login.detroitnews.com Open in urlscan Pro
151.101.130.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url8500.legalclaimassistant.com/ls/click?upn=u001.NA-2BuDPXFiUAT6xFhIY0jA-2F70YMA0PrmLCLk-2Bqb8v2HxVFEXaeETAXMYFRbbpniUQ6twQOwMS...
Effective URL:
https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewsp...
Submission: On January 06 via api (January 6th 2025, 6:29:45 am UTC) from BE — Scanned from US

Summary HTTP 17 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 10 domains to perform 17 HTTP transactions. The main IP is 151.101.130.62, located in San Francisco, United States and belongs to FASTLY, US. The main domain is login.detroitnews.com.
TLS certificate: Issued by R11 on November 24th 2024. Valid for: 3 months.

This is the only time login.detroitnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.190.178 172.67.190.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1408:c40... 2600:1408:c400:1885::416d	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
5 17	151.101.130.62 151.101.130.62	54113 (FASTLY) (FASTLY)
1 1	151.101.194.62 151.101.194.62	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
1 2	18.165.83.63 18.165.83.63	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c09::8b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
17	6

1 172.67.190.178 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

url8500.legalclaimassistant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:1885::416d (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

cl.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.130.62 (San Francisco, United States) 5 redirects

ASN54113 (FASTLY, US)

user.detroitnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.detroitnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticassets.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.62 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

user.usatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.83.63 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-63.iad55.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::8b (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	detroitnews.com 5 redirects user.detroitnews.com — Cisco Umbrella Rank: 152001 login.detroitnews.com	51 KB
4	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 11474	22 KB
3	gannettdigital.com staticassets.gannettdigital.com — Cisco Umbrella Rank: 243570	9 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	558 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 186	1 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 142
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	98 KB
1	usatoday.com 1 redirects user.usatoday.com — Cisco Umbrella Rank: 20307	900 B
1	exct.net 1 redirects cl.exct.net — Cisco Umbrella Rank: 74302	499 B
1	legalclaimassistant.com 1 redirects url8500.legalclaimassistant.com	787 B
17	10

	Domain	Requested by
9	login.detroitnews.com	4 redirects login.detroitnews.com
4	www.gannett-cdn.com	login.detroitnews.com www.gannett-cdn.com
3	staticassets.gannettdigital.com	login.detroitnews.com
2	sb.scorecardresearch.com	1 redirects
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.gannett-cdn.com
1	user.usatoday.com	1 redirects
1	user.detroitnews.com	1 redirects
1	cl.exct.net	1 redirects
1	url8500.legalclaimassistant.com	1 redirects
17	12

This site contains links to these domains. Also see Links.

Domain
www.detroitnews.com
user.gcion.com
cm.detroitnews.com
help.detroitnews.com

Subject Issuer	Validity	Valid
usatoday.com R11	`2024-11-24` - `2025-02-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=
Frame ID: F5BA356B5B0F4BF65CA2309EEA6EF7B1
Requests: 16 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-5JJXNTWR1D&gacid=1789899827.1736144980&gtm=45je4cc1v887636012za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=680475769
Frame ID: 821798A79EF1AAE46AB01B0D5C1A531E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In - The Detroit News

Page URL History Show full URLs

https://url8500.legalclaimassistant.com/ls/click?upn=u001.NA-2BuDPXFiUAT6xFhIY0jA-2F70YMA0PrmLCLk-2Bqb8v2HxVFEXaeETA... HTTP 302
https://cl.exct.net/?qs=effdccfa0005cc1682b7cdcd3e10eed2767e71fb7d264c5c88e700838adf238f750ce982... HTTP 302
https://user.detroitnews.com/user/enewspaper/?for-guid=947fb9b8-588f-11ef-a9e5-220348c81c91&utm_source=pd... HTTP 302
https://login.detroitnews.com/PDTN-GUP/authenticate?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-... HTTP 301
https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN... HTTP 302
https://user.usatoday.com/USAT-GUP-COOKIESERVICE/cookies/?get=returning-user&return-url=https%3A%2F%2F... HTTP 302
https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

