GUP/resources/global/gup/eye-password-icons.png HTTP 301
https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/eye-password-icons.png

Request Chain 11

https://sb.scorecardresearch.com/p?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.statesman.com%2Fnaas-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26from-state%3Dreturning-user-get-redirect%26cookies%3D&c15=a792e632-6178-11ef-9b1f-f67d89b7cb34&cs_fpid=a792e632-6178-11ef-9b1f-f67d89b7cb34&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.statesman.com%2Fnaas-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26from-state%3Dreturning-user-get-redirect%26cookies%3D&c15=a792e632-6178-11ef-9b1f-f67d89b7cb34&cs_fpid=a792e632-6178-11ef-9b1f-f67d89b7cb34&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
login.statesman.com/NAAS-GUP/authenticate/
Redirect Chain

https://user.statesman.com/user/enewspaper/
https://login.statesman.com/NAAS-GUP/authenticate?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D
https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D
https://user.usatoday.com/USAT-GUP-COOKIESERVICE/cookies/?get=returning-user&return-url=https%3A%2F%2Flogin.statesman.com%2FNAAS-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.state...
https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=

74 KB
14 KB

208ms
207ms

Document
text/html

151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf221d5fd4bcfe4496dc11ec189d25da910382dd5764327423e12cdaa6a7a5b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Fri, 23 Aug 2024 17:53:51 GMT
gup-request-id: 23c96d53209203748e3cf05331727319
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
referrer-policy: strict-origin-when-cross-origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server: nginx
vary: Accept-Encoding, Cookie, Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-clacks-overhead: GNU Terry Pratchett
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-yul1970030-YUL

Redirect headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
content-length: 0
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Fri, 23 Aug 2024 17:53:51 GMT
expires: Fri, 23 Aug 2024 17:53:51 GMT
gup-request-id: 89f98889390120f14ab78fcae431f101
location: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
referrer-policy: strict-origin-when-cross-origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server: nginx
vary: Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-clacks-overhead: GNU Terry Pratchett
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-yul1970051-YUL

GET
H2 200 UnifySansVariableWeight.woff2
login.statesman.com/static/fonts/ 20 KB
20 KB 26ms
23ms Font
font/woff2 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://login.statesman.com/static/fonts/UnifySansVariableWeight.woff2
Requested by: Host: login.statesman.com
URL: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 821730810976c6df1fec5551e14d5f0322136c64236967bbee4500e4b897f9d1

Request headers

Referer: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
Origin: https://login.statesman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 17:53:51 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1092008
x-cache: HIT, HIT
content-length: 20100
x-served-by: cache-iad-kcgs7200141-IAD, cache-yul1970030-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Fri, 09 Aug 2024 17:15:07 GMT
server: nginx
x-timer: S1724435631.399795,VS0,VE1
etag: "66b64e9b-4e84"
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: font/woff2
cache-control: public,immutable,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1120, 0

GET
H2 200 authenticate.import.min.css
login.statesman.com/NAAS-GUP/resources/authenticate/css/ 31 KB
6 KB 25ms
23ms Stylesheet
text/css 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://login.statesman.com/NAAS-GUP/resources/authenticate/css/authenticate.import.min.css?digest=5400f3c7ee9d899e343481e2516e4cd5

Requested by

Host: login.statesman.com
URL: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a40174301af904ffd37688ef5eb2a3bcf7567fa5fc9dfca2f90a4de4c6686bcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Aug 2024 17:53:51 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
gup-request-id: c93a9939de8b4708b923eb2867376ee6
age: 873249
x-cache: HIT, HIT
content-length: 6011
x-served-by: cache-iad-kcgs7200139-IAD, cache-yul1970030-YUL
referrer-policy: strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: nginx
cross-origin-opener-policy: same-origin
x-timer: S1724435631.399841,VS0,VE1
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: text/css
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 501, 0

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ 51 KB
16 KB 37ms
27ms Script
application/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcjs/prod/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

