urlscan.io logo urlscan.io
SecurityTrails logo

subscribe.buffalonews.com Open in urlscan Pro
2600:1f18:410b:aea2:f857:cbce:7c2c:fc5e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Effective URL: https://subscribe.buffalonews.com/register?template=372
Submission: On April 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 6 countries across 24 domains to perform 122 HTTP transactions. The main IP is 2600:1f18:410b:aea2:f857:cbce:7c2c:fc5e, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is subscribe.buffalonews.com.
TLS certificate: Issued by Amazon on February 21st 2020. Valid for: a year.
This is the only time subscribe.buffalonews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2600:1f18:410... 14618 (AMAZON-AES)
20 2600:1f18:410... 14618 (AMAZON-AES)
1 151.101.113.194 54113 (FASTLY)
2 95.100.67.47 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 52.216.28.164 16509 (AMAZON-02)
1 172.217.18.2 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 195.12.186.240 47205 (TELIA-LIE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:3::84 54113 (FASTLY)
3 143.204.90.242 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13 2a00:1450:400... 15169 (GOOGLE)
1 143.204.101.222 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 23.11.238.95 16625 (AKAMAI-AS)
1 172.217.18.98 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
2 2600:1f18:410... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
122 31
31    2600:1f18:410b:aea1:741d:26c8:960a:a9c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
buffalonews.com
20    2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.bntech.io
1    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
includemodal.global.ssl.fastly.net
2    95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com
use.typekit.net
p.typekit.net
4    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
8    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.216.28.164 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
bnwordpress.s3.amazonaws.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com
1    2606:4700:10::6816:6cb (United States)

ASN13335 (CLOUDFLARENET, US)
bucket.mlcdn.com
1    195.12.186.240 (Lithuania)

ASN47205 (TELIA-LIETUVA, LT)
PTR: 195-12-186-240.static.zebra.lt
track.mailerlite.com
1    2606:4700:10::6816:45f4 (United States)

ASN13335 (CLOUDFLARENET, US)
static.mailerlite.com
1    2a04:4e42:3::84 (Ascension Island)

ASN54113 (FASTLY, US)
assets.pinterest.com
3    143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.101.222 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-222.fra50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
3    2a00:1450:4001:808::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
survey.g.doubleclick.net
3    23.11.238.95 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-238-95.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:21f3:1000:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2s8wlbatk24s7.cloudfront.net
1    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2600:1f18:410b:aea2:f857:cbce:7c2c:fc5e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
subscribe.buffalonews.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
33 buffalonews.com
buffalonews.com
img.buffalonews.com Failed
subscribe.buffalonews.com
7 MB
20 bntech.io
api.bntech.io
54 KB
14 google.com
www.google.com
cse.google.com
adservice.google.com
ampcid.google.com
107 KB
13 google-analytics.com
www.google-analytics.com
104 KB
6 doubleclick.net
survey.g.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
453 KB
6 facebook.net
connect.facebook.net
297 KB
4 google.de
adservice.google.de
ampcid.google.de
www.google.de
2 KB
4 googleapis.com
fonts.googleapis.com
3 KB
3 facebook.com
www.facebook.com
643 B
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
29 KB
2 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
24 KB
2 mailerlite.com
track.mailerlite.com
static.mailerlite.com
3 KB
2 typekit.net
use.typekit.net
p.typekit.net
1 KB
1 gstatic.com
fonts.gstatic.com
22 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 pinterest.com
assets.pinterest.com
410 B
1 mlcdn.com
bucket.mlcdn.com
26 KB
1 googleadservices.com
www.googleadservices.com
10 KB
1 amazonaws.com
bnwordpress.s3.amazonaws.com
6 KB
1 googletagservices.com
www.googletagservices.com
15 KB
1 fastly.net
includemodal.global.ssl.fastly.net
42 KB
0 googlesyndication.com Failed
tpc.googlesyndication.com Failed
0 parsely.com Failed
srv-2020-04-08-19.config.parsely.com Failed
122 24
Domain Requested by
31 buffalonews.com buffalonews.com
20 api.bntech.io buffalonews.com
api.bntech.io
subscribe.buffalonews.com
13 www.google-analytics.com 1 redirects buffalonews.com
www.google-analytics.com
www.googletagmanager.com
subscribe.buffalonews.com
8 www.google.com 4 redirects buffalonews.com
cse.google.com
6 connect.facebook.net buffalonews.com
connect.facebook.net
subscribe.buffalonews.com
4 cse.google.com buffalonews.com
4 fonts.googleapis.com buffalonews.com
subscribe.buffalonews.com
3 www.facebook.com buffalonews.com
3 sb.scorecardresearch.com 1 redirects buffalonews.com
3 survey.g.doubleclick.net buffalonews.com
survey.g.doubleclick.net
3 c.amazon-adsystem.com buffalonews.com
includemodal.global.ssl.fastly.net
2 subscribe.buffalonews.com api.bntech.io
subscribe.buffalonews.com
2 stats.g.doubleclick.net 1 redirects
2 adservice.google.de survey.g.doubleclick.net
www.googletagservices.com
1 fonts.gstatic.com
1 www.google.de
1 ampcid.google.de includemodal.global.ssl.fastly.net
1 ampcid.google.com includemodal.global.ssl.fastly.net
1 d2s8wlbatk24s7.cloudfront.net includemodal.global.ssl.fastly.net
1 securepubads.g.doubleclick.net www.googletagservices.com
includemodal.global.ssl.fastly.net
securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 d1z2jf7jlzjs58.cloudfront.net buffalonews.com
1 www.googletagmanager.com buffalonews.com
1 p.typekit.net buffalonews.com
1 assets.pinterest.com buffalonews.com
1 static.mailerlite.com buffalonews.com
1 track.mailerlite.com buffalonews.com
1 bucket.mlcdn.com buffalonews.com
1 www.googleadservices.com buffalonews.com
1 bnwordpress.s3.amazonaws.com buffalonews.com
1 www.googletagservices.com buffalonews.com
1 use.typekit.net buffalonews.com
1 includemodal.global.ssl.fastly.net buffalonews.com
0 aax-eu.amazon-adsystem.com Failed c.amazon-adsystem.com
0 tpc.googlesyndication.com Failed securepubads.g.doubleclick.net
0 srv-2020-04-08-19.config.parsely.com Failed d1z2jf7jlzjs58.cloudfront.net
0 img.buffalonews.com Failed buffalonews.com
122 37

This site contains links to these domains. Also see Links.

Domain
buffalonews.com
login.buffalonews.com
Subject Issuer Validity Valid
buffalonews.com
Amazon		 2020-02-21 -
2021-03-21		 a year crt.sh
bntech.io
Amazon		 2019-05-29 -
2020-06-29		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-12-18 -
2020-12-18		 a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2021-03-12		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-26 -
2020-10-09		 6 months crt.sh
*.mailerlite.com
COMODO RSA Domain Validation Secure Server CA		 2017-11-26 -
2020-11-25		 3 years crt.sh
mailerlite.com
CloudFlare Inc ECC CA-2		 2019-09-29 -
2020-09-28		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2019-06-05 -
2020-07-22		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://subscribe.buffalonews.com/register?template=372
Frame ID: 70D3E44E0984D562F2EBF2398769B175
Requests: 121 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_cnv
Frame ID: 2AC2DE36C1D8B3DFCEAA6F82E528DE15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://buffalonews.com/2020/01/12/sheffield-rick/ Page URL
  2. https://subscribe.buffalonews.com/register?template=372 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