17
Requests

82 %
HTTPS

56 %
IPv6

10
Domains

12
Subdomains

6
IPs

1
Countries

177 kB
Transfer

514 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.detroitnews.com/

Search URL Search Domain Scan URL

URL: https://user.gcion.com/GANNETT-GUP-PSA/psa/facebook/?return-url=https%3A%2F%2Flogin.detroitnews.com%2FPDTN-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26cookies%3D%26from-state%3Dmethod-select
Title: Facebook

Search URL Search Domain Scan URL

URL: https://user.gcion.com/GANNETT-GUP-PSA/psa/googleplus/?return-url=https%3A%2F%2Flogin.detroitnews.com%2FPDTN-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26cookies%3D%26from-state%3Dmethod-select
Title: Google

Search URL Search Domain Scan URL

URL: https://user.gcion.com/GANNETT-GUP-PSA/psa/apple/?return-url=https%3A%2F%2Flogin.detroitnews.com%2FPDTN-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26cookies%3D%26from-state%3Dmethod-select
Title: Apple

Search URL Search Domain Scan URL

URL: https://cm.detroitnews.com/account-activation/
Title: Already have a subscription? Let's activate your account

Search URL Search Domain Scan URL

URL: https://help.detroitnews.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://cm.detroitnews.com/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://cm.detroitnews.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.detroitnews.com/subscriberguide/#apps
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://cm.detroitnews.com/your-privacy-choices/
Title: Your Privacy Choices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url8500.legalclaimassistant.com/ls/click?upn=u001.NA-2BuDPXFiUAT6xFhIY0jA-2F70YMA0PrmLCLk-2Bqb8v2HxVFEXaeETAXMYFRbbpniUQ6twQOwMS2A0ev5E7e96IvdZSnPAM8bMwx1EdjZokR3K2HRs7k71wdk7YKgFXGsyggfcKKfFsQJumlBYQqaApomP2tHiDdSoU3zypavXNkgQUAcKGgA0-2BxuNgACc6Mf-2FKrlm3uJMiJEw2dd7aPJh1z1KqVbbCmCWTZoAUKJnIqpM-3DvDbT_4aWgQASRAIc8TcB1moU2-2F6zgmC2mBFhM1524gjVQxiyJDKJiw4m-2B9ibmSZkRGX6OgBTub3vwAXAp44jUBo-2B5nNZKhzTbuS-2FpjNzOmX-2BT-2Beqy-2BXmiSK5UZcYZuwlCE3wYW4SB49fnmfw1fpf-2Fv1rd4DBE0UI-2FTNLLLBruBPaGU3dP7o0UUyxEM-2BAdFtbWBP3tsBMDwA2-2B0hq7p8jjvUbT-2BA-3D-3D HTTP 302
https://cl.exct.net/?qs=effdccfa0005cc1682b7cdcd3e10eed2767e71fb7d264c5c88e700838adf238f750ce982f77c3a7f58a7e42efa65b9f8052b2c517d0683a34efd47596a291e8d HTTP 302
https://user.detroitnews.com/user/enewspaper/?for-guid=947fb9b8-588f-11ef-a9e5-220348c81c91&utm_source=pdtn-the-nightcap&utm_medium=email&utm_campaign=joabaselinegreeting&utm_term=Default%20Footer&utm_content=1008DN-E-NLETTER21 HTTP 302
https://login.detroitnews.com/PDTN-GUP/authenticate?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21 HTTP 301
https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21 HTTP 302
https://user.usatoday.com/USAT-GUP-COOKIESERVICE/cookies/?get=returning-user&return-url=https%3A%2F%2Flogin.detroitnews.com%2FPDTN-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26from-state%3Dreturning-user-get-redirect HTTP 302
https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://login.detroitnews.com/PDTN-GUP/resources/global/gup/eye-password-icons.png HTTP 301
https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/eye-password-icons.png