86afa561c6cc7cbe909e357ccc590da885ac566dd71602da11ccc92a229c50b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 17:53:51 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 8552
x-cache: MISS, HIT, HIT
content-length: 16013
last-modified: Thu, 22 Aug 2024 17:02:06 GMT
etag: "2998b3081088498fd1272d3d05b691b3"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 8792, 21

GET
H2 200 NAAS-TEALIUM-GUP.json
www.gannett-cdn.com/dcc/prod/ 19 KB
4 KB 147ms
20ms Other
application/json 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcc/prod/NAAS-TEALIUM-GUP.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

456d2932a6ab4311b591b7ec06d4ef3e8145eac5e0df91cc9bb918273adcbf42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://login.statesman.com/
Origin: https://login.statesman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 17:53:51 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
content-security-policy: upgrade-insecure-requests
age: 78774
x-cache: MISS, HIT, HIT
content-length: 3969
last-modified: Thu, 22 Aug 2024 19:51:02 GMT
etag: "88848582285f246e5cf39a684e5eb94b"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 53, 0

GET
H2 200 gupui_bundle.min.js Show response
login.statesman.com/NAAS-GUP/resources/core/js/ 37 KB
9 KB 25ms
24ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://login.statesman.com/NAAS-GUP/resources/core/js/gupui_bundle.min.js?digest=5400f3c7ee9d899e343481e2516e4cd5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4a8bb7f5391757574d63b248b0fa4eccb477b0f81e410cd6c7d73800ff12610b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Aug 2024 17:53:51 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
gup-request-id: 0716d1055a9f4572bff9e83801cd4491
age: 2094572
x-cache: HIT, HIT
content-length: 9238
x-served-by: cache-iad-kjyo7100037-IAD, cache-yul1970030-YUL
referrer-policy: strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: nginx
cross-origin-opener-policy: same-origin
x-timer: S1724435631.399755,VS0,VE2
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: text/javascript
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 937, 0

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/statesman/logos-and-branding/ 16 KB
5 KB 39ms
30ms Image
image/svg+xml 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gannett-web/properties/statesman/logos-and-branding/logo-default.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4c72b59c6145adb18c5067fba66a60b456469f05d33e20db0580a61096750417

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 17:53:51 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
content-security-policy: upgrade-insecure-requests
age: 904814
x-cache: HIT, HIT
content-length: 4708
last-modified: Mon, 19 Oct 2020 16:39:24 GMT
etag: "9ae3b9806d3d278fec0c4f83e3ab5e31"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3971, 0

GET
H2 200 your-privacy-choices.svg
staticassets.gannettdigital.com/gup-assets/assets/global/gup/ 811 B
1 KB 67ms
37ms Image
image/svg+xml 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/your-privacy-choices.svg
Requested by: Host: login.statesman.com
URL: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 91758b4cca43d9e24f756b60f1a448aa2d9524de0e5ccfabc63b75f9bbf7988b

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 6
date: Fri, 23 Aug 2024 17:53:51 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 18184
x-amz-meta-goog-reserved-file-mtime: 1707168695
x-guploader-uploadid: AHxI1nPMwzupTdbO6Fr1I6Wt35t1kiecSAz0AcTXpCE99_ZX5FRMy6jrXouKVqflUgFCvWD7KvmMBuNz2Q
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 409
x-served-by: cache-yul1970030-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 05 Feb 2024 21:32:54 GMT
server: UploadServer
x-timer: S1724435632.594832,VS0,VE0
etag: "c37b58ac68b7f23c0541d5bb722681c6"
vary: Accept-Encoding
x-goog-generation: 1707168774838054
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=4QX+8Q==, md5=w3tYrGi38jwFQdW7ciaBxg==
cache-control: public, max-age=31536000
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-stored-content-length: 811
x-amz-checksum-crc32c: 4QX+8Q==
accept-ranges: bytes
expires: Fri, 23 Aug 2024 12:50:47 GMT

GET
H2

200

social-icons.png
staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/
Redirect Chain

https://login.statesman.com/NAAS-GUP/resources/global/gup/social/social-icons.png
https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/social-icons.png