122
Requests

95 %
HTTPS

70 %
IPv6

24
Domains

37
Subdomains

31
IPs

6
Countries

8586 kB
Transfer

10890 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://buffalonews.com/2020/01/12/sheffield-rick/ Page URL
  2. https://subscribe.buffalonews.com/register?template=372 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.google.com/coop/cse/brand?form=dropdown-searchform&lang=en&cx=006900656957014357757:65jm81-837s HTTP 302
  • https://cse.google.com/coop/cse/brand?form=dropdown-searchform&lang=en&cx=006900656957014357757:65jm81-837s
Request Chain 22
  • https://www.google.com/coop/cse/brand?form=searchform&lang=en&cx=006900656957014357757:65jm81-837s HTTP 302
  • https://cse.google.com/coop/cse/brand?form=searchform&lang=en&cx=006900656957014357757:65jm81-837s
Request Chain 28
  • https://www.google.com/coop/cse/brand?form=&lang=en&cx= HTTP 302
  • https://cse.google.com/coop/cse/brand?form=&lang=en&cx=
Request Chain 80
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1586374679121&ns_c=UTF-8&cv=3.5&c8=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&c7=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1586374679121&ns_c=UTF-8&cv=3.5&c8=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&c7=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&c9=
Request Chain 83
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1742103563&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&ul=en-us&de=UTF-8&dt=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Author&ea=Staff&el=Staff&ev=1&_u=aGBAAEArQ~&jid=1598597920&gjid=1464878105&cid=1840296706.1586374679&tid=UA-5339712-1&_gid=263369847.1586374679&_r=1&cd1=Staff&z=910766752 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5339712-1&cid=1840296706.1586374679&jid=1598597920&_gid=263369847.1586374679&gjid=1464878105&_v=j81&z=910766752
Request Chain 91
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-54716522-2&cid=1840296706.1586374679&jid=773661866&gjid=516578573&_gid=263369847.1586374679&_u=aGDAgEArQAQC~&z=1843633082 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54716522-2&cid=1840296706.1586374679&jid=773661866&_v=j81&z=1843633082 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54716522-2&cid=1840296706.1586374679&jid=773661866&_v=j81&z=1843633082&slf_rd=1&random=2138992605

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
buffalonews.com/2020/01/12/sheffield-rick/ 		109 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d3fec0f77038fdefe6f99c410f48ee189b4c23504d0c2b2e769b6a9b04602131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
buffalonews.com
:scheme
https
:path
/2020/01/12/sheffield-rick/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Wed, 08 Apr 2020 19:37:58 GMT
content-type
text/html; charset=UTF-8
content-length
24582
x-frame-options
SAMEORIGIN
link
<https://buffalonews.com/wp-json/>; rel="https://api.w.org/" <https://buffalonews.com/?p=2810692>; rel=shortlink
vary
Accept-Encoding
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-varnish
115292252 69186809 116251824
via
1.1 varnish (Varnish/6.0) 1.1 varnish (Varnish/6.0)
accept-ranges
bytes
age
0
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
access-control-allow-origin
*
1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
api.bntech.io/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8cc7ca22ca0299498e836dfdb52204738427428085eeda2d1eb84bc9ac25f513

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:37:58 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
ads.js
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ads/BNTmmGxzleXXj/ads/ 		25 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ads/BNTmmGxzleXXj/ads/ads.js
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
526905bf06bd10f0dddf2045063065899031010b334b6647d209cab38e8c602f

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:37:58 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
25
Content-Type
text/javascript;charset=UTF-8
ab
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ 		875 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ab
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1f53ccc2d3e1fb7bb0c211b32b7f8e7bb93f77b994660ac9628e5e0ebe3fc00d

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:37:58 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
875
Content-Type
text/javascript;charset=UTF-8
sso
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/sso
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:37:58 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
sp.js
includemodal.global.ssl.fastly.net/ 		132 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/sp.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fce08d61659bf0733ab157e295f91d8bb848ba0d635d474238cddf934a87c12

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 19:37:58 GMT
Content-Encoding
gzip
Age
227
X-Cache
HIT
Connection
keep-alive
Content-Length
42255
x-amz-id-2
CkJEgM25fkAeam072LmTCO2kMWoeLwARSBoUqfZtWw9mU1lzZmqXyq3cK7V6chAiAyJh5UPiRPA=
X-Served-By
cache-hhn4076-HHN
Last-Modified
Sun, 05 Apr 2020 23:33:10 GMT
Server
AmazonS3
X-Timer
S1586374679.986840,VS0,VE0
ETag
"79a8c7be1fbcb81ffba569f86b56117b"
Vary
Accept-Encoding
x-amz-request-id
914E4C8EA3A784B7
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
14
bootstrap.min.css
buffalonews.com/wp-content/themes/tbn-2016/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/css/bootstrap.min.css?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
19744
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 28 Jun 2017 14:48:00 GMT
x-frame-options
SAMEORIGIN
etag
"1d970-553064546ada5-gzip"
vary
Accept-Encoding
x-varnish
99445259 80939434, 106385230
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/css
expires
0
typ0hvv.css
use.typekit.net/ 		4 KB
957 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/typ0hvv.css?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
22e602b7904500b724afb01c885394929d467e98017388b8284fb76efe9dca66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Wed, 08 Apr 2020 19:37:58 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
757
css
fonts.googleapis.com/ 		783 B
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway&ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 19:37:58 GMT
server
ESF
date
Wed, 08 Apr 2020 19:37:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Apr 2020 19:37:58 GMT
style.css
buffalonews.com/wp-content/themes/tbn-2016/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/style.css?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
fa3cb3495fe41d51c7301dded2eb606a7548db79d580745057202f6d26477c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
9383
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Thu, 26 Mar 2020 17:12:17 GMT
x-frame-options
SAMEORIGIN
etag
"a585-5a1c5163ba2ba-gzip"
vary
Accept-Encoding
x-varnish
115272161 73236572, 116643049
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/css
expires
0
font-awesome.min.css
buffalonews.com/wp-content/themes/tbn-2016/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/css/font-awesome.min.css?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
5178c5c928ea77c85e03e389af1c95b3617d1b674ca45678e38b76810e61504c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
7070
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 23 Aug 2017 16:08:05 GMT
x-frame-options
SAMEORIGIN
etag
"79ad-5576deac3fa30-gzip"
vary
Accept-Encoding
x-varnish
106346667 76957105, 116621768
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/css
expires
0
css
fonts.googleapis.com/ 		6 KB
690 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
771c5030cc8843946bbd7d1276e83ebb684b8381ed74d32adaaa5d535d156e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 19:37:58 GMT
server
ESF
date
Wed, 08 Apr 2020 19:37:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Apr 2020 19:37:58 GMT
style.min.css
buffalonews.com/wp-includes/css/dist/block-library/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
4767
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Thu, 21 Nov 2019 03:23:44 GMT
x-frame-options
SAMEORIGIN
etag
"726f-597d2d31c7598-gzip"
vary
Accept-Encoding
x-varnish
116835492 88889604, 106794120
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/css
expires
0
style.css
buffalonews.com/wp-content/plugins/content-management/css/ 		105 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/plugins/content-management/css/style.css?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
2887ab0bfd1b6def70d8d2b46d4f8ff50dcf6b41c80b0b0aa70845ebab9fc815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
16244
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Thu, 02 Apr 2020 03:33:09 GMT
x-frame-options
SAMEORIGIN
etag
"1a4f2-5a24675abcf55-gzip"
vary
Accept-Encoding
x-varnish
98137380 73236574, 117343550
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/css
expires
0
article.css
buffalonews.com/wp-content/themes/tbn-2016/css/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/css/article.css?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
ef5ccf06fb9978f8ca95d353b8c5248e605d09ea0ff502a6831b2ff5f7f39954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
6760
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Thu, 26 Mar 2020 17:12:17 GMT
x-frame-options
SAMEORIGIN
etag
"744e-5a1c5163ba2ba-gzip"
vary
Accept-Encoding
x-varnish
105793209 76957107, 115292270
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/css
expires
0
jquery.js
buffalonews.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
33776
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 05 Jun 2019 17:46:40 GMT
x-frame-options
SAMEORIGIN
etag
"17a69-58a972e0e7eed-gzip"
vary
Accept-Encoding
x-varnish
116300797 84675466, 105686192
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
jquery-migrate.min.js
buffalonews.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
4014
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Thu, 16 Nov 2017 04:07:44 GMT
x-frame-options
SAMEORIGIN
etag
"2748-55e11c31cfa46-gzip"
vary
Accept-Encoding
x-varnish
115950920 82654417, 117117775
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
bootstrap.min.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/bootstrap.min.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
9833
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 28 Jun 2017 14:48:00 GMT
x-frame-options
SAMEORIGIN
etag
"90b5-5530645472aa4-gzip"
vary
Accept-Encoding
x-varnish
105963566 78249432, 114255942
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
main.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/main.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8589bcf31a172f90d5eecb826d86fd06c1eaa773cea67eac3a8e99f099d7b2fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
4210
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 09 Oct 2019 16:11:46 GMT
x-frame-options
SAMEORIGIN
etag
"3300-5947c8a9fe74c-gzip"
vary
Accept-Encoding
x-varnish
106028152 52986369, 103019266
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
script.js
buffalonews.com/wp-content/plugins/content-management/js/widget-dfp-ad/ 		0
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/plugins/content-management/js/widget-dfp-ad/script.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
age
0
status
200
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 21 Apr 2017 15:17:53 GMT
etag
"0-54daec2e8d8da"
x-frame-options
SAMEORIGIN
x-varnish
114323928 80544226, 105665659
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d7b34d798bc9eacf5f5bc3a51ad7669658a6563810df33f71ad1164331c61ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"480 / 11 of 1000 / last-modified: 1586356416"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14669
x-xss-protection
0
expires
Wed, 08 Apr 2020 19:37:58 GMT
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=dropdown-searchform&lang=en&cx=006900656957014357757:65jm81-837s
  • https://cse.google.com/coop/cse/brand?form=dropdown-searchform&lang=en&cx=006900656957014357757:65jm81-837s
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=dropdown-searchform&lang=en&cx=006900656957014357757:65jm81-837s
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
pfe /
Resource Hash
48e5651aa096e2d1f62ae341dc1425f0de2d11a6333908bb1a2ffe1a6dd10ac0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 19:33:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
285
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1221
x-xss-protection
0
expires
Wed, 08 Apr 2020 20:03:13 GMT