Request Chain 8

https://login.detroitnews.com/PDTN-GUP/resources/global/gup/social/social-icons.png HTTP 301
https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/social-icons.png

Request Chain 12

https://sb.scorecardresearch.com/p?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.detroitnews.com%2Fpdtn-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26from-state%3Dreturning-user-get-redirect%26cookies%3D&c15=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&cs_fpid=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.detroitnews.com%2Fpdtn-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26from-state%3Dreturning-user-get-redirect%26cookies%3D&c15=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&cs_fpid=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
login.detroitnews.com/PDTN-GUP/authenticate/
Redirect Chain

https://url8500.legalclaimassistant.com/ls/click?upn=u001.NA-2BuDPXFiUAT6xFhIY0jA-2F70YMA0PrmLCLk-2Bqb8v2HxVFEXaeETAXMYFRbbpniUQ6twQOwMS2A0ev5E7e96IvdZSnPAM8bMwx1EdjZokR3K2HRs7k71wdk7YKgFXGsyggfcKK...
https://cl.exct.net/?qs=effdccfa0005cc1682b7cdcd3e10eed2767e71fb7d264c5c88e700838adf238f750ce982f77c3a7f58a7e42efa65b9f8052b2c517d0683a34efd47596a291e8d
https://user.detroitnews.com/user/enewspaper/?for-guid=947fb9b8-588f-11ef-a9e5-220348c81c91&utm_source=pdtn-the-nightcap&utm_medium=email&utm_campaign=joabaselinegreeting&utm_term=Default%20Footer&...
https://login.detroitnews.com/PDTN-GUP/authenticate?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c...
https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81...
https://user.usatoday.com/USAT-GUP-COOKIESERVICE/cookies/?get=returning-user&return-url=https%3A%2F%2Flogin.detroitnews.com%2FPDTN-GUP%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.det...
https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81...

79 KB
14 KB

230ms
229ms

Document
text/html

151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7d3195b53f814991b0ffb87e0efbfb1718826141a25a79d7c26e8beae9cda1e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Mon, 06 Jan 2025 06:29:39 GMT
gup-request-id: b02da69d982f6128b8403e32d11c3160
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
referrer-policy: strict-origin-when-cross-origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server: nginx
vary: Accept-Encoding, Cookie, Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-clacks-overhead: GNU Terry Pratchett
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-mia-kmia1760031-MIA

Redirect headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
content-length: 0
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Mon, 06 Jan 2025 06:29:39 GMT
expires: Mon, 06 Jan 2025 06:29:39 GMT
gup-request-id: e5c4260f6283c7fc7f19bbd5fa1c5b61
location: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
referrer-policy: strict-origin-when-cross-origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server: nginx
vary: Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-clacks-overhead: GNU Terry Pratchett
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-mia-kmia1760061-MIA

GET
H2 200 UnifySansVariableWeight.woff2
login.detroitnews.com/static/fonts/ 20 KB
20 KB 33ms
31ms Font
font/woff2 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://login.detroitnews.com/static/fonts/UnifySansVariableWeight.woff2
Requested by: Host: login.detroitnews.com
URL: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 821730810976c6df1fec5551e14d5f0322136c64236967bbee4500e4b897f9d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://login.detroitnews.com
Referer: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=

Response headers

x-clacks-overhead: GNU Terry Pratchett
etag: "675355a6-4e84"
age: 2630202
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache: HIT, HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
content-type: font/woff2
last-modified: Fri, 06 Dec 2024 19:51:02 GMT
x-cache-hits: 8, 0
x-served-by: cache-iad-kcgs7200062-IAD, cache-mia-kmia1760031-MIA
cache-control: public,immutable,max-age=31536000
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer: S1736144980.715737,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 20100
server: nginx