5 KB
6 KB

22ms
18ms

Image
image/png

151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/social-icons.png
Requested by: Host: login.statesman.com
URL: https://login.statesman.com/NAAS-GUP/resources/authenticate/css/authenticate.import.min.css?digest=5400f3c7ee9d899e343481e2516e4cd5
Protocol: H2
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c92a50fa87d2443f77924148163b1c2d03034cf6922372e766df8969cfdc6cda

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 6
date: Fri, 23 Aug 2024 17:53:51 GMT
via: 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 18184
x-amz-meta-goog-reserved-file-mtime: 1709155311
x-guploader-uploadid: AHxI1nPRIpqavI0LMCSDqnCEwrVwevhzj2lxdaHnBQOsCx1ZM_0HmI4U_ZbzH34TXk9yeFGRb-PmTovqrA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 5022
x-served-by: cache-yul1970030-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 28 Feb 2024 21:23:01 GMT
server: UploadServer
x-timer: S1724435632.655946,VS0,VE0
etag: "b0257128ee0a6ddeec39f916a13af9ea"
x-goog-generation: 1709155381831340
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=W/y1Mg==, md5=sCVxKO4Kbd7sOfkWoTr56g==
cache-control: public, max-age=31536000
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-stored-content-length: 5022
x-amz-checksum-crc32c: W/y1Mg==
accept-ranges: bytes
expires: Fri, 23 Aug 2024 12:50:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 23 Aug 2024 17:53:51 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
gup-request-id: 97e80248fda64f0aa19a064245dbd119
age: 1444781
x-cache: HIT, HIT
content-length: 0
x-served-by: cache-iad-kiad7000170-IAD, cache-yul1970030-YUL
referrer-policy: strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: nginx
cross-origin-opener-policy: same-origin
x-timer: S1724435632.578266,VS0,VE0
x-frame-options: DENY
vary: Origin
content-type: text/html; charset=utf-8
location: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/social-icons.png
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
accept-ranges: bytes
x-cache-hits: 43, 65

GET
H2

200

eye-password-icons.png
staticassets.gannettdigital.com/gup-assets/assets/global/gup/
Redirect Chain

https://login.statesman.com/NAAS-GUP/resources/global/gup/eye-password-icons.png
https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/eye-password-icons.png

2 KB
2 KB

26ms
21ms

Image
image/png

151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/eye-password-icons.png
Requested by: Host: login.statesman.com
URL: https://login.statesman.com/NAAS-GUP/resources/authenticate/css/authenticate.import.min.css?digest=5400f3c7ee9d899e343481e2516e4cd5
Protocol: H2
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8da0e7c7296dac81946e9b199486451ddca75137fd133c18f890725e414f95f3

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 5
date: Fri, 23 Aug 2024 17:53:51 GMT
via: 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 18183
x-amz-meta-goog-reserved-file-mtime: 1709155311
x-guploader-uploadid: AHxI1nPJJUafGc7PwrPpbfWIGVddTG4SAmMd1CgdJveDCnYX6inuNYMhRCRYiRUySQJOaOZyvAS1UFv3uA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1895
x-served-by: cache-yul1970030-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 28 Feb 2024 21:22:36 GMT
server: UploadServer
x-timer: S1724435632.715154,VS0,VE0
etag: "a4e225a2a71a1f4473586f05f8e24e6e"
x-goog-generation: 1709155356748727
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=Pk373w==, md5=pOIloqcaH0RzWG8F+OJObg==
cache-control: public, max-age=31536000
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-stored-content-length: 1895
x-amz-checksum-crc32c: Pk373w==
accept-ranges: bytes
expires: Fri, 23 Aug 2024 12:50:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 23 Aug 2024 17:53:51 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
gup-request-id: a463f33e64834a05bfea11bd7f2bf221
age: 1977487
x-cache: HIT, HIT
content-length: 0
x-served-by: cache-iad-kiad7000127-IAD, cache-yul1970030-YUL
referrer-policy: strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: nginx
cross-origin-opener-policy: same-origin
x-timer: S1724435632.632081,VS0,VE1
x-frame-options: DENY
vary: Origin
content-type: text/html; charset=utf-8
location: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/eye-password-icons.png
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
accept-ranges: bytes
x-cache-hits: 81, 0