Redirect headers

date
Wed, 08 Apr 2020 19:37:58 GMT
x-content-type-options
nosniff
server
sffe
location
https://cse.google.com/coop/cse/brand?form=dropdown-searchform&lang=en&cx=006900656957014357757:65jm81-837s
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
312
x-xss-protection
0
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=searchform&lang=en&cx=006900656957014357757:65jm81-837s
  • https://cse.google.com/coop/cse/brand?form=searchform&lang=en&cx=006900656957014357757:65jm81-837s
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=searchform&lang=en&cx=006900656957014357757:65jm81-837s
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
pfe /
Resource Hash
fba6153ee83005ae0a4a624991b8aa82d2a871fdd63bc49f33fcece77cfde22b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 19:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
580
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1209
x-xss-protection
0
expires
Wed, 08 Apr 2020 19:58:18 GMT

Redirect headers

date
Wed, 08 Apr 2020 19:37:58 GMT
x-content-type-options
nosniff
server
sffe
location
https://cse.google.com/coop/cse/brand?form=searchform&lang=en&cx=006900656957014357757:65jm81-837s
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
303
x-xss-protection
0
logo-transparent-reverse.png
buffalonews.com/wp-content/themes/tbn-2016/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/images/logo-transparent-reverse.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
60f2945954610f4be543c714fc08ff0352d14b6585c00e6d0e09446d36c2d776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
via
1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
age
167300
status
200
content-length
18322
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 07 Nov 2018 19:58:19 GMT
etag
"4792-57a188a2cef10"
x-frame-options
SAMEORIGIN
x-varnish
98137383 80939437
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
image/png
expires
0
1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
api.bntech.io/m/pixel/ 		43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.bntech.io/m/pixel/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 19:37:58 GMT
Last-Modified
Wed, 08 Apr 2020 19:37:58 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
43
Expires
Wed, 11 Nov 1998 11:11:11 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84b4cfa9a322e6d85d7b537ce67fad4770e00d1f575d1e74b2076f94a7219001
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Origin
https://buffalonews.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
k+eKZj2RBZGk3/Xp+6W1EA==
status
200
date
Wed, 08 Apr 2020 19:37:58 GMT, Wed, 08 Apr 2020 19:37:58 GMT
expires
Wed, 08 Apr 2020 19:43:52 GMT
alt-svc
h3-27=":443"; ma=3600
content-length
1781
x-fb-debug
6ssbVHhwA8qtQijg/63LHAzyvBAwWloXWm3tdHQs9dsSPnHReq61I57hha8tF6J1isF9qsF1F5xYs7L4z7vTyw==
x-fb-trip-id
420120009
x-fb-content-md5
6b0d96644473f7ea949464b5360e6947
etag
"de0c455057def7a59f47aa0f35600b4f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
The-Buffalo-News.png
bnwordpress.s3.amazonaws.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnwordpress.s3.amazonaws.com/The-Buffalo-News.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.28.164 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 08 Apr 2020 19:38:00 GMT
ETag
"de2129436d5e9196073b68acc101ae33"
Last-Modified
Tue, 19 Jan 2016 18:56:57 GMT
Server
AmazonS3
x-amz-request-id
81916E9506A2B705
x-amz-meta-cb-modifiedtime
Tue, 19 Jan 2016 18:55:20 GMT
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5483
x-amz-id-2
bFWLWjTlrgEN6abFAwuCW7/kC0IIv5AAUK7pGiMGawiC3zrBi6ia1fdxvZwpHtXL49PkHunAWCY=
search_box_icon.png
www.google.com/uds/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/uds/css/v2/search_box_icon.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 13:08:01 GMT
server
GSE
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1018
x-xss-protection
1; mode=block
expires
Wed, 08 Apr 2020 19:37:58 GMT
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=&lang=en&cx=
  • https://cse.google.com/coop/cse/brand?form=&lang=en&cx=
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=&lang=en&cx=
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
pfe /
Resource Hash
bff3b25b45269858616625b75405fa0bc9e48c8101081c88f3c651838b38e820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1174
x-xss-protection
0
expires
Wed, 08 Apr 2020 20:07:58 GMT

Redirect headers

date
Wed, 08 Apr 2020 19:37:58 GMT
x-content-type-options
nosniff
server
sffe
location
https://cse.google.com/coop/cse/brand?form=&lang=en&cx=
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
260
x-xss-protection
0
eyJidWNrZXQiOiJibmNvcmUiLCJrZXkiOiJ3cC1jb250ZW50XC91cGxvYWRzXC8yMDIwXC8wMVwvSW1hZ2UtMjI4NzcxLmpwZyIsIm1heCI6IiIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6Mzc1LCJoZWlnaHQiOjUwMCwiZml0IjoiY292ZXIifX19
img.buffalonews.com/ 		0
0
conversion.js
www.googleadservices.com/pagead/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
7c161e527e5d33581071177ec83d1ec479718288e14d7417c898424172047153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10498
x-xss-protection
0
server
cafe
etag
7823799827279488649
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Apr 2020 19:37:58 GMT
css
fonts.googleapis.com/ 		10 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b67ffa5bcc69b72e1fd971de44ff6e71b379f039adc48eec47bb678bb619d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 19:37:58 GMT
server
ESF
date
Wed, 08 Apr 2020 19:37:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Apr 2020 19:37:58 GMT
8db35183ba466292fa9d8d5b41e82cefc6f7f2cb.png
bucket.mlcdn.com/a/1512/1512836/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bucket.mlcdn.com/a/1512/1512836/images/8db35183ba466292fa9d8d5b41e82cefc6f7f2cb.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9461b1cc02faab236ed56326de2b944b4af1903f2659e01ea82710b10b7b4e6e

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
cf-cache-status
HIT
age
5213
status
200
content-type
image/png
content-length
25802
x-amz-id-2
yGeEkiKSPWmxnncUiopt2Hs1cqvP2y1IleWXkyNJZvzERRAPq3GfUHBwcl7lx7h1UWpSbhb/N9c=
last-modified
Thu, 09 Jan 2020 17:54:43 GMT
server
cloudflare
etag
"5467107e3d81ce8aa717c65e32552f1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
BFA28ED9050AB108
cache-control
max-age=691200
x-amz-version-id
null
accept-ranges
bytes
cf-ray
580e722f794bdfcf-FRA
t8w5t2
track.mailerlite.com/webforms/o/1705820/ 		43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.mailerlite.com/webforms/o/1705820/t8w5t2?v4a60e9ef938a7fa0240ac9ba567062cb
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.12.186.240 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS
195-12-186-240.static.zebra.lt
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 08 Apr 2020 19:37:59 GMT
Content-Encoding
gzip
Server
nginx
Connection
close
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/gif
webforms.min.js
static.mailerlite.com/js/w/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mailerlite.com/js/w/webforms.min.js?v4a60e9ef938a7fa0240ac9ba567062cb
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc30dab3e8ea7e8e82e2ad27f20a4d41d884166942122bcdb6dde818a06a39a5