GET
H2 200 authenticate.import.min.css
login.detroitnews.com/PDTN-GUP/resources/authenticate/css/ 17 KB
4 KB 34ms
33ms Stylesheet
text/css 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://login.detroitnews.com/PDTN-GUP/resources/authenticate/css/authenticate.import.min.css?digest=80c1a454bf2ad00788429036e6a79f3f

Requested by

Host: login.detroitnews.com
URL: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

31bec43e406dd92d1c72bf1a506dcb04776ffb80e83650dab8c24b85fc072e6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=

Response headers

x-clacks-overhead: GNU Terry Pratchett
content-encoding: gzip
age: 2331295
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
content-type: text/css
x-served-by: cache-iad-kjyo7100099-IAD, cache-mia-kmia1760031-MIA
x-cache-hits: 609, 0
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-security-policy: frame-ancestors 'none'
cache-control: public, max-age=2592000, immutable
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
cross-origin-opener-policy: same-origin
x-timer: S1736144980.715763,VS0,VE1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
gup-request-id: da2bc8e771ff4bae9b2497d411010908
accept-ranges: bytes
content-length: 3886
server: nginx

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ 47 KB
15 KB 103ms
31ms Script
application/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcjs/prod/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4833845de391788dbc46aa956eb913679caab83bb431f45f946fbd7c205388e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/

Response headers

content-encoding: br
etag: "77c97ab01d5aac51c11dbcc42b11c08c"
age: 1413943
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache: MISS, HIT, HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
last-modified: Mon, 16 Dec 2024 21:44:20 GMT
content-type: application/javascript
x-cache-hits: 0, 2915, 31913
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=3800
timing-allow-origin: *
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15243

GET
H2 200 PDTN-TEALIUM-GUP.json
www.gannett-cdn.com/dcc/prod/ 22 KB
5 KB 180ms
41ms Other
application/json 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcc/prod/PDTN-TEALIUM-GUP.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3ce467ff297d24a6745de312631f0e9693be9fed9a85ab9cbdae6ff98c7974b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://login.detroitnews.com
Referer: https://login.detroitnews.com/

Response headers

content-encoding: br
etag: "85498b4e10e0e93193fac05ed936e55c"
age: 1413850
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache: MISS, HIT, HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
last-modified: Wed, 18 Dec 2024 17:19:18 GMT
content-type: application/json
x-cache-hits: 0, 46, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=3800
timing-allow-origin: *
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4681

GET
H2 200 gupui_bundle.min.js Show response
login.detroitnews.com/PDTN-GUP/resources/core/js/ 37 KB
10 KB 32ms
31ms Script
text/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://login.detroitnews.com/PDTN-GUP/resources/core/js/gupui_bundle.min.js?digest=80c1a454bf2ad00788429036e6a79f3f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b64a74d3418ef6da0d0b552aa2adb6de39028a24e2eb4455b54ece52c301dc5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=

Response headers

x-clacks-overhead: GNU Terry Pratchett
content-encoding: gzip
age: 2299382
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
content-type: text/javascript
x-served-by: cache-iad-kjyo7100167-IAD, cache-mia-kmia1760031-MIA
x-cache-hits: 552, 0
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-security-policy: frame-ancestors 'none'
cache-control: public, max-age=2592000, immutable
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
cross-origin-opener-policy: same-origin
x-timer: S1736144980.715973,VS0,VE1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
gup-request-id: b19ddb3f94bb4be39b1e4b0f30abcdbc
accept-ranges: bytes
content-length: 9336
server: nginx

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/detroitnews/logos-and-branding/ 4 KB
2 KB 107ms
36ms Image
image/svg+xml 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gannett-web/properties/detroitnews/logos-and-branding/logo-default.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c4ffb76cad1d8bf823499ba38dd94033a9e2ab349bda6d16527dae1ce5c844c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/

Response headers

content-encoding: gzip
etag: "926772a74ee833f4a81c43e7ca349d31"
age: 1714223
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache: HIT, HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
last-modified: Mon, 18 Feb 2019 22:02:19 GMT
content-type: image/svg+xml
x-cache-hits: 2722, 1
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=2592000
timing-allow-origin: *
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1562

