buffalonews.com Open in urlscan Pro
192.104.182.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click1.email.buffnews.com/lqnszgnnwnfrhmjzrdkggrhwyhrcyshwhzqpmqnwwmzzzdh_lwzdmkgknmrmnndqwgmzz.html?a=29ad04ceacdf74558be...
Effective URL:
https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Submission: On October 04 via manual (October 4th 2022, 2:59:20 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 22 domains to perform 122 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is buffalonews.com. The Cisco Umbrella rank of the primary domain is 194099.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on August 28th 2022. Valid for: 3 months.

This is the only time buffalonews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
1 7	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
55	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.17.100 108.138.17.100	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:5800:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:410... 2600:1f18:410b:aea1:6c44:2e43:3e3:c8da	14618 (AMAZON-AES) (AMAZON-AES)
3	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
3	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	18.66.123.144 18.66.123.144	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e6:... 2606:4700:e6::ac40:cb0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.228.232.15 3.228.232.15	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2010	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	34.102.205.239 34.102.205.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
5	18.66.138.112 18.66.138.112	16509 (AMAZON-02) (AMAZON-02)
1 2	34.251.218.252 34.251.218.252	16509 (AMAZON-02) (AMAZON-02)
1	13.32.106.197 13.32.106.197	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
1	34.223.186.214 34.223.186.214	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
122	26

1 74.214.203.11 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

click1.email.buffnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.104.182.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

buffalonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 104.16.132.24 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-100.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:5800:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:410b:aea1:6c44:2e43:3e3:c8da (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.bntech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.123.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-144.fra60.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cb0a (United States)

ASN13335 (CLOUDFLARENET, US)

qnhtg9kbqjgw2izax.ay.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.228.232.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-232-15.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2010 (Ireland)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.205.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.205.102.34.bc.googleusercontent.com

a.leetemplates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.138.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-112.fra60.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.218.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-218-252.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.106.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-106-197.fra60.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

1096830db2e2bff8a8a4181f86f5c230.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.186.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-186-214.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 33081	5 MB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 1096830db2e2bff8a8a4181f86f5c230.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 170	43 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	507 KB
7	buffalonews.com 1 redirects buffalonews.com — Cisco Umbrella Rank: 194099	86 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 2553	37 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 391 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 750	47 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	156 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2935	68 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1563 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1096	12 KB
2	leetemplates.com a.leetemplates.com — Cisco Umbrella Rank: 72478	19 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	21 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 3274	1 KB
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 922	408 B
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 9484	95 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1311	174 B
1	google.de ampcid.google.de — Cisco Umbrella Rank: 37983	461 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 2411	532 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 696	27 KB
1	ay.delivery qnhtg9kbqjgw2izax.ay.delivery — Cisco Umbrella Rank: 249959	13 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	668 B
1	bntech.io api.bntech.io — Cisco Umbrella Rank: 468725	6 KB
1	buffnews.com 1 redirects click1.email.buffnews.com	533 B
122	22

	Domain	Requested by
55	bloximages.chicago2.vip.townnews.com	buffalonews.com cmp.osano.com
7	www.googletagmanager.com	buffalonews.com cmp.osano.com
7	buffalonews.com	1 redirects buffalonews.com
5	cdn.segment.com	cmp.osano.com cdn.segment.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	cmp.osano.com
3	securepubads.g.doubleclick.net	cmp.osano.com securepubads.g.doubleclick.net
3	tagan.adlightning.com	buffalonews.com cmp.osano.com
3	c.amazon-adsystem.com	buffalonews.com c.amazon-adsystem.com
2	bcp.crwdcntrl.net	1 redirects cmp.osano.com
2	a.leetemplates.com	storage.googleapis.com
2	www.google-analytics.com	cmp.osano.com
2	trkn.us	1 redirects buffalonews.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	cmp.osano.com	buffalonews.com cmp.osano.com
1	api.segment.io	cdn.segment.com
1	1096830db2e2bff8a8a4181f86f5c230.safeframe.googlesyndication.com	cmp.osano.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	storage.googleapis.com	cmp.osano.com
1	qnhtg9kbqjgw2izax.ay.delivery	cmp.osano.com
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	api.bntech.io	buffalonews.com
1	tags.crwdcntrl.net	buffalonews.com
1	click1.email.buffnews.com	1 redirects
122	26

This site contains links to these domains. Also see Links.

Domain
bloximages.chicago2.vip.townnews.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
buffalonews.com ZeroSSL ECC Domain Secure Site CA	`2022-08-28` - `2022-11-26`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cmp.osano.com Amazon	`2022-09-02` - `2023-09-30`	a year	crt.sh
bntech.io Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-05` - `2023-04-05`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
a.leetemplates.com GTS CA 1D4	`2022-09-25` - `2022-12-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Frame ID: EE5E1378A0F0F766B272DC1214B51152
Requests: 113 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 2EFA1DACE5A8FC788AE5EACE2EF9A839
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 3C89F8CE4735D1746D4AFD01E9723C88
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=125764943/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20eedition/med=%23OpR%2372333%23Keyword%20%3A%20eedition/rb=%7B%22meta_tag%22%3A%22eedition%22%7D/rt=ifr
Frame ID: 78EB6678BE735F77207B2039907061E7
Requests: 1 HTTP requests in this frame

Frame: https://1096830db2e2bff8a8a4181f86f5c230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 179A82D6E04077D5EA55254C5209FB7F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2443E274C63ED0090C144A6B846B9ED8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page A01

Page URL History Show full URLs

https://click1.email.buffnews.com/lqnszgnnwnfrhmjzrdkggrhwyhrcyshwhzqpmqnwwmzzzdh_lwzdmkgknmrmnndqwgmzz.html?a... HTTP 302
https://buffalonews.com/eedition/the-buffalo-news/edition_90ed9129-2eb6-5667-9f88-950319fd105b.html?... HTTP 301
https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