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2184966
status
200
last-modified
Fri, 06 Mar 2020 13:18:35 GMT
server
cloudflare
etag
W/"5e624dab-1b99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
cf-ray
580e722ec944dfd7-FRA
expires
Mon, 13 Apr 2020 12:41:52 GMT
cse.css
buffalonews.com/wp-content/themes/tbn-2016/google/cse/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/google/cse/css/cse.css?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
2b646af6f1e7099df16f0b3ef99ba7fe471be6469f2cf15cd0bb003a686a1263
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
1760
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 19 Feb 2020 17:30:24 GMT
x-frame-options
SAMEORIGIN
etag
"19eb-59ef124c50c5a-gzip"
vary
Accept-Encoding
x-varnish
115568158 86415050, 116428055
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/css
expires
0
fontsmoothie.min.js
buffalonews.com/wp-content/themes/tbn-2016/js/vendor/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/vendor/fontsmoothie.min.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4b10760eda0cc129171fc098ea606c21cc1f0dc81cce5e955129015007286a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
778
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Fri, 21 Apr 2017 15:17:53 GMT
x-frame-options
SAMEORIGIN
etag
"4a0-54daec2ed3dd4-gzip"
vary
Accept-Encoding
x-varnish
106635117 76957112, 116428057
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
pym.v1.min.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/pym.v1.min.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
2810
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 21 Feb 2018 16:59:50 GMT
x-frame-options
SAMEORIGIN
etag
"234b-565bbdafbbc95-gzip"
vary
Accept-Encoding
x-varnish
114733956 82597792, 106794124
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
search.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		204 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/search.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167300
status
200
content-length
144
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Fri, 21 Apr 2017 15:17:53 GMT
x-frame-options
SAMEORIGIN
etag
"cc-54daec2ed3dd4-gzip"
vary
Accept-Encoding
x-varnish
116770097 85909655
via
1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
breaking-news.js.php
buffalonews.com/wp-content/plugins/content-management/controllers/ 		190 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/plugins/content-management/controllers/breaking-news.js.php
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 19:37:58 GMT
via
1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
age
8060
x-frame-options
SAMEORIGIN
x-varnish
116461293 114180551
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
content-length
190
x-xss-protection
1; mode=block
expires
0
bn_share_menu.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		857 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/bn_share_menu.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167300
status
200
content-length
350
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 01 Nov 2017 18:50:27 GMT
x-frame-options
SAMEORIGIN
etag
"359-55cf0585916fa-gzip"
vary
Accept-Encoding
x-varnish
105938418 78631206
via
1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
bn_custom_share_icon.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		261 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/bn_custom_share_icon.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167300
status
200
content-length
191
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 01 Nov 2017 16:00:20 GMT
x-frame-options
SAMEORIGIN
etag
"105-55cedf7f84696-gzip"
vary
Accept-Encoding
x-varnish
115964622 85909657
via
1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
menu.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		290 B
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/menu.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167300
status
200
content-length
217
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 04 Oct 2017 17:06:30 GMT
x-frame-options
SAMEORIGIN
etag
"122-55abba10cd842-gzip"
vary
Accept-Encoding
x-varnish
116564814 89363792
via
1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
bn_lazy_load_new.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/bn_lazy_load_new.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
3428
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 12 Feb 2020 19:37:26 GMT
x-frame-options
SAMEORIGIN
etag
"1c84-59e661a306373-gzip"
vary
Accept-Encoding
x-varnish
116958201 88853316, 116364169
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
bn_navbar.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/bn_navbar.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
1818
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 12 Feb 2020 19:37:26 GMT
x-frame-options
SAMEORIGIN
etag
"1463-59e661a306373-gzip"
vary
Accept-Encoding
x-varnish
116737384 87894705, 106385239
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
bn_gallery.js
buffalonews.com/wp-content/themes/tbn-2016/js/bn_gallery/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/bn_gallery/bn_gallery.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167300
status
200
content-length
3150
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Mon, 22 Jan 2018 14:53:06 GMT
x-frame-options
SAMEORIGIN
etag
"3260-5635e967fdba3-gzip"
vary
Accept-Encoding
x-varnish
114255945 82597794
via
1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
article.js
buffalonews.com/wp-content/themes/tbn-2016/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/article.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
1729
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 09 Oct 2019 17:43:50 GMT
x-frame-options
SAMEORIGIN
etag
"101f-5947dd3e82b33-gzip"
vary
Accept-Encoding
x-varnish
116107068 82597796, 105150110
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
pinit.js
assets.pinterest.com/js/ 		355 B
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
br
x-cdn
fastly
access-control-allow-origin
*
etag
"8dd5359092b2e6296dc231b56e768864"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
status
200
access-control-max-age
86400
cache-control
max-age=300
content-length
181
access-control-expose-headers
X-CDN
curator.js
buffalonews.com/wp-content/plugins/content-management/js/curator/frontend/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/plugins/content-management/js/curator/frontend/curator.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167300
status
200
content-length
1527
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 14 Nov 2018 18:48:49 GMT
x-frame-options
SAMEORIGIN
etag
"1764-57aa4628529e4-gzip"
vary
Accept-Encoding
x-varnish
117117780 87894707
via
1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
curator-fe.js
buffalonews.com/wp-content/plugins/content-management/js/curator/frontend/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/plugins/content-management/js/curator/frontend/curator-fe.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167300
status
200
content-length
1620
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 07 Nov 2018 19:58:19 GMT
x-frame-options
SAMEORIGIN
etag
"11f7-57a188a2cdf70-gzip"
vary
Accept-Encoding
x-varnish
116621775 84938787
via
1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
curatedRecommendedContent.js.php
buffalonews.com/wp-content/themes/tbn-2016/js/ 		0
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/js/curatedRecommendedContent.js.php?id&ver=1.0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 19:37:58 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
age
0
x-frame-options
SAMEORIGIN
x-varnish
114733957 113342880, 105963569
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
expires
0
bn_custom_oembed.js
buffalonews.com/wp-content/plugins/content-management/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-content/plugins/content-management/js/bn_custom_oembed.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
690
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Wed, 25 Sep 2019 15:58:06 GMT
x-frame-options
SAMEORIGIN
etag
"50b-59362b7f6db98-gzip"
vary
Accept-Encoding
x-varnish
98451111 76957115, 116177086
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
wp-emoji-release.min.js
buffalonews.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
content-length
4622
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
*
last-modified
Thu, 21 Nov 2019 03:23:44 GMT
x-frame-options
SAMEORIGIN
etag
"3610-597d2d31e3ab3-gzip"
vary
Accept-Encoding
x-varnish
116107069 82597798, 105730258
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
application/javascript
expires
0
p.css
p.typekit.net/ 		5 B
168 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=typ0hvv&ht=tk&f=29431.29432.29434.29435.29436&a=33059054&app=typekit&e=css
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
last-modified
Thu, 07 Feb 2019 19:28:12 GMT
server
nginx
access-control-allow-origin
*
etag
"5c5c86cc-5"
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
5
expires
Thu, 12 Sep 2019 08:25:52 GMT
track
api.bntech.io/m/ 		21 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/m/track
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8e348a2876686697c17bc2784470cbebe761146f0bbfc180a67a52793117882d

Request headers

Access-Control-Request-Method
PUT
Origin
https://buffalonews.com
Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-api-key,x-api-token,x-metric-type