GET
H2 200 your-privacy-choices.svg
staticassets.gannettdigital.com/gup-assets/assets/global/gup/ 811 B
1 KB 94ms
31ms Image
image/svg+xml 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/your-privacy-choices.svg
Requested by: Host: login.detroitnews.com
URL: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 91758b4cca43d9e24f756b60f1a448aa2d9524de0e5ccfabc63b75f9bbf7988b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/

Response headers

x-goog-metageneration: 1
x-clacks-overhead: GNU Terry Pratchett
x-goog-hash: crc32c=4QX+8Q==, md5=w3tYrGi38jwFQdW7ciaBxg==
x-amz-meta-goog-reserved-file-mtime: 1707168695
etag: "c37b58ac68b7f23c0541d5bb722681c6"
content-encoding: gzip
age: 205006
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-stored-content-encoding: identity
expires: Fri, 03 Jan 2025 21:32:53 GMT
x-goog-stored-content-length: 811
x-cache: HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
last-modified: Mon, 05 Feb 2024 21:32:54 GMT
content-type: image/svg+xml
x-served-by: cache-mia-kmia1760031-MIA
x-cache-hits: 54
x-guploader-uploadid: AFiumC7Es5Z9zb0btfMnyh-pNKwrXzeRYTECYKbg8648MUT0l3Wt2MkZXiqJegDMb7pEKMK_D9p66N8
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-goog-storage-class: MULTI_REGIONAL
x-timer: S1736144980.817806,VS0,VE0
via: 1.1 varnish
x-amz-checksum-crc32c: 4QX+8Q==
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1707168774838054
content-length: 409
server: UploadServer

GET
H2

200

eye-password-icons.png
staticassets.gannettdigital.com/gup-assets/assets/global/gup/
Redirect Chain

https://login.detroitnews.com/PDTN-GUP/resources/global/gup/eye-password-icons.png
https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/eye-password-icons.png

2 KB
2 KB

59ms
32ms

Image
image/png

151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/eye-password-icons.png
Requested by: Host: login.detroitnews.com
URL: https://login.detroitnews.com/PDTN-GUP/resources/authenticate/css/authenticate.import.min.css?digest=80c1a454bf2ad00788429036e6a79f3f
Protocol: H2
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8da0e7c7296dac81946e9b199486451ddca75137fd133c18f890725e414f95f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/

Response headers

x-goog-metageneration: 1
x-clacks-overhead: GNU Terry Pratchett
x-goog-hash: crc32c=Pk373w==, md5=pOIloqcaH0RzWG8F+OJObg==
x-amz-meta-goog-reserved-file-mtime: 1709155311
etag: "a4e225a2a71a1f4473586f05f8e24e6e"
age: 205069
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-stored-content-encoding: identity
expires: Fri, 03 Jan 2025 21:31:50 GMT
x-goog-stored-content-length: 1895
x-cache: HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
last-modified: Wed, 28 Feb 2024 21:22:36 GMT
content-type: image/png
x-served-by: cache-mia-kmia1760031-MIA
x-cache-hits: 108
x-guploader-uploadid: AFiumC6DkgBv-WuwQsEvHmRTJ1rjs6sH8gw7yDK9E9WxLAdaV_qJPvDiziPmPf2t15v6ehXTQa4tWbU
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-goog-storage-class: MULTI_REGIONAL
x-timer: S1736144980.817814,VS0,VE0
via: 1.1 varnish
x-amz-checksum-crc32c: Pk373w==
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709155356748727
content-length: 1895
server: UploadServer

Redirect headers

x-clacks-overhead: GNU Terry Pratchett
age: 2149343
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-iad-kjyo7100046-IAD, cache-mia-kmia1760031-MIA
x-cache-hits: 484, 0
x-frame-options: DENY
vary: Origin
content-security-policy: frame-ancestors 'none'
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
location: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/eye-password-icons.png
cross-origin-opener-policy: same-origin
x-timer: S1736144980.758182,VS0,VE1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
gup-request-id: 47e1ae2ae93e4c9da46c10b4c0b6a4a5
accept-ranges: bytes
content-length: 0
server: nginx