88 %
HTTPS

46 %
IPv6

22
Domains

26
Subdomains

26
IPs

4
Countries

6042 kB
Transfer

9186 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cd/ecdf6224-c291-5148-92dc-24ddd5bee409/633b9bf915c32.pdf.pdf
Title: Current Page

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fbuffalonews.com%2Feedition%2Fpage-a01%2Fpage_ecdf6224-c291-5148-92dc-24ddd5bee409.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Page%20A01&via=TheBuffaloNews&url=https%3A%2F%2Fbuffalonews.com%2Feedition%2Fpage-a01%2Fpage_ecdf6224-c291-5148-92dc-24ddd5bee409.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Share on Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click1.email.buffnews.com/lqnszgnnwnfrhmjzrdkggrhwyhrcyshwhzqpmqnwwmzzzdh_lwzdmkgknmrmnndqwgmzz.html?a=29ad04ceacdf74558be61fa7c627e9a6265b910a HTTP 302
https://buffalonews.com/eedition/the-buffalo-news/edition_90ed9129-2eb6-5667-9f88-950319fd105b.html?utm_source=buffalonews.com&utm_campaign=%2Fnewsletter-templates%2Feedition&utm_medium=PostUp&utm_content=29ad04ceacdf74558be61fa7c627e9a6265b910a HTTP 301
https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 47

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=1399113104 HTTP 302
https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=1399113104&ip=146.70.117.79&cuidchk=1

Request Chain 77

https://bcp.crwdcntrl.net/5/c=6894/rand=125764943/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20eedition/med=%23OpR%2372333%23Keyword%20%3A%20eedition/rb=%7B%22meta_tag%22%3A%22eedition%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=125764943/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20eedition/med=%23OpR%2372333%23Keyword%20%3A%20eedition/rb=%7B%22meta_tag%22%3A%22eedition%22%7D/rt=ifr

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request page_ecdf6224-c291-5148-92dc-24ddd5bee409.html Show response
buffalonews.com/eedition/page-a01/
Redirect Chain

https://click1.email.buffnews.com/lqnszgnnwnfrhmjzrdkggrhwyhrcyshwhzqpmqnwwmzzzdh_lwzdmkgknmrmnndqwgmzz.html?a=29ad04ceacdf74558be61fa7c627e9a6265b910a
https://buffalonews.com/eedition/the-buffalo-news/edition_90ed9129-2eb6-5667-9f88-950319fd105b.html?utm_source=buffalonews.com&utm_campaign=%2Fnewsletter-templates%2Feedition&utm_medium=PostUp&utm_...
https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

171 KB
41 KB

114ms
114ms

Document
text/html

192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

d810ffa4c50151f1c5dc1beb3a7d09d631248e13c2ed5c68b9fa0b73cd0a6e03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7039
cache-control: public, max-age=10
content-encoding: gzip
content-length: 40495
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 13:01:51 GMT
etag: W/06ac3b0c06fff60fd7d36ac9f5f183b0
last-modified: Tue, 04 Oct 2022 07:01:33 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.cfb7b302c42616744a59428baa754111.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.81be8dcdc3040973d38ec593fcfe8805.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.63.3; app3; 0.24s; 5.4M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xss-protection: 1; mode=block

Redirect headers

age: 20855
cache-control: public, max-age=10
content-encoding: gzip
content-length: 32
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 09:11:35 GMT
etag: W/10a71c9f7be72ca6a23df2472e7e68a0
last-modified: Tue, 04 Oct 2022 04:00:00 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location: /eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.63.3; app4; 0.15s; 3.5M
x-vcache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 215ms
53ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3583933
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae5dd591f3-FRA
expires: Wed, 31 Aug 2022 19:01:15 GMT

GET
H2 200 user.js Show response
buffalonews.com/shared-content/art/tncms/user/ 12 KB
4 KB 224ms
222ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://buffalonews.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:56:59 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 19:36:28 GMT
x-vcache: HIT
age: 132
etag: W/"6337453c-2f01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 4332
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 214ms
52ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1008440
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae5dd691f3-FRA
expires: Wed, 24 May 2023 10:37:06 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 215ms
54ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 17338136
last-modified: Wed, 05 May 2021 20:06:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fad2-8154"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae7dfb91f3-FRA
expires: Wed, 11 May 2022 19:01:09 GMT

GET
H2 200 tnt.cfb7b302c42616744a59428baa754111.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 22 KB
6 KB 215ms
54ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.cfb7b302c42616744a59428baa754111.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7376ac5d189aa6709ce824da6ab6a3c2c85bacb7cf8dafbf5c423de19c891e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1799008
cross-origin-resource-policy: cross-origin
last-modified: Tue, 12 Jul 2022 17:52:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62cdb4c2-580e"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae7e0191f3-FRA
expires: Wed, 13 Sep 2023 19:01:12 GMT

GET
H2 200 application.81be8dcdc3040973d38ec593fcfe8805.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 215ms
53ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.81be8dcdc3040973d38ec593fcfe8805.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfd126ac0ab625bcf5593a41432b04177248382666e755aeeaf5458a822bee72

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1799008
cross-origin-resource-policy: cross-origin
last-modified: Fri, 09 Sep 2022 13:51:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"631b44d1-113a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae7dfd91f3-FRA
expires: Wed, 13 Sep 2023 19:01:12 GMT

GET
H2 200 bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 189ms
28ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 21791382
last-modified: Tue, 04 Jan 2022 21:06:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61d4b6c1-1ab8e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae5dcc91f3-FRA
expires: Thu, 05 Jan 2023 20:01:08 GMT

GET
H2 200 layout.214f487d157f8d3739105bfac8086bac.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 156 KB
28 KB 198ms
37ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.214f487d157f8d3739105bfac8086bac.css

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d3a6046c5bd7ed05c2d929511a0a1b74774f083062876f2bce9333f76c86500