Response headers

Date
Wed, 08 Apr 2020 19:37:58 GMT
Server
nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods
OPTIONS, GET, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Token, X-API-Key, X-API-Token, X-Metric-Type
Content-Length
21
apstag.js
c.amazon-adsystem.com/aax2/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 17:41:12 GMT
content-encoding
gzip
server
Server
age
7006
etag
5a6f7c22da51c6b65ddd5cdb2840c3a7
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
4DD_-PmghL7HMQsxmx9zNiSM0HO9JDniNHo0yL79-gCcgbrd8W1aDA==
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/ 		183 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06b3cb7cf322cbb6cefa9d7c06655585de95d96f168b023d0aa141a89d5c2c36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
37190
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Apr 2020 19:37:58 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3867
date
Wed, 08 Apr 2020 18:33:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Wed, 08 Apr 2020 20:33:31 GMT
cse.js
cse.google.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=006900656957014357757:65jm81-837s
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
000638e3a0f8031fa4ecd4ab55f21f96a8628691d111ccb20f0121b9bbe3232d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
3667
x-xss-protection
0
expires
Wed, 08 Apr 2020 19:37:58 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
E4oU0A9nKLZ4HDmCqSKeaYjp/Hnu7XJ0+sEdBVIvpIUUR1u1yJ/r10faGNKCi4dEJy5+m0teBS0bV7K0pYYCng==
x-fb-trip-id
420120009
date
Wed, 08 Apr 2020 19:37:58 GMT, Wed, 08 Apr 2020 19:37:58 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-222.fra50.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 00:04:37 GMT
Content-Encoding
gzip
Age
70397
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Tue, 07 Apr 2020 00:03:41 GMT
Server
nginx
ETag
W/"5e8bc35d-1c72"
Content-Type
application/x-javascript
Via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
Cn--sujhkwfN0qy1t4RNWTOW6YmejSvVsRRyY3nDWREYJZfkzsVKkQ==
Expires
Thu, 09 Apr 2020 00:04:37 GMT
survey
survey.g.doubleclick.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/survey?site=_hlh5tund53ozsyfccrjkwy6zsy&url=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&cid=everything&random=1586374678933
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d9aefc0bcb03b70fa9f80fd95e150516b88088c038451a3097a1384e304874c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 19:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200
vary
*
cache-control
private, no-cache, must-revalidate, no-store
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cse_element__en.js
www.google.com/cse/static/element/8b2252448421acb3/ 		257 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8b2252448421acb3/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006900656957014357757:65jm81-837s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02c39275000c1280f9cde808ebe731ec1924477305678759c1140ecaac49eba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 16:29:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 31 Oct 2019 16:49:36 GMT
server
sffe
age
11334
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
86820
x-xss-protection
0
expires
Thu, 08 Apr 2021 16:29:04 GMT
default+en.css
www.google.com/cse/static/element/8b2252448421acb3/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8b2252448421acb3/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006900656957014357757:65jm81-837s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 16:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 31 Oct 2019 16:49:36 GMT
server
sffe
age
11329
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
9042
x-xss-protection
0
expires
Thu, 08 Apr 2021 16:29:09 GMT
default.css
www.google.com/cse/static/style/look/v3/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v3/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006900656957014357757:65jm81-837s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 18:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Nov 2019 23:30:00 GMT
server
sffe
age
2335
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2719
x-xss-protection
0
expires
Wed, 08 Apr 2020 19:49:03 GMT
prompt_embed_static.js
survey.g.doubleclick.net/insights/consumersurveys/static/425814931733460422/ 		386 KB
387 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/insights/consumersurveys/static/425814931733460422/prompt_embed_static.js
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_hlh5tund53ozsyfccrjkwy6zsy&url=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&cid=everything&random=1586374678933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
102f85f15606deb5a42897af0e132a00a10e64fac66583616b95a33f03e8fb89

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 07 Apr 2020 20:09:48 GMT
server
Google Frontend
age
84490
content-type
application/javascript
status
200
x-cloud-trace-context
647112826ca2342d30719b8a4cb30b8f
cache-control
public, max-age=2592000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
395553
integrator.sync.js
adservice.google.de/adsid/ 		113 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=buffalonews.com
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_hlh5tund53ozsyfccrjkwy6zsy&url=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&cid=everything&random=1586374678933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
108
x-xss-protection
0
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-11-238-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 19:37:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 09 Apr 2020 19:37:59 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
164
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Wed, 08 Apr 2020 20:35:15 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
836
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Wed, 08 Apr 2020 20:24:03 GMT
js
www.google-analytics.com/gtm/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PKQKGQT&cid=1840296706.1586374679
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24151
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Apr 2020 19:37:59 GMT
1041323275912628
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1041323275912628?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Fz429j27QzNpxQ46GSKCM2WGk3A0VkrPw/BP3XIpk65yDuFrnKBkxwv4cMTjhzvDrW1Lp8m6F71PIEZxoKV+4w==
x-fb-trip-id
420120009
date
Wed, 08 Apr 2020 19:37:59 GMT, Wed, 08 Apr 2020 19:37:59 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
track
api.bntech.io/m/ 		254 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/m/track
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Origin
https://buffalonews.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Sec-Fetch-Dest
empty
X-Metric-Type
view
X-API-Key
1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
X-API-Token
sDHRhYNcAY76jxfUf8TSMaMu8a10WkQaw6DJ4Vi3kboimcYAGX

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:37:59 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
254
Content-Type
application/json
integrator.js
adservice.google.de/adsid/ 		109 B
174 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=buffalonews.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		122 B
189 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=buffalonews.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
119
x-xss-protection
0
pubads_impl_2020032401.js
securepubads.g.doubleclick.net/gpt/ 		168 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Mar 2020 13:43:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62966
x-xss-protection
0
expires
Wed, 08 Apr 2020 19:37:59 GMT
594b9819-366f-4c1d-956b-cd029ef86683.js
d2s8wlbatk24s7.cloudfront.net/service/js/ 		59 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/594b9819-366f-4c1d-956b-cd029ef86683.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:1000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Origin
https://buffalonews.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 19:10:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1632
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
*
x-amz-cf-id
bktVbL8j5y4asfQ5JXwW-rWr2gas8yXCsckrXinmFSMKNNUEYoEzVQ==
prompt
survey.g.doubleclick.net/gk/ 		0
162 B 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/gk/prompt?site=_hlh5tund53ozsyfccrjkwy6zsy&t=1&url=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&cid=everything&random=1586374678980&ref=&token=NT
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_hlh5tund53ozsyfccrjkwy6zsy&url=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&cid=everything&random=1586374678933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-why
UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Apr 2020 19:37:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
23
x-xss-protection
0
bid
c.amazon-adsystem.com/e/dtb/ 		121 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&pid=zaHfvpIQZGyta&cb=0&ws=1600x1200&v=7.47.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F4974125%2FBuffaloNewsCOM%2Fcelebration-of-life%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22fluidx970%2C250x728%2C90x970%2C90%22%5D%2C%22sn%22%3A%22%2F4974125%2FBuffaloNewsCOM%2Fcelebration-of-life%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4974125%2FBuffaloNewsCOM%2Fcelebration-of-life%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4974125%2FBuffaloNewsCOM%2Fcelebration-of-life%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4974125%2FBuffaloNewsCOM%2Fcelebration-of-life%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F4974125%2FBuffaloNewsCOM%2Fcelebration-of-life%22%7D%5D&cfgv=0&pubid=d6a98f6f-8603-4436-88aa-78c5124f1dcd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Origin
https://buffalonews.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA50-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
129
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
x-amz-cf-id
2FvLDFPzzySjREzqqjiOnEfICUL8rHLbzoqFdzsBKariDFWiV417Qg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Origin
https://buffalonews.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 00:54:45 GMT
content-encoding
gzip
vary
Origin
age
67395
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 05 Mar 2020 08:28:46 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
piq9oTCuJYeLT7O5FfMw7Lk4GAX-knBi7UhXmGCnc6IgWEbcIRXgCw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1586374679121&ns_c=UTF-8&cv=3.5&c8=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&c7=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1586374679121&ns_c=UTF-8&cv=3.5&c8=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&c7=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F1...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1586374679121&ns_c=UTF-8&cv=3.5&c8=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&c7=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&c9=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-11-238-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 19:37:59 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1586374679121&ns_c=UTF-8&cv=3.5&c8=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&c7=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&c9=
Pragma
no-cache
Date
Wed, 08 Apr 2020 19:37:59 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
buffalonews.com
srv-2020-04-08-19.config.parsely.com/config/ 		0
0
publisher:getClientId
ampcid.google.com/v1/ 		74 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Origin
https://buffalonews.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1742103563&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&ul=en-us&de=UTF-8&dt=SHEFFIELD%2C%20Rick%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5339712-1&cid=1840296706.1586374679&jid=1598597920&_gid=263369847.1586374679&gjid=1464878105&_v=j81&z=910766752
35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5339712-1&cid=1840296706.1586374679&jid=1598597920&_gid=263369847.1586374679&gjid=1464878105&_v=j81&z=910766752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Wed, 08 Apr 2020 19:37:59 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Apr 2020 19:37:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5339712-1&cid=1840296706.1586374679&jid=1598597920&_gid=263369847.1586374679&gjid=1464878105&_v=j81&z=910766752
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1742103563&t=event&ni=1&_s=2&dl=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&ul=en-us&de=UTF-8&dt=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Category&ea=Celebration%20of%20Life&el=Celebration%20of%20Life&ev=1&_u=aGBAAEArQ~&jid=&gjid=&cid=1840296706.1586374679&tid=UA-5339712-1&_gid=263369847.1586374679&cd1=Staff&cd6=Celebration%20of%20Life&z=813618234
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:08:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2503783
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1742103563&t=pageview&_s=3&dl=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&ul=en-us&de=UTF-8&dt=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEArQ~&jid=&gjid=&cid=1840296706.1586374679&tid=UA-5339712-1&_gid=263369847.1586374679&cd1=Staff&cd6=Celebration%20of%20Life&z=285953200
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:08:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2503783
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1041323275912628&ev=PageView&dl=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&rl=&if=false&ts=1586374679139&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1586374679139.103839462&it=1586374679025&coo=false&rqm=GET
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/2020/01/12/sheffield-rick/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT, Wed, 08 Apr 2020 19:37:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 08 Apr 2020 19:37:59 GMT
Primary Request register
subscribe.buffalonews.com/ 		541 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://subscribe.buffalonews.com/register?template=372
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea2:f857:cbce:7c2c:fc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
bcf4a4b495bdd555be060cd49407a49e7491d08b4f4856e5f3d4c592f85238ab