GET
H2

200

social-icons.png
staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/
Redirect Chain

https://login.detroitnews.com/PDTN-GUP/resources/global/gup/social/social-icons.png
https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/social-icons.png

5 KB
6 KB

62ms
34ms

Image
image/png

151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/social-icons.png
Requested by: Host: login.detroitnews.com
URL: https://login.detroitnews.com/PDTN-GUP/resources/authenticate/css/authenticate.import.min.css?digest=80c1a454bf2ad00788429036e6a79f3f
Protocol: H2
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c92a50fa87d2443f77924148163b1c2d03034cf6922372e766df8969cfdc6cda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/

Response headers

x-goog-metageneration: 1
x-clacks-overhead: GNU Terry Pratchett
x-goog-hash: crc32c=W/y1Mg==, md5=sCVxKO4Kbd7sOfkWoTr56g==
x-amz-meta-goog-reserved-file-mtime: 1709155311
etag: "b0257128ee0a6ddeec39f916a13af9ea"
age: 205069
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-goog-stored-content-encoding: identity
expires: Fri, 03 Jan 2025 21:31:50 GMT
x-goog-stored-content-length: 5022
x-cache: HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
last-modified: Wed, 28 Feb 2024 21:23:01 GMT
content-type: image/png
x-served-by: cache-mia-kmia1760031-MIA
x-cache-hits: 85
x-guploader-uploadid: AFiumC7I3hvWp8tBNR9OkBzeeHC6LXbk4skX_f0miyPULKg1bo_dp1gWhPoO-kvf62Na9anBYbugEOg
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-goog-storage-class: MULTI_REGIONAL
x-timer: S1736144980.818160,VS0,VE0
via: 1.1 varnish
x-amz-checksum-crc32c: W/y1Mg==
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709155381831340
content-length: 5022
server: UploadServer

Redirect headers

x-clacks-overhead: GNU Terry Pratchett
age: 1102013
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Mon, 06 Jan 2025 06:29:39 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-iad-kiad7000168-IAD, cache-mia-kmia1760031-MIA
x-cache-hits: 159, 0
x-frame-options: DENY
vary: Origin
content-security-policy: frame-ancestors 'none'
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
location: https://staticassets.gannettdigital.com/gup-assets/assets/global/gup/social/social-icons.png
cross-origin-opener-policy: same-origin
x-timer: S1736144980.758229,VS0,VE1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
gup-request-id: 1fd215b1b1ed41919aaaa80424dfb458
accept-ranges: bytes
content-length: 0
server: nginx

GET
H2 200 favicon.ico
login.detroitnews.com/ 424 B
695 B 56ms
55ms Other
image/vnd.microsoft.icon 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://login.detroitnews.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

34be544b7cf43d873b3ee9a20639f23bae56fe15a438f4110edd8d7f50916e89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/PDTN-GUP/authenticate/?success-url=https%3A%2F%2Fuser.detroitnews.com%2FPDTN-GUP%2Fuser%2Fenewspaper%2F%3FsubmarketId%3D%26for-guid%3D947fb9b8-588f-11ef-a9e5-220348c81c91%26utm_source%3Dpdtn-the-nightcap%26utm_medium%3Demail%26utm_campaign%3Djoabaselinegreeting%26utm_term%3DDefault%2BFooter%26utm_content%3D1008DN-E-NLETTER21&from-state=returning-user-get-redirect&cookies=

Response headers

x-clacks-overhead: GNU Terry Pratchett
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 06 Jan 2025 06:29:39 GMT
content-type: image/vnd.microsoft.icon
vary: Origin, Accept-Encoding
x-served-by: cache-mia-kmia1760031-MIA
x-cache-hits: 0
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
cross-origin-opener-policy: same-origin
gup-request-id: 6b2b7b8ac3dc45ad862788143018b79d
via: 1.1 varnish
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
content-length: 424
server: nginx