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 588746
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Sep 2022 13:03:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"632daebb-26fdd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae5dce91f3-FRA
expires: Wed, 27 Sep 2023 19:01:16 GMT

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 95 KB
16 KB 200ms
39ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1664866814

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77e396f1e185be2313dd303447ec8c2684eb50e32c414fe46b206f7f5a36d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 27046
cross-origin-resource-policy: cross-origin
last-modified: Tue, 04 Oct 2022 07:00:14 GMT
x-vcache: MISS
server: cloudflare
etag: W/"633bd9fe-17a69"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae5dd391f3-FRA
expires: Wed, 04 Oct 2023 07:05:17 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 185ms
24ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 21791790
last-modified: Wed, 05 May 2021 20:07:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fb00-189c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae5dd291f3-FRA
expires: Tue, 24 May 2022 10:36:51 GMT

GET
H2 200 shepherd.759b01660e4ad80bba52442ff162beee.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/styles/ 3 KB
1 KB 174ms
122ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/styles/shepherd.759b01660e4ad80bba52442ff162beee.css

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b433d56dd3051a04092971f2aca6e8f311c222aaf05ff1b4e1e27d2792da9a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 21:08:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9c035-d73"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae5dd491f3-FRA
expires: Wed, 26 Jul 2023 22:40:07 GMT

GET
H2 200 eedition.4e50b5e0b40233bf5959710639291519.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/styles/ 22 KB
5 KB 77ms
26ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/styles/eedition.4e50b5e0b40233bf5959710639291519.css

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa41104fbc7b5ace6322ad07f26099524a5fb257e3a39425cc4af7887ba26152

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 86815
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Sep 2022 13:04:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"632daec9-575e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae5dd091f3-FRA
expires: Wed, 27 Sep 2023 19:01:25 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/6894/ 38 KB
12 KB 65ms
16ms Script
application/json 108.138.17.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:40:18 GMT
content-encoding: gzip
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 21:56:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 44334
etag: W/"8cd042d9f203fe2e01747c7444f95498"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age: 86400
x-amz-cf-id: sENtAlFzdk4sNL5LO0buzkvd3bqy-sQ4dVkQVmyDpDxdO1FmST9eXA==

GET
H2 200 access.js Show response
buffalonews.com/shared-content/art/tncms/api/ 86 KB
34 KB 114ms
114ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://buffalonews.com/shared-content/art/tncms/api/access.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Origin: https://buffalonews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:56:08 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 13:21:04 GMT
x-vcache: HIT
age: 183
etag: W/"63247840-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 413 KB
93 KB 105ms
50ms Script
application/javascript 2600:9000:223c:5800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:5800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7dbf15747ec420e9647d13e8dc00c65f708ee42098b5e673bb69957fff1236e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 04:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 37213
x-cache: Hit from cloudfront
content-length: 94963
x-xss-protection: mode=block
last-modified: Mon, 26 Sep 2022 18:00:18 GMT
server: CloudFront
etag: "d1561724a9c69aa5e2fb46567ae5ed6f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: vmmWsqpUPnBgE1cTBWHo3YF5NI4iordMKG5OVJDhwhRqYcI6yGiggQ==

GET
H/1.1 200
OK 1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0 Show response
api.bntech.io/js/ 19 KB
6 KB 750ms
106ms Script
text/javascript 2600:1f18:410b:aea1:6c44:2e43:3e3:c8da
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:410b:aea1:6c44:2e43:3e3:c8da Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3049db4be872564809e26eea512e437046645835cc6a34783d24d5d104271c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 14:59:12 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 167 KB
43 KB 106ms
51ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:04:28 GMT
content-encoding: gzip
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 3284
x-amz-server-side-encryption: AES256
etag: W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: U9ZURvSxt0RVQBMhfIryTV1qGhUFOR77hzUhsRfYfDmsnZyflVmX4w==

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
277 B 101ms
53ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 20079584
last-modified: Fri, 16 Apr 2021 14:04:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6079995f-c8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae7df991f3-FRA
expires: Sat, 23 Apr 2022 00:53:47 GMT

GET
H2 200 tracking.js Show response
buffalonews.com/shared-content/art/tncms/ 3 KB
1 KB 115ms
115ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://buffalonews.com/shared-content/art/tncms/tracking.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:56:31 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 19:36:28 GMT
x-vcache: HIT
age: 160
etag: W/"6337453c-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 9 KB
3 KB 101ms
53ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1664866814

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:11 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 27046
cross-origin-resource-policy: cross-origin
last-modified: Tue, 04 Oct 2022 07:00:14 GMT
x-vcache: MISS
server: cloudflare
etag: W/"633bd9fe-231f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7ae7df891f3-FRA
expires: Wed, 04 Oct 2023 07:22:46 GMT

GET
H2 200 fontawesome.dd9f72114a809f3dc0619831f68070f4.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 263 KB
95 KB 52ms
51ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.dd9f72114a809f3dc0619831f68070f4.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678d4ac4a14d788e91c631db4c545df5acc5197735f47a9a66d4008a445caede

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1799871
cross-origin-resource-policy: cross-origin
last-modified: Fri, 09 Sep 2022 13:51:30 GMT
x-vcache: MISS
server: cloudflare
etag: W/"631b44e2-41d78"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b028f091f3-FRA
expires: Wed, 13 Sep 2023 19:01:12 GMT

GET
H2 200 tracker.js Show response
buffalonews.com/shared-content/art/stats/common/ 9 KB
3 KB 116ms
116ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://buffalonews.com/shared-content/art/stats/common/tracker.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 15:26:09 GMT
x-vcache: HIT
age: 265
etag: W/"61b0ce91-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 be8b680c-edab-11ec-b84c-17645d6e3b09.png
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/ 5 KB
5 KB 28ms
27ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/be8b680c-edab-11ec-b84c-17645d6e3b09.png?resize=409%2C38