POST
H2 204 sd
www.statesman.com/gciaf/prod/ 0
0 223ms
193ms Fetch
application/json 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.statesman.com/gciaf/prod/sd

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Aug 2024 17:53:51 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubDomains;preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache: MISS, MISS
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin
x-frame-options: DENY
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://login.statesman.com
origin-agent-cluster: ?1
cache-control: no-store
access-control-allow-credentials: true
feature-policy: autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy: autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
vary: Origin,Referer
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
92 KB 145ms
62ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c39d0b2235a71e970da445e0fd728021e620e339399e1350723385a8941524e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 17:53:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93892
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 23 Aug 2024 17:53:51 GMT

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.statesman.com%2Fnaas-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.statesman.com%2Fnaas-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%25...

43 B
299 B

33ms
32ms

Image
image/gif

108.139.47.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.statesman.com%2Fnaas-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26from-state%3Dreturning-user-get-redirect%26cookies%3D&c15=a792e632-6178-11ef-9b1f-f67d89b7cb34&cs_fpid=a792e632-6178-11ef-9b1f-f67d89b7cb34&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1
Requested by: Host: login.statesman.com
URL: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
Protocol: H2
Server: 108.139.47.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-50.jfk50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 17:53:51 GMT
via: 1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: pGkI2bPGUTP5g_3GzHtR9q5KX5qR5rUd1nfaQlfEX7Y_Y9m-47F-Ag==

Redirect headers

date: Fri, 23 Aug 2024 17:53:51 GMT
via: 1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /p2?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.statesman.com%2Fnaas-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26from-state%3Dreturning-user-get-redirect%26cookies%3D&c15=a792e632-6178-11ef-9b1f-f67d89b7cb34&cs_fpid=a792e632-6178-11ef-9b1f-f67d89b7cb34&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1
content-length: 0
x-amz-cf-id: 0uHb_YfTHzHtkkEhS9RqW8P2uckqBmDxWGnh0qQn1VjzUbnrdEnFmQ==

POST
H2 204 collect
analytics.google.com/g/ 0
0 199ms
43ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-5JJXNTWR1D&gtm=45je48l0v887636012za200&_p=1724435631960&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1469287791.1724435631688&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dp=gup%7Cauthenticate%7Cmethod-select%2F&dl=https%3A%2F%2Flogin.statesman.com%2Fnaas-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.statesman.com%252FNAAS-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%26from-state%3Dreturning-user-get-redirect%26cookies%3D&dr=&sid=1724435631&sct=1&seg=0&dt=Sign%20In%20-%20Austin%20American-Statesman&tfd=1769
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Aug 2024 17:53:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.statesman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 186ms
42ms Ping
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5JJXNTWR1D&cid=1469287791.1724435631688&gtm=45je48l0v887636012za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2024 17:53:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.statesman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 65AD 0
0 174ms
45ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-5JJXNTWR1D&gacid=1469287791.1724435631688&gtm=45je48l0v887636012za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1220514998

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.statesman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Aug 2024 17:53:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 270ms
155ms Image
image/gif 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5JJXNTWR1D&cid=1469287791.1724435631688&gtm=45je48l0v887636012za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=912540280

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.statesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2024 17:53:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
login.statesman.com/ 424 B
655 B 115ms
73ms Other
image/vnd.microsoft.icon 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://login.statesman.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