POST
H2 204 sd
www.gannett-cdn.com/gciaf/prod/ 0
0 250ms
247ms Fetch
application/json 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gciaf/prod/sd

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://login.detroitnews.com/

Response headers

report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options: nosniff
x-cache: MISS, MISS
date: Mon, 06 Jan 2025 06:29:40 GMT
content-type: application/json; charset=utf-8
feature-policy: autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
x-cache-hits: 0, 0
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin,Referer
content-security-policy: upgrade-insecure-requests
cache-control: no-store
timing-allow-origin: *
cross-origin-opener-policy: same-origin
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
permissions-policy: autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: https://login.detroitnews.com
x-xss-protection: 1;mode=block
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
98 KB 249ms
134ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b9ab4f13773f67fadcf388b7924c8464894c9517f856426efbbd28328da427a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 06 Jan 2025 06:29:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 06 Jan 2025 06:29:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99516
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.detroitnews.com%2Fpdtn-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.detroitnews.com%2Fpdtn-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuse...

43 B
300 B

60ms
59ms

Image
image/gif

18.165.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.detroitnews.com%2Fpdtn-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26from-state%3Dreturning-user-get-redirect%26cookies%3D&c15=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&cs_fpid=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1
Protocol: H2
Server: 18.165.83.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-63.iad55.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/

Response headers

accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 4ec656d2dfbb59cd7fab2ac94a540522.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: icbJzMOTkNWSkDBz1P5GKLMwIdRLv7MZl9MCJniQ6ap3GKAb7c83Sg==
date: Mon, 06 Jan 2025 06:29:40 GMT
content-type: image/gif
x-amz-cf-pop: IAD55-P3

Redirect headers

location: /p2?c1=2&c2=6035223&c4=https%3A%2F%2Flogin.detroitnews.com%2Fpdtn-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26from-state%3Dreturning-user-get-redirect%26cookies%3D&c15=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&cs_fpid=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&cs_ucfr=&cs_fpit=lo&&cv=3.6.0&cj=1
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 4ec656d2dfbb59cd7fab2ac94a540522.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 68NT3AJim8b61LdBsNL9Z9K-avZ9wkdO4wV9U2whwREMq90i14reug==
date: Mon, 06 Jan 2025 06:29:40 GMT
x-amz-cf-pop: IAD55-P3

POST
H2 204 collect
analytics.google.com/g/ 0
0 194ms
65ms Fetch
text/plain 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-5JJXNTWR1D&gtm=45je4cc1v887636012za200&_p=1736144980332&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1789899827.1736144980&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&dp=gup%7Cauthenticate%7Cmethod-select%2F&dl=https%3A%2F%2Flogin.detroitnews.com%2Fpdtn-gup%2Fauthenticate%2F%3Fsuccess-url%3Dhttps%253A%252F%252Fuser.detroitnews.com%252FPDTN-GUP%252Fuser%252Fenewspaper%252F%253FsubmarketId%253D%2526for-guid%253D947fb9b8-588f-11ef-a9e5-220348c81c91%2526utm_source%253Dpdtn-the-nightcap%2526utm_medium%253Demail%2526utm_campaign%253Djoabaselinegreeting%2526utm_term%253DDefault%252BFooter%2526utm_content%253D1008DN-E-NLETTER21%26from-state%3Dreturning-user-get-redirect%26cookies%3D&dr=&sid=1736144980&sct=1&seg=0&dt=Sign%20In%20-%20The%20Detroit%20News&tfd=2711
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://login.detroitnews.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://login.detroitnews.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 06 Jan 2025 06:29:40 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
558 B 194ms
70ms Ping
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5JJXNTWR1D&cid=1789899827.1736144980&gtm=45je4cc1v887636012za200&aip=1&uid=9b19a4e2-cbf7-11ef-8413-527e7cf5d482&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.detroitnews.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://login.detroitnews.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 06 Jan 2025 06:29:40 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 8217 0
0 188ms
69ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-5JJXNTWR1D&gacid=1789899827.1736144980&gtm=45je4cc1v887636012za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=680475769