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dfee6313da23d5f532e73b11d2545c56746b80aca8f31bc34c2b9cc4e1e2663

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 86814
cf-polished: origFmt=png, origSize=7138
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="be8b680c-edab-11ec-b84c-17645d6e3b09.webp"
content-length: 5248
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Jun 2022 19:37:23 GMT
server: cloudflare
x-vcache: MISS
etag: "c8f0352f01e64c5273dd4d931b151cc5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7b028f191f3-FRA
expires: Fri, 01 Sep 2023 19:17:17 GMT

GET
H2 200 633b9bf9d0b9f.fullsize-img.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cd/ecdf6224-c291-5148-92dc-24ddd5bee409/ 284 KB
284 KB 33ms
32ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cd/ecdf6224-c291-5148-92dc-24ddd5bee409/633b9bf9d0b9f.fullsize-img.jpg

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3f5786ce9fe14605e32f61d35c809d8d5a03dbfe6ef1494761b847eda1a2d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19671
cf-polished: origSize=319896, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 290483
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:35:39 GMT
server: cloudflare
x-vcache: MISS
etag: "633b9bfb-4e198"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7b028f391f3-FRA
expires: Wed, 04 Oct 2023 04:01:55 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 40 KB
16 KB 63ms
19ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 524e0c711703caaeeb5842af69e372eb9f09ea786d110531f86a9bd3ce8e55c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: 1oyy2TsSuAEPvPNp5n00pIz8dq7pkO1n
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date: Tue, 04 Oct 2022 14:18:00 GMT
x-amz-cf-pop: FRA60-P4
age: 2474
x-cache: Hit from cloudfront
content-length: 16056
x-amz-meta-git_commit: 12c5e29
last-modified: Mon, 03 Oct 2022 17:16:50 GMT
server: AmazonS3
etag: "f0e36aa46c6e951e386a166c7bbef1fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: BaqcOff-KhSQUQiq5BWHaq4hwN5Cin3ZW1wDT10rcYEy-qlAw1cAHQ==

GET
H2 200 shepherd.min.e74db5fc5670d6360a5ebbbf1688ebe6.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/scripts/plugins/ 51 KB
18 KB 125ms
122ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/scripts/plugins/shepherd.min.e74db5fc5670d6360a5ebbbf1688ebe6.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3cbdbb20c71a69d9af5d4e715c5d535697bbeb85cc4b7a269c3145c57c65f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Mar 2022 22:59:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"622bd443-ccc7"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b028e591f3-FRA
expires: Wed, 26 Jul 2023 22:40:07 GMT

GET
H2 200 hammer.min.15065981497259d972918a646ab771e0.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/scripts/plugins/ 20 KB
7 KB 116ms
114ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a1b58d624eeb47e9e3073531a5d364e41a2e7853c052873a79917f97dd0bb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Mar 2022 22:59:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"622bd443-511d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b028e691f3-FRA
expires: Wed, 26 Jul 2023 22:40:07 GMT

GET
H2 200 print.1f0172802ce67e15e4bb1e95512d4997.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/scripts/plugins/ 395 B
392 B 32ms
30ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49d58baa56c886a4f17f81b4a45712f984e19ca26e9b017f822a4eef2c1c90af

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 86813
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Sep 2022 13:03:50 GMT
x-vcache: MISS
server: cloudflare
etag: W/"632daeb6-18b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b028e991f3-FRA
expires: Wed, 27 Sep 2023 19:01:25 GMT

GET
H2 200 eedition.1ac0be6ab28202bd4a6dd2f24b80e2a4.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/scripts/ 32 KB
8 KB 136ms
134ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/scripts/eedition.1ac0be6ab28202bd4a6dd2f24b80e2a4.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cfbc80492caece0232581490c4b3ba3fa570a98fafd9fd5ed5eb013a553eba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Sep 2022 13:03:51 GMT
x-vcache: MISS
server: cloudflare
etag: W/"632daeb7-81ba"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b028eb91f3-FRA
expires: Wed, 27 Sep 2023 19:01:25 GMT

GET
H2 200 eedition.clip.5b74bff085183a84c793b694a0a9190d.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/eedition_2022/resources/scripts/ 6 KB
2 KB 49ms
48ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f2de963f2a87cdc594fe83aa0ef7270255dc1345c22b1a0a19d15d8bc74a541

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 86813
last-modified: Thu, 21 Jul 2022 21:07:47 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9c023-18a1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b028ed91f3-FRA
expires: Wed, 26 Jul 2023 22:40:07 GMT

GET
H2 200 dfp.floor.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/ 178 B
349 B 27ms
26ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/dfp.floor.js?_dc=10049

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e8a02509c4d963962da9a455673b7ebfd5f957cea4e14d764ce1d0293072306

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6989
cross-origin-resource-policy: cross-origin
last-modified: Fri, 30 Sep 2022 05:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"633677d5-b2"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b028ee91f3-FRA
expires: Wed, 04 Oct 2023 13:00:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
68 KB 65ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eed831637144a57dc3fa39375e233aa8affb128f579657c4dcac695ab3dde2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68945
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Oct 2022 14:59:12 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 47ms
15ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding: gzip
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
date: Tue, 04 Oct 2022 00:50:37 GMT
x-amz-cf-pop: FRA56-P3
age: 50916
x-cache: Hit from cloudfront
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 3tLrVSLpBBEQJrX8_xXcXOpavbBKF5XO4SUt0TMkpNaMbUwBLXX0cQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 428 B
786 B 16ms
16ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Fbuffalonews.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 38cbad3f0760fd779e554bb11c9ba0811125c5409237405f99d94d087afcf16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:15:11 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 2641
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://buffalonews.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 428
x-amz-cf-id: HMLRRIBQZf2AcBi3WeYF98szOBKzs258l9J9RSKGgbXBGq5edUwQMg==