34be544b7cf43d873b3ee9a20639f23bae56fe15a438f4110edd8d7f50916e89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.statesman.com/NAAS-GUP/authenticate/?success-url=https%3A%2F%2Fuser.statesman.com%2FNAAS-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D&from-state=returning-user-get-redirect&cookies=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
date: Fri, 23 Aug 2024 17:53:52 GMT
x-content-type-options: nosniff
via: 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
gup-request-id: 1fd5abf1fe5544b8b05fd06100310e0a
x-cache: MISS
content-length: 424
x-served-by: cache-yul1970030-YUL
referrer-policy: strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: image/vnd.microsoft.icon
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
accept-ranges: bytes
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statesman.com/	1970-01-21 07:46:11	Name: gup_anonid Value: a792e632-6178-11ef-9b1f-f67d89b7cb34
.statesman.com/	1970-01-21 07:46:11	Name: gup_clientid Value: a799fda0-6178-11ef-9b1f-f67d89b7cb34
login.statesman.com/	1970-01-21 07:44:45	Name: csrftoken Value: WCqwK9zHVyFuIB9UQRsnUiKWjfb4f2VZ
.statesman.com/	1970-01-21 07:46:11	Name: gup_lng Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22updated%22%3A%201724435631%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.statesman.com/	1970-01-20 23:02:02	Name: gca_rs Value: direct
.statesman.com/	1970-01-21 08:36:35	Name: _ga Value: GA1.1.1469287791.1724435631688
.scorecardresearch.com/	1970-01-21 08:22:11	Name: UID Value: 111a0ae01dbcf991e0cff1b1724435631
.scorecardresearch.com/	1970-01-21 08:22:11	Name: XID Value: 111a0ae01dbcf991e0cff1b1724435631
.statesman.com/	1970-01-21 07:46:11	Name: gca_pxi Value: hosting:vpn
.statesman.com/	1970-01-21 08:36:35	Name: _ga_5JJXNTWR1D Value: GS1.1.1724435631.1.0.1724435631.60.0.0
.doubleclick.net/	1970-01-20 23:00:36	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
login.statesman.com
sb.scorecardresearch.com
staticassets.gannettdigital.com
stats.g.doubleclick.net
td.doubleclick.net
user.statesman.com
user.usatoday.com
www.gannett-cdn.com
www.google.ca
www.googletagmanager.com
www.statesman.com
108.139.47.50
142.250.65.195
151.101.130.62
151.101.194.62
151.101.2.62
2001:4860:4802:34::181
2607:f8b0:4004:c08::9a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:81d::2008
34be544b7cf43d873b3ee9a20639f23bae56fe15a438f4110edd8d7f50916e89
456d2932a6ab4311b591b7ec06d4ef3e8145eac5e0df91cc9bb918273adcbf42
4a8bb7f5391757574d63b248b0fa4eccb477b0f81e410cd6c7d73800ff12610b
4c72b59c6145adb18c5067fba66a60b456469f05d33e20db0580a61096750417
821730810976c6df1fec5551e14d5f0322136c64236967bbee4500e4b897f9d1
86afa561c6cc7cbe909e357ccc590da885ac566dd71602da11ccc92a229c50b2
8da0e7c7296dac81946e9b199486451ddca75137fd133c18f890725e414f95f3
91758b4cca43d9e24f756b60f1a448aa2d9524de0e5ccfabc63b75f9bbf7988b
a40174301af904ffd37688ef5eb2a3bcf7567fa5fc9dfca2f90a4de4c6686bcb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c39d0b2235a71e970da445e0fd728021e620e339399e1350723385a8941524e1
c92a50fa87d2443f77924148163b1c2d03034cf6922372e766df8969cfdc6cda
cf221d5fd4bcfe4496dc11ec189d25da910382dd5764327423e12cdaa6a7a5b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

login.statesman.com Open in urlscan Pro 151.101.130.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

83 %HTTPS

44 %IPv6

9 Domains

12 Subdomains

8 IPs

1 Countries

177 kBTransfer

520 kBSize

11 Cookies

8 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

11 Cookies

Security Headers

Indicators

login.statesman.com Open in urlscan Pro
151.101.130.62 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

83 %
HTTPS

44 %
IPv6

9
Domains

12
Subdomains

8
IPs

1
Countries

177 kB
Transfer

520 kB
Size

11
Cookies

18 HTTP transactions
0 data transactions