Request headers

Host
subscribe.buffalonews.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
TPCI=BNTPwpDD7epbBnxBzL68LUGQ1MJBSlzD4j7KFujMD0yK36Nme988jLK4lXr7Wu93tAI; _bnmsi=BNTr1ddI0dMg0; _ga=GA1.2.1840296706.1586374679; _gid=GA1.2.263369847.1586374679; _gat=1; AMP_TOKEN=%24RETRIEVING; _fbp=fb.1.1586374679139.103839462
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://buffalonews.com/2020/01/12/sheffield-rick/

Response headers

Date
Wed, 08 Apr 2020 19:37:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx/1.10.3 (Ubuntu)
Last-Modified
Wed, 01 Apr 2020 14:45:20 GMT
ETag
W/"5e84a900-21d"
Content-Encoding
gzip
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3868
date
Wed, 08 Apr 2020 18:33:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Wed, 08 Apr 2020 20:33:31 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
Origin
https://buffalonews.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
js
www.google-analytics.com/gtm/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TQ9PK73&t=gtm12&cid=1840296706.1586374679
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 19:37:59 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Apr 2020 19:37:59 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1742103563&t=pageview&_s=1&dl=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&ul=en-us&de=UTF-8&dt=SHEFFIELD%2C%20Rick%20%E2%80%93%20The%20Buffalo%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEArQAQC~&jid=773661866&gjid=516578573&cid=1840296706.1586374679&tid=UA-54716522-2&_gid=263369847.1586374679&gtm=2wg432TDWDC2&cd14=Undefined&cd17=null&cd75=0&cd76=%20%20%20%20%20%20%20%20%20&cd79=&cd80=&cd81=No&cd82=&cd102=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&cd103=Undefined&cd104=Undefined%2C%20Undefined&cd105=undefined&cd106=Page%20View&cd111=undefined&cd115=notset&cd89=1840296706.1586374679&z=2135354615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:08:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2503783
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-54716522-2&cid=1840296706.1586374679&jid=773661866&gjid=516578573&_gid=263369847.1586374679&_u=aGDAgEArQAQC~&z=1843633082
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54716522-2&cid=1840296706.1586374679&jid=773661866&_v=j81&z=1843633082
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54716522-2&cid=1840296706.1586374679&jid=773661866&_v=j81&z=1843633082&slf_rd=1&random=2138992605
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54716522-2&cid=1840296706.1586374679&jid=773661866&_v=j81&z=1843633082&slf_rd=1&random=2138992605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/2020/01/12/sheffield-rick/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 19:37:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Apr 2020 19:37:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54716522-2&cid=1840296706.1586374679&jid=773661866&_v=j81&z=1843633082&slf_rd=1&random=2138992605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
pubads_impl_rendering_2020032401.js
securepubads.g.doubleclick.net/gpt/ 		0
0
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0
iu3
aax-eu.amazon-adsystem.com/s/ Frame 2AC2 		0
0
app.js
subscribe.buffalonews.com/ 		7 MB
7 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02
Requested by
Host: subscribe.buffalonews.com
URL: https://subscribe.buffalonews.com/register?template=372
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea2:f857:cbce:7c2c:fc5e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
4151f0a92b4d26c19cc94239e446047941f12deb03d1adffa4d6b2203709cc94

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 19:37:59 GMT
Last-Modified
Wed, 01 Apr 2020 14:45:20 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5e84a900-6fb7df"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7321567
css
fonts.googleapis.com/ 		2 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora&display=swap
Requested by
Host: subscribe.buffalonews.com
URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a32157e33a368606e57151d0b3d66a55e68fcb8ebb071b2b2ee39a3df208dd01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 19:38:00 GMT
server
ESF
date
Wed, 08 Apr 2020 19:38:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Apr 2020 19:38:00 GMT
/
api.bntech.io/sub/lookup/ 		21 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/sub/lookup/?template=372
Requested by
Host: subscribe.buffalonews.com
URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8d8ba7592e0f10a95c09c3c962319a3b235329f07b68fb1f638d480fa088bb08

Request headers

Access-Control-Request-Method
GET
Origin
https://subscribe.buffalonews.com
Referer
https://subscribe.buffalonews.com/register?template=372
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
x-domain

Response headers

Date
Wed, 08 Apr 2020 19:38:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-API-Key, X-Subscription-Session, X-Domain
Content-Length
21
/
api.bntech.io/sub/lookup/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/sub/lookup/?template=372
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0bf052905ade42190315352a5e7322cae5d584652789efee981f9aaa6a225b83

Request headers

Accept
application/json, text/plain, */*
Referer
https://subscribe.buffalonews.com/register?template=372
Origin
https://subscribe.buffalonews.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Domain
subscribe.buffalonews.com

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
/
api.bntech.io/sub/lookup/ 		21 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/sub/lookup/?template=372
Requested by
Host: subscribe.buffalonews.com
URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8d8ba7592e0f10a95c09c3c962319a3b235329f07b68fb1f638d480fa088bb08

Request headers

Access-Control-Request-Method
GET
Origin
https://subscribe.buffalonews.com
Referer
https://subscribe.buffalonews.com/register?template=372
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
x-domain

Response headers

Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-API-Key, X-Subscription-Session, X-Domain
Content-Length
21
1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
api.bntech.io/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Requested by
Host: subscribe.buffalonews.com
URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8cc7ca22ca0299498e836dfdb52204738427428085eeda2d1eb84bc9ac25f513