GET
H2 200 tracker.gif
buffalonews.com/shared-content/art/stats/common/ 0
145 B 114ms
114ms Image
image/gif 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buffalonews.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=166489555202116001200272697472294&tnms_dt=Page%20A01&tnms_upage=1&tnms_do=buffalonews.com&tnms_uri=/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html&tnms_ref=&rt=1664895552024
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 200ms
91ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ca150a20490d9375c61e2b56e85da92b5a8e5138dc4bbb3b5d70486e115df82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
server: sffe
etag: "1353 / 506 of 1000 / last-modified: 1664881750"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Oct 2022 14:59:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 506 KB
118 KB 136ms
107ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdb40ac8836ea88b63e5affeca8a6e0ecd49d683dcb8a40de483711badee2821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120217
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Oct 2022 14:59:12 GMT

GET
BLOB 200
OK 339bfe0d-3242-4924-b37a-591ebda3c419
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/339bfe0d-3242-4924-b37a-591ebda3c419
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 b-12c5e29-68486fe6.js Show response
tagan.adlightning.com/leeenterprises/ 89 KB
33 KB 19ms
19ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-12c5e29-68486fe6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff0302b9ded05a56d6ac04983230f1b137d6967b819184783d5c5cc1009a4a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 03:43:29 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-version-id: ObLtC8W.AuUwyElu6NexCaDm9BwK_INo
x-amz-cf-pop: FRA60-P4
age: 3928544
x-cache: Hit from cloudfront
content-length: 33154
x-amz-meta-git_commit: 12c5e29
last-modified: Tue, 09 Aug 2022 13:13:27 GMT
server: AmazonS3
etag: "d0fa46139ec82918e3e3f8b6560c9359"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OMGwWmGg0LB30Jdljp3ObOJYf3U7AQERIBuvmrracIdqNSng1pNPGQ==

GET
H2 200 bl-27ef949-7a5437d7.js Show response
tagan.adlightning.com/leeenterprises/ 45 KB
19 KB 33ms
33ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-27ef949-7a5437d7.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cee4f651ba177446ee831639bd82b56886d0ff76894c3b57bbe1f47993687cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 17:16:58 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-version-id: x61FDJJvzfmNE0SU.FUdPTLxjLz.JizQ
x-amz-cf-pop: FRA60-P4
age: 78135
x-cache: Hit from cloudfront
content-length: 19209
x-amz-meta-git_commit: 27ef949
last-modified: Mon, 03 Oct 2022 17:16:06 GMT
server: AmazonS3
etag: "d318c1bc00ef412f26c49a9bd089265e"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ELAlw5liitzXK1UKRcBhIGTjUFJSLN45_kYOhvwvnYwUO-JhYx5yZw==

GET
H2 200 / Show response
cmp.osano.com/ Frame 2EFA 4 KB
1 KB 15ms
15ms Document
text/html 2600:9000:223c:5800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:5800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buffalonews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20011
content-encoding: br
content-type: text/html
date: Tue, 04 Oct 2022 09:25:42 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: 2gmJyvJ4PtkS-6m7W78PatgnsDc4N8dF4mjVi_nbAmm6loOGFLESFg==
x-amz-cf-pop: FRA56-P2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 633b9bf99ed13.magnified.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cd/ecdf6224-c291-5148-92dc-24ddd5bee409/ 1 MB
1 MB 31ms
31ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cd/ecdf6224-c291-5148-92dc-24ddd5bee409/633b9bf99ed13.magnified.jpg

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161e4b5222f63cb4c8de9e08a5dfc3f013195ac7898ac824571b61c1f37abd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19671
cf-polished: origSize=1575430, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 1380548
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:35:39 GMT
server: cloudflare
x-vcache: MISS
etag: "633b9bfb-180a06"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7b1bb6e91f3-FRA
expires: Wed, 04 Oct 2023 04:01:55 GMT

GET
BLOB 200
OK dbb4f3a0-a9f9-48b0-8a56-7d6e37204002
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/dbb4f3a0-a9f9-48b0-8a56-7d6e37204002
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 7524ad59-a08e-4cf8-b486-d3a433063547
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/7524ad59-a08e-4cf8-b486-d3a433063547
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 810e3fb9-0ab0-4a3d-88e2-1376db9fd0ec
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/810e3fb9-0ab0-4a3d-88e2-1376db9fd0ec
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 3C89
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

138 B
668 B

64ms
16ms

Document
text/html

18.66.123.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-123-144.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Referer: https://buffalonews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 67641
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Mon, 03 Oct 2022 20:11:52 GMT
ETag: "50351b1f6590b5c4886c111874e016a0"
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
Server: AmazonS3
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
X-Amz-Cf-Id: JZ40IQ4-oFmwHTvZNMly0xp7-GT-5q89wn0bCkPNxrO7JzcfJCLYAQ==
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Tue, 04 Oct 2022 14:59:12 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 client-v2.9.0-openWrap.js Show response
qnhtg9kbqjgw2izax.ay.delivery/ 37 KB
13 KB 75ms
26ms Script
application/javascript 2606:4700:e6::ac40:cb0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qnhtg9kbqjgw2izax.ay.delivery/client-v2.9.0-openWrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2dd4469f84eee0b4a7fc1791a51c9fe3544bf4b26df414af78a2fddbe5938d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jan 2022 14:36:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 451
etag: W/"61eeb97b-95af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5req2WEgP2rETWH34BjkhwLktfETitvIMV0DmebmNr%2FRCQXkfKFfBpbxfRgYI%2B6MdwKe4IVvSwl4EFiquUu3bT%2B%2FtNWbUMp6J7srvaQjtAPzSnyaRcE3c2%2Bw5S9pN9zkNLWZH5XgyNPlzSKI5cJ9UuGVJiJ2a0Xn%2FOozg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 754ec7b37c5692ba-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

c
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=1399113104
https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=1399113104&ip=146.70.117.79&cuidchk=1

42 B
780 B

184ms
184ms

Image
image/gif

3.228.232.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=1399113104&ip=146.70.117.79&cuidchk=1