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.detroitnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jan 2025 06:29:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.detroitnews.com/	1970-01-21 11:01:20	Name: gup_anonid Value: 9b19a4e2-cbf7-11ef-8413-527e7cf5d482
.detroitnews.com/	1970-01-21 11:01:20	Name: gup_clientid Value: 9b1fc67e-cbf7-11ef-8413-527e7cf5d482
.detroitnews.com/	1970-01-21 11:01:20	Name: gup_lng Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22updated%22%3A%201736144979%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
login.detroitnews.com/	1970-01-21 10:59:54	Name: csrftoken Value: 4iPCHpfv4ibDvc00Q4oinysIt7VfxeJM
.detroitnews.com/	1970-01-21 02:17:11	Name: gca_rs Value: direct
.detroitnews.com/	1970-01-21 11:51:44	Name: _ga Value: GA1.1.1789899827.1736144980
.scorecardresearch.com/	1970-01-21 11:37:20	Name: UID Value: 1D08f408dc83f30f9402d021736144980
.scorecardresearch.com/	1970-01-21 11:37:20	Name: XID Value: 1D08f408dc83f30f9402d021736144980
.detroitnews.com/	1970-01-21 11:51:44	Name: _ga_5JJXNTWR1D Value: GS1.1.1736144980.1.0.1736144980.60.0.0
.doubleclick.net/	1970-01-21 02:15:45	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cl.exct.net
login.detroitnews.com
sb.scorecardresearch.com
staticassets.gannettdigital.com
stats.g.doubleclick.net
td.doubleclick.net
url8500.legalclaimassistant.com
user.detroitnews.com
user.usatoday.com
www.gannett-cdn.com
www.googletagmanager.com
151.101.130.62
151.101.194.62
172.67.190.178
18.165.83.63
2600:1408:c400:1885::416d
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c19::61
2607:f8b0:4004:c19::9c
2607:f8b0:4004:c1d::9c
31bec43e406dd92d1c72bf1a506dcb04776ffb80e83650dab8c24b85fc072e6f
34be544b7cf43d873b3ee9a20639f23bae56fe15a438f4110edd8d7f50916e89
3ce467ff297d24a6745de312631f0e9693be9fed9a85ab9cbdae6ff98c7974b3
4833845de391788dbc46aa956eb913679caab83bb431f45f946fbd7c205388e0
6b9ab4f13773f67fadcf388b7924c8464894c9517f856426efbbd28328da427a
7d3195b53f814991b0ffb87e0efbfb1718826141a25a79d7c26e8beae9cda1e7
821730810976c6df1fec5551e14d5f0322136c64236967bbee4500e4b897f9d1
8da0e7c7296dac81946e9b199486451ddca75137fd133c18f890725e414f95f3
91758b4cca43d9e24f756b60f1a448aa2d9524de0e5ccfabc63b75f9bbf7988b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64a74d3418ef6da0d0b552aa2adb6de39028a24e2eb4455b54ece52c301dc5b
c4ffb76cad1d8bf823499ba38dd94033a9e2ab349bda6d16527dae1ce5c844c1
c92a50fa87d2443f77924148163b1c2d03034cf6922372e766df8969cfdc6cda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

login.detroitnews.com Open in urlscan Pro 151.101.130.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

56 %IPv6

10 Domains

12 Subdomains

6 IPs

1 Countries

177 kBTransfer

514 kBSize

10 Cookies

10 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

10 Cookies

Security Headers

Indicators

login.detroitnews.com Open in urlscan Pro
151.101.130.62 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

56 %
IPv6

10
Domains

12
Subdomains

6
IPs

1
Countries

177 kB
Transfer

514 kB
Size

10
Cookies

17 HTTP transactions
0 data transactions