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: subscribe.buffalonews.com
URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3870
date
Wed, 08 Apr 2020 18:33:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Wed, 08 Apr 2020 20:33:31 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: subscribe.buffalonews.com
URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
E4oU0A9nKLZ4HDmCqSKeaYjp/Hnu7XJ0+sEdBVIvpIUUR1u1yJ/r10faGNKCi4dEJy5+m0teBS0bV7K0pYYCng==
x-fb-trip-id
420120009
date
Wed, 08 Apr 2020 19:38:01 GMT, Wed, 08 Apr 2020 19:38:01 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 18:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3481
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
738
x-xss-protection
0
expires
Wed, 08 Apr 2020 19:40:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
10620
x-xss-protection
0
pragma
public
x-fb-debug
WB9C73+Hz8V+/DaycqM4zHvWI5ar29Es/Ars0uJY6OhanWHI/vZRkQeXraGKUIyCACiuMeS/XQYWpmiU6lxLYg==
x-fb-trip-id
420120009
date
Wed, 08 Apr 2020 19:38:01 GMT, Wed, 08 Apr 2020 19:38:01 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
1041323275912628
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1041323275912628?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a56fc453db0511b7e9e01ba80e2c5da43745cd05812dd428502ee46828a8b229
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114963
x-xss-protection
0
pragma
public
x-fb-debug
Fz429j27QzNpxQ46GSKCM2WGk3A0VkrPw/BP3XIpk65yDuFrnKBkxwv4cMTjhzvDrW1Lp8m6F71PIEZxoKV+4w==
x-fb-trip-id
420120009
date
Wed, 08 Apr 2020 19:38:01 GMT, Wed, 08 Apr 2020 19:38:01 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
api.bntech.io/sub/lookup/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/sub/lookup/?template=372
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0bf052905ade42190315352a5e7322cae5d584652789efee981f9aaa6a225b83

Request headers

Accept
application/json, text/plain, */*
Referer
https://subscribe.buffalonews.com/register?template=372
Origin
https://subscribe.buffalonews.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Domain
subscribe.buffalonews.com

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
ads.js
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ads/BNTXBj77fIM9t/ads/ 		25 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ads/BNTXBj77fIM9t/ads/ads.js
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b97dab86dd99db3e4b7e4aa68ab4ffcac253f96d692b1e7011b74aba8c8a953d

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
25
Content-Type
text/javascript;charset=UTF-8
ab
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ 		875 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ab
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1f53ccc2d3e1fb7bb0c211b32b7f8e7bb93f77b994660ac9628e5e0ebe3fc00d

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
875
Content-Type
text/javascript;charset=UTF-8
sso
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/sso
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d19281174344999900cd082a8c913d0448bb5da0dfa316fdee0bdecffaf917b1

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
96be5a96b5f84bb8abef81330501a076
api.bntech.io/f/css/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ 		229 B
417 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/f/css/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/96be5a96b5f84bb8abef81330501a076
Requested by
Host: subscribe.buffalonews.com
URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
31716e914e8cd6659e5d5bf318eb4838063c0806461882dcfcc6a19f4f4d17dc

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
229
Content-Type
text/css
bn-logo.png
buffalonews.com/wp-content/themes/tbn-2016/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buffalonews.com/wp-content/themes/tbn-2016/images/bn-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:741d:26c8:960a:a9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
856fbbe48b6da4f59a6b9ea769639c613fe1d45680c1b0bc2b8993de44b533a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 19:38:01 GMT
via
1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
age
167289
status
200
content-length
7654
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 21 Apr 2017 15:17:53 GMT
etag
"1de6-54daec2ec91f5"
x-frame-options
SAMEORIGIN
x-varnish
116958246 89527720
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-type
image/png
expires
0
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=967015470&t=pageview&_s=1&dl=https%3A%2F%2Fsubscribe.buffalonews.com%2Fregister%3Ftemplate%3D372&dr=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&dp=register&ul=en-us&de=UTF-8&dt=Subscribe%20to%20The%20Buffalo%20News&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=CCCAAEIR~&jid=&gjid=&cid=1840296706.1586374679&tid=UA-5339712-1&_gid=263369847.1586374679&z=1683657200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 10 Mar 2020 20:08:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2503785
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1041323275912628&ev=PageView&dl=https%3A%2F%2Fsubscribe.buffalonews.com%2Fregister%3Ftemplate%3D372&rl=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&if=false&ts=1586374681230&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1586374679139.103839462&it=1586374681109&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 19:38:01 GMT, Wed, 08 Apr 2020 19:38:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 08 Apr 2020 19:38:01 GMT
0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkqt8ndeYxZ0.woff
fonts.gstatic.com/s/lora/v15/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v15/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkqt8ndeYxZ0.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a99a2f71c0527587456b69f093de550e7183a8da3b45b747aa8fc454ad6041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lora&display=swap
Origin
https://subscribe.buffalonews.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 04:11:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Mar 2020 18:18:30 GMT
server
sffe
age
401195
content-type
font/woff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
22384
x-xss-protection
0
expires
Sun, 04 Apr 2021 04:11:26 GMT
track
api.bntech.io/m/ 		21 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/m/track
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8e348a2876686697c17bc2784470cbebe761146f0bbfc180a67a52793117882d

Request headers

Access-Control-Request-Method
PUT
Origin
https://subscribe.buffalonews.com
Referer
https://subscribe.buffalonews.com/register?template=372
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-api-key,x-api-token,x-metric-type

Response headers

Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods
OPTIONS, GET, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Token, X-API-Key, X-API-Token, X-Metric-Type
Content-Length
21
track
api.bntech.io/m/ 		144 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/m/track
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ab9dec90ef47fc1d9378cffed3f4fb4ce7466ec5ede5d359fe69d201e6a4d0cd

Request headers

Origin
https://subscribe.buffalonews.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://subscribe.buffalonews.com/register?template=372
Sec-Fetch-Dest
empty
X-Metric-Type
view
X-API-Key
1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
X-API-Token
sDHRhYNcAY76jxfUf8TSMaMu8a10WkQaw6DJ4Vi3kboimcYAGX

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
144
Content-Type
application/json
track
api.bntech.io/m/ 		21 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/m/track
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8e348a2876686697c17bc2784470cbebe761146f0bbfc180a67a52793117882d

Request headers

Access-Control-Request-Method
PUT
Origin
https://subscribe.buffalonews.com
Referer
https://subscribe.buffalonews.com/register?template=372
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-api-key,x-api-token,x-metric-type

Response headers

Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods
OPTIONS, GET, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Token, X-API-Key, X-API-Token, X-Metric-Type
Content-Length
21
track
api.bntech.io/m/ 		20 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/m/track
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Origin
https://subscribe.buffalonews.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://subscribe.buffalonews.com/register?template=372
Sec-Fetch-Dest
empty
X-Metric-Type
misc
X-API-Key
1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
X-API-Token
sDHRhYNcAY76jxfUf8TSMaMu8a10WkQaw6DJ4Vi3kboimcYAGX

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 19:38:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
20
Content-Type
application/json
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1041323275912628&ev=Microdata&dl=https%3A%2F%2Fsubscribe.buffalonews.com%2Fregister%3Ftemplate%3D372&rl=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&if=false&ts=1586374682733&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Subscribe%20to%20The%20Buffalo%20News%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1586374682732.289893479&it=1586374681109&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subscribe.buffalonews.com/register?template=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 19:38:02 GMT, Wed, 08 Apr 2020 19:38:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 08 Apr 2020 19:38:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.buffalonews.com
URL
https://img.buffalonews.com/eyJidWNrZXQiOiJibmNvcmUiLCJrZXkiOiJ3cC1jb250ZW50XC91cGxvYWRzXC8yMDIwXC8wMVwvSW1hZ2UtMjI4NzcxLmpwZyIsIm1heCI6IiIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6Mzc1LCJoZWlnaHQiOjUwMCwiZml0IjoiY292ZXIifX19
Domain
srv-2020-04-08-19.config.parsely.com
URL
https://srv-2020-04-08-19.config.parsely.com/config/buffalonews.com
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2273190197753729&correlator=1625924477472140&output=ldjh&impl=fifs&adsid=NT&eid=44716867&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=4974125%2CBuffaloNewsCOM%2Ccelebration-of-life&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%7C3x3%2C320x50%7C3x3%2C320x50%7C300x250%7C300x600%2C300x250%2C728x90%7C1x1%2C300x250%2C728x90&fluid=0%2Cheight%2Cheight%2C0%2C0%2C0%2C0&prev_scp=PLACEMENT%3DWALLPAPER%7CPLACEMENT%3DTOPHAT%7CPOSITION%3DATF%26position%3DSTICKY%26amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7CPOSITION%3DATF%26PLACEMENT%3DIN-CONTENT%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=CATEGORY%3DCelebration%2520of%2520Life%26PAGE-ID%3D2810692%26PAGE-TYPE%3DARTICLE&cookie_enabled=1&bc=31&abxe=1&lmt=1586374679&dt=1586374679407&dlt=1586374678243&idt=911&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=3648903241%2C4246924162%2C2511893951%2C1719692417%2C1969953853%2C1719692416%2C4094028283&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbuffalonews.com%2F2020%2F01%2F12%2Fsheffield-rick%2F&dssz=51&icsg=4294486024&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1840296706.1586374679&ga_sid=1586374679&ga_hid=1742103563&fws=2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_cnv