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

HTTP/1.1

Server

3.228.232.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-228-232-15.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 14:59:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Tue, 04 Oct 2022 14:59:12 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=1399113104&ip=146.70.117.79&cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
BLOB 200
OK ffe460a9-b2bf-49de-a6be-8aea0e1bd5a8
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/ffe460a9-b2bf-49de-a6be-8aea0e1bd5a8
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 3e1b7f52-0ac5-4404-a251-5da2e73a45dd
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/3e1b7f52-0ac5-4404-a251-5da2e73a45dd
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 381f3078-9155-4901-9473-7a90eeecde36
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/381f3078-9155-4901-9473-7a90eeecde36
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 76ab166d-0b9e-4632-9bf7-e3a25b6bbaa5
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/76ab166d-0b9e-4632-9bf7-e3a25b6bbaa5
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f9c1a5fa-a868-4b0d-a1a0-bb9b024bf191
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/f9c1a5fa-a868-4b0d-a1a0-bb9b024bf191
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a734a857-deb8-4ee5-988c-1ad7accb5f16
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/a734a857-deb8-4ee5-988c-1ad7accb5f16
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 pubads_impl_2022092701.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131011
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 08:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 11:39:56 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 471 B
225 B 113ms
53ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=buffalonews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a08f0a7a6626d64d40ce2e5852c321f71df7fe69a8415b011769dbb07f07d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0
expires: Tue, 04 Oct 2022 14:59:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
42 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa76078dc3765f75a7cfe5808e6b7d0f1ba4b557f51376e3155c1bf20a8bd8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43060
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Oct 2022 14:59:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
57 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

787afc0aca7e48e8df2b3fd4cac119567bb9e5f88ef745a229870a6808d76b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58071
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Oct 2022 14:59:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 80ms
16ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 13:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 04 Oct 2022 15:15:57 GMT

GET
BLOB 200
OK 226dfbcb-bbc7-43b4-8d0f-e6e54d1a7b50
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/226dfbcb-bbc7-43b4-8d0f-e6e54d1a7b50
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 sp-gzip-2-17-3.js Show response
storage.googleapis.com/lee-snowplow/static/ 77 KB
27 KB 127ms
30ms Script
text/javascript 2a00:1450:400d:80c::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80c::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:15:52 GMT
content-encoding: gzip
age: 2600
x-guploader-uploadid: ADPycdv3VrwvlRw2-Ku4JbuoGrVgQnprmIixfMLfOvhbSo_TxuzBNmNw16c0h4FUoSQ4nzQj5I4x8vla7ZLPiUWlb0Le3Q
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26950
x-goog-meta-
last-modified: Thu, 18 Feb 2021 15:16:40 GMT
server: UploadServer
etag: "d3142accd3f370a95f561f0fbfb3114b"
vary: Accept-Encoding
x-goog-generation: 1613661400000346
x-goog-hash: crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
content-type: text/javascript
cache-control: max-age=31536000
x-goog-stored-content-length: 26950
accept-ranges: bytes
expires: Wed, 04 Oct 2023 14:15:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
74 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

705e3af7994961bde67317d67191989cabc28a98c56dd8a1f9598a90f14adfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 14:59:12 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 3C89 70 B
260 B 41ms
41ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 04 Oct 2022 14:59:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7WMGT4N7SH&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f2edd86203b443845bb63f66f1ad8459d0550797d4711750f83d4f138b59c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 14:59:12 GMT

GET
H2 200 633b5912621d8.fullsize-img.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/c/cc/ccc754bc-d547-5285-abe9-2970544f95db/ 67 KB
67 KB 137ms
137ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/c/cc/ccc754bc-d547-5285-abe9-2970544f95db/633b5912621d8.fullsize-img.jpg

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f9a76878f9b58263a9e73ec823b6653710df062341d673773a2d8b23ab1740

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=74990, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 68389
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 21:50:12 GMT
server: cloudflare
x-vcache: MISS
etag: "633b5914-124ee"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7b5ca8b91f3-FRA
expires: Wed, 04 Oct 2023 04:10:48 GMT

GET
H2 200 633b9bfc7df32.fullsize-img.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/6c/86cec66e-053d-5af0-9f25-8c85588391a0/ 378 KB
379 KB 144ms
144ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/6c/86cec66e-053d-5af0-9f25-8c85588391a0/633b9bfc7df32.fullsize-img.jpg

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

980fd07f041470b33ad1caae471189131babf8d759d0da5778a5ed2e850a0eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=425671, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 387455
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:35:42 GMT
server: cloudflare
x-vcache: MISS
etag: "633b9bfe-67ec7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7b5ca8e91f3-FRA
expires: Wed, 04 Oct 2023 04:03:15 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
532 B 81ms
25ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buffalonews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://buffalonews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

OPTIONS
H2 200 yy2
a.leetemplates.com/lee/ Frame 0
0 269ms
128ms Preflight 34.102.205.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://buffalonews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://buffalonews.com
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 04 Oct 2022 14:59:13 GMT
server: akka-http
via: 1.1 google

POST
H3 200 yy2 Show response
a.leetemplates.com/lee/ 2 B
19 B 172ms
125ms XHR
text/plain 34.102.205.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://buffalonews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 14:59:12 GMT
via: 1.1 google
server: akka-http
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buffalonews.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
BLOB 200
OK dfb4d94a-b40a-44f9-8aba-8c77ce5889a1
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/dfb4d94a-b40a-44f9-8aba-8c77ce5889a1
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 87b19b51-a0f1-49d6-b81f-713143ed9456
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/87b19b51-a0f1-49d6-b81f-713143ed9456
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 3080d621-dfc1-4460-bd57-acbfbc29732b
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/3080d621-dfc1-4460-bd57-acbfbc29732b
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/eedition/page-a01/page_ecdf6224-c291-5148-92dc-24ddd5bee409.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab6859b407de61d31320d067fc6834c2c64fad8c1a80c8ee32b374691fb955e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 14:59:13 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
461 B 86ms
27ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buffalonews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://buffalonews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 54ms
18ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Oct 2022 15:54:38 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 96 KB
26 KB 305ms
20ms Script
text/javascript 18.66.138.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-112.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3c21fcdec7e1b94d85c94aac21d969329a41494bc54594e139fdaafdba399ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: i3uu2peqmrsKXJmQkX2D6VLw1eflkz_G
content-encoding: br
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
date: Tue, 04 Oct 2022 14:59:08 GMT
x-amz-cf-pop: FRA60-P4
age: 13
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 31 Aug 2022 18:26:28 GMT
server: AmazonS3
etag: W/"56a5d0385c98ba3d3989ec2cab0e94a5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: eDGTIoSVvdaXYLtqyiuEPkMy-OCOZ7rQreUgVRMkACUnqKFX52To5Q==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 805 B
1 KB 139ms
106ms XHR
application/json 18.66.138.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-112.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe8390d7cfd8396d63a8c81eb7b91e6d67b84b1ad3cc185ce6d4b5effe1feebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: U_DmAvTTpoQ6C.9IdBZR.E.jS2H.lkmM
date: Tue, 04 Oct 2022 12:07:47 GMT
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 10362
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 805
last-modified: Mon, 29 Aug 2022 20:40:06 GMT
server: AmazonS3
etag: "7bf7698e1a3707083bae5a0fc51dd25e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: -htNXrNRmgWzXNT22b_ojavHwzXoG50Wgt-6FTeBxiR4PZraivobpQ==

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=125764943/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20... Frame 78EB
Redirect Chain

https://bcp.crwdcntrl.net/5/c=6894/rand=125764943/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total...
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=125764943/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20...

163 B
404 B

58ms
58ms

Document
text/html

34.251.218.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=125764943/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20eedition/med=%23OpR%2372333%23Keyword%20%3A%20eedition/rb=%7B%22meta_tag%22%3A%22eedition%22%7D/rt=ifr
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.218.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-218-252.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer: https://buffalonews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 163
content-type: text/html;charset=utf-8
date: Tue, 04 Oct 2022 14:59:13 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-consent: absent
x-server: 10.45.25.200

Redirect headers

cache-control: no-cache
content-length: 0
date: Tue, 04 Oct 2022 14:59:13 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=125764943/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20eedition/med=%23OpR%2372333%23Keyword%20%3A%20eedition/rb=%7B%22meta_tag%22%3A%22eedition%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.19.93

GET
H2 200 633b9bfc55f15.magnified.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/6c/86cec66e-053d-5af0-9f25-8c85588391a0/ 2 MB
2 MB 30ms
29ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/6c/86cec66e-053d-5af0-9f25-8c85588391a0/633b9bfc55f15.magnified.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c079782ef7f474a672487a9bf93593d1be4098e699040ac9da2542689d79b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19666
cf-polished: origSize=2282288, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 2007896
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:35:42 GMT
server: cloudflare
x-vcache: MISS
etag: "633b9bfe-22d330"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7b8ff8e91f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b9bfa145e1.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cd/ecdf6224-c291-5148-92dc-24ddd5bee409/ 19 KB
19 KB 60ms
59ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cd/ecdf6224-c291-5148-92dc-24ddd5bee409/633b9bfa145e1.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188664f649ab050a68805c924a68923d24ccf251e880c30138eccea6f619f597

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19666
cf-polished: origSize=19823, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19545
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:35:39 GMT
server: cloudflare
x-vcache: MISS
etag: "3c19bc9373fe85c2243e78c6cd44ad67"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7b90faf91f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b9bfca7355.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/6c/86cec66e-053d-5af0-9f25-8c85588391a0/ 19 KB
19 KB 52ms
51ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/6c/86cec66e-053d-5af0-9f25-8c85588391a0/633b9bfca7355.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f85d0239fb29dafa0d919730e7fa9b3da031b340a0825bf653ca167cde364ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19665
cf-polished: origSize=19574, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19137
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:35:42 GMT
server: cloudflare
x-vcache: MISS
etag: "4590ead532243bd2e9115480e7fc0185"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7b90fb291f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b8b819a625.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/4/8e/48e9db2c-a490-54e4-a4ca-276a00e01778/ 19 KB
19 KB 49ms
49ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/4/8e/48e9db2c-a490-54e4-a4ca-276a00e01778/633b8b819a625.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad0b3585f0400535d85393d350940ac0e36e8058585e6be66152adb61f54a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19665
cf-polished: origSize=19357, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 01:25:23 GMT
server: cloudflare
x-vcache: MISS
etag: "a036e13e58e512fd8caea3589709eca7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b90fb391f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 dfp.lazy.pwt.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 15 KB
4 KB 52ms
51ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.pwt.js?_dc=1663830014

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fee6f6d40fa876af57e1cb4626397960a539281f37903d22126825fd3cbd0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1060020
cross-origin-resource-policy: cross-origin
last-modified: Thu, 22 Sep 2022 07:00:14 GMT
x-vcache: MISS
server: cloudflare
etag: W/"632c07fe-3cd6"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7b90fbc91f3-FRA
expires: Fri, 22 Sep 2023 07:05:25 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 99 B
537 B 128ms
53ms XHR
text/javascript 13.32.106.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Fbuffalonews.com%2Feedition%2Fpage-a01%2Fpage_ecdf6224-c291-5148-92dc-24ddd5bee409.html%23fe%3D1%26eh%3D&pid=UZ3RoixfBMQB2&cb=0&ws=1600x1200&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%22fixed-edition-page-bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8438%2Fbuffalonews.com%2Feedition%22%7D%5D&pj=%7B%22sections%22%3A%22eedition%22%7D&gdpre=1&gdprc=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.106.197 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-106-197.fra60.r.cloudfront.net