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb function| Payment object| FontAwesomeConfig object| ___FONT_AWESOME___ string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _BNTech object| BNTech boolean| BNTXBj77fIM9t

8 Cookies

Domain/Path Name / Value
.buffalonews.com/ Name: _fbp
Value: fb.1.1586374679139.103839462
.buffalonews.com/ Name: _gat
Value: 1
.buffalonews.com/ Name: _gid
Value: GA1.2.263369847.1586374679
.buffalonews.com/ Name: _ga
Value: GA1.2.1840296706.1586374679
.buffalonews.com/ Name: _dc_gtm_UA-54716522-2
Value: 1
.buffalonews.com/ Name: _bnmsi
Value: BNTr1ddI0dMg0
.buffalonews.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.buffalonews.com/ Name: TPCI
Value: BNTPwpDD7epbBnxBzL68LUGQ1MJBSlzD4j7KFujMD0yK36Nme988jLK4lXr7Wu93tAI

4 Console Messages

Source Level URL
Text
console-api log URL: https://buffalonews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02(Line 53)
Message:
STATE: [object Object]
console-api warning URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02(Line 51)
Message:
[react-ga] Empty `options` given to .require()
console-api log URL: https://subscribe.buffalonews.com/app.js?eaa9d41577441e3a1c02(Line 53)
Message:
STATE: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
api.bntech.io
assets.pinterest.com
bnwordpress.s3.amazonaws.com
bucket.mlcdn.com
buffalonews.com
c.amazon-adsystem.com
connect.facebook.net
cse.google.com
d1z2jf7jlzjs58.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
img.buffalonews.com
includemodal.global.ssl.fastly.net
p.typekit.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
srv-2020-04-08-19.config.parsely.com
static.mailerlite.com
stats.g.doubleclick.net
subscribe.buffalonews.com
survey.g.doubleclick.net
tpc.googlesyndication.com
track.mailerlite.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
aax-eu.amazon-adsystem.com
img.buffalonews.com
securepubads.g.doubleclick.net
srv-2020-04-08-19.config.parsely.com
tpc.googlesyndication.com
143.204.101.222
143.204.90.242
151.101.113.194
172.217.18.2
172.217.18.98
195.12.186.240
23.11.238.95
2600:1f18:410b:aea1:741d:26c8:960a:a9c
2600:1f18:410b:aea1:cc8c:a268:a1c5:52e5
2600:1f18:410b:aea2:f857:cbce:7c2c:fc5e
2600:9000:21f3:1000:d:77c3:2dc0:21
2606:4700:10::6816:45f4
2606:4700:10::6816:6cb
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:808::2011
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:814::200e
2a00:1450:4001:815::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::84
52.216.28.164
95.100.67.47
000638e3a0f8031fa4ecd4ab55f21f96a8628691d111ccb20f0121b9bbe3232d
02c39275000c1280f9cde808ebe731ec1924477305678759c1140ecaac49eba0
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b3cb7cf322cbb6cefa9d7c06655585de95d96f168b023d0aa141a89d5c2c36
0bf052905ade42190315352a5e7322cae5d584652789efee981f9aaa6a225b83
102f85f15606deb5a42897af0e132a00a10e64fac66583616b95a33f03e8fb89
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f53ccc2d3e1fb7bb0c211b32b7f8e7bb93f77b994660ac9628e5e0ebe3fc00d
22e602b7904500b724afb01c885394929d467e98017388b8284fb76efe9dca66
2887ab0bfd1b6def70d8d2b46d4f8ff50dcf6b41c80b0b0aa70845ebab9fc815
2b646af6f1e7099df16f0b3ef99ba7fe471be6469f2cf15cd0bb003a686a1263
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
31716e914e8cd6659e5d5bf318eb4838063c0806461882dcfcc6a19f4f4d17dc
31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687
3d7b34d798bc9eacf5f5bc3a51ad7669658a6563810df33f71ad1164331c61ca
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
4151f0a92b4d26c19cc94239e446047941f12deb03d1adffa4d6b2203709cc94
48e5651aa096e2d1f62ae341dc1425f0de2d11a6333908bb1a2ffe1a6dd10ac0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b10760eda0cc129171fc098ea606c21cc1f0dc81cce5e955129015007286a2a
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4fce08d61659bf0733ab157e295f91d8bb848ba0d635d474238cddf934a87c12
5178c5c928ea77c85e03e389af1c95b3617d1b674ca45678e38b76810e61504c
526905bf06bd10f0dddf2045063065899031010b334b6647d209cab38e8c602f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
60f2945954610f4be543c714fc08ff0352d14b6585c00e6d0e09446d36c2d776
76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18
771c5030cc8843946bbd7d1276e83ebb684b8381ed74d32adaaa5d535d156e72
7c161e527e5d33581071177ec83d1ec479718288e14d7417c898424172047153
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b4cfa9a322e6d85d7b537ce67fad4770e00d1f575d1e74b2076f94a7219001
856fbbe48b6da4f59a6b9ea769639c613fe1d45680c1b0bc2b8993de44b533a5
8589bcf31a172f90d5eecb826d86fd06c1eaa773cea67eac3a8e99f099d7b2fb
8b67ffa5bcc69b72e1fd971de44ff6e71b379f039adc48eec47bb678bb619d15
8cc7ca22ca0299498e836dfdb52204738427428085eeda2d1eb84bc9ac25f513
8d8ba7592e0f10a95c09c3c962319a3b235329f07b68fb1f638d480fa088bb08
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e348a2876686697c17bc2784470cbebe761146f0bbfc180a67a52793117882d
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9461b1cc02faab236ed56326de2b944b4af1903f2659e01ea82710b10b7b4e6e
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
a32157e33a368606e57151d0b3d66a55e68fcb8ebb071b2b2ee39a3df208dd01
a56fc453db0511b7e9e01ba80e2c5da43745cd05812dd428502ee46828a8b229
ab9dec90ef47fc1d9378cffed3f4fb4ce7466ec5ede5d359fe69d201e6a4d0cd
b97dab86dd99db3e4b7e4aa68ab4ffcac253f96d692b1e7011b74aba8c8a953d
bcf4a4b495bdd555be060cd49407a49e7491d08b4f4856e5f3d4c592f85238ab
bff3b25b45269858616625b75405fa0bc9e48c8101081c88f3c651838b38e820
cc30dab3e8ea7e8e82e2ad27f20a4d41d884166942122bcdb6dde818a06a39a5
d19281174344999900cd082a8c913d0448bb5da0dfa316fdee0bdecffaf917b1
d1a99a2f71c0527587456b69f093de550e7183a8da3b45b747aa8fc454ad6041
d3fec0f77038fdefe6f99c410f48ee189b4c23504d0c2b2e769b6a9b04602131
d9aefc0bcb03b70fa9f80fd95e150516b88088c038451a3097a1384e304874c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef5ccf06fb9978f8ca95d353b8c5248e605d09ea0ff502a6831b2ff5f7f39954
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa3cb3495fe41d51c7301dded2eb606a7548db79d580745057202f6d26477c44
fba6153ee83005ae0a4a624991b8aa82d2a871fdd63bc49f33fcece77cfde22b