Software

Server /

Resource Hash

f2348dedf8d16f84fda26dd4153491d47327a259ea67c80612ac563649de92f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: JRTWSH1C3V8Q6TE1HWBK
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://buffalonews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 99
x-amz-cf-id: jWEFbIWEnURbT08y30glk1i_dvqgsV3I7q8pfafMy6EYi0Kp9rouRA==

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 17ms
17ms Script
application/javascript 18.66.138.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-112.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:38:35 GMT
x-amz-version-id: qltndKW7QqDrf8ZSZrei2HuGEvEC2x.O
content-encoding: br
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 3331239
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Aug 2022 03:04:21 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: A5XUZYcRRWsnSryuDDSTGNlyHP1Kr4L8Nc5R614M2FiMZQwUJ2DvRw==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 16ms
16ms Script
application/javascript 18.66.138.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-112.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 06:12:31 GMT
x-amz-version-id: 1ps0Y.cQfeUJnD6vrqu.rtfMUGfr8v9x
content-encoding: br
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2882803
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Aug 2022 21:47:48 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: py0aitsxFlSbdxH4wv7miEhZoB7SelHs7mIuPhbOTwzOsHZXwS7ugw==

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 16ms
16ms Script
application/javascript 18.66.138.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-112.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 15:59:56 GMT
x-amz-version-id: bdGJW00hoMEULfpND6wyp6DIUgkdrIDO
content-encoding: br
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 5698758
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 21:17:25 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: RoNtY6h6wgn-WToGOKA40_DXf9KcnK_soxDpk9ExjkLJyYFBej5lIA==

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 0
215 B 168ms
71ms XHR
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3174747045834842&correlator=1167267341439998&eid=31069837%2C31070023%2C44772496%2C44742768&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Cbuffalonews.com%2Ceedition&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=3615124561&sfv=1-0-38&fsapi=false&prev_scp=pos%3Dfixed-edition-page-bottom%2Catf%26density%3Dstandard%26lee_group%3D8%26lee_hours%3D14%26lee_day%3D2%26fp%3D148%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3Deedition%26page%3Dasset%252Cpage%252Capp-eedition%252Cmd_screen%26browser%3DChrome&sc=1&abxe=1&dt=1664895553659&lmt=1664866893&dlt=1664895551567&idt=1319&adxs=419&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbuffalonews.com%2Feedition%2Fpage-a01%2Fpage_ecdf6224-c291-5148-92dc-24ddd5bee409.html%23fe%3D1%26eh%3D&frm=20&vis=1&psz=748x90&msz=728x90&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://buffalonews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 158ms
63ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fccaf545c8f28b53c6fdade65d96e8ef4effa8ad2de0f1bb2c8d1bf911c278f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11317
x-xss-protection: 0

GET
H2 200 container.html Show response
1096830db2e2bff8a8a4181f86f5c230.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 179A 6 KB
4 KB 220ms
62ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1096830db2e2bff8a8a4181f86f5c230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buffalonews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 14:59:13 GMT
expires: Wed, 04 Oct 2023 14:59:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
174 B 533ms
175ms Fetch
application/json 34.223.186.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.186.214 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-186-214.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://buffalonews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buffalonews.com
date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 633b9d0e6a156.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/f/5b/f5b93f95-f303-5678-99c0-8bc382f0ac57/ 19 KB
19 KB 39ms
38ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/f/5b/f5b93f95-f303-5678-99c0-8bc382f0ac57/633b9d0e6a156.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

731be3bdb484843b990607488646145beaac098bde8c2082c804e304d53d3793

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19664
cf-polished: origSize=19932, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19526
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:40:15 GMT
server: cloudflare
x-vcache: MISS
etag: "f090700a0ba77e3728b65d45034be523"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7badad591f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b9d1139868.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/6f/e6f20e1f-a366-5596-9e7f-8012128965c3/ 20 KB
20 KB 29ms
29ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/6f/e6f20e1f-a366-5596-9e7f-8012128965c3/633b9d1139868.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68cd9ef0239975b713db8bfce03427ae07d6d69d9972cc3038c203378a9724d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=20694, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 20321
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:40:19 GMT
server: cloudflare
x-vcache: MISS
etag: "3c31b1cc1914115f38e17f7e096f0ecd"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7badad691f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b7ec0bcc09.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/74/e7459766-0c8a-52e9-b13e-99f70fb2449d/ 17 KB
17 KB 24ms
24ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/74/e7459766-0c8a-52e9-b13e-99f70fb2449d/633b7ec0bcc09.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0b323b4b513c2e1765af140e60df8645c8ff19205c55d4e63e3664a0f36efb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=17954, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 17445
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 00:30:58 GMT
server: cloudflare
x-vcache: MISS
etag: "d740014609c7d8f320c9a8c1997fb09e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7badad891f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 174ms
82ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 14:59:13 GMT

GET
H2 200 633b7d6f9a8d6.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/25/a25af068-b5ff-5da6-9c0f-3843cb7f42d1/ 17 KB
18 KB 29ms
29ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/25/a25af068-b5ff-5da6-9c0f-3843cb7f42d1/633b7d6f9a8d6.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba3004a89101640eb620dd89b7de32cf75809a426e24e4b6a80d0ed258c8c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=18324, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 17846
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 00:25:21 GMT
server: cloudflare
x-vcache: MISS
etag: "2623366f7aa93bb48bac87e5bbe66e86"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bbbc2f91f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b9d142e2fc.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/2/54/254dcb1a-0c2b-5805-a277-38b2beb4a5c8/ 19 KB
19 KB 33ms
32ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/2/54/254dcb1a-0c2b-5805-a277-38b2beb4a5c8/633b9d142e2fc.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8b39adcb8b7f52a5fc6eac1a63906361a0c1282204a608aef7e8ec3511f60e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=20098, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19676
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:40:21 GMT
server: cloudflare
x-vcache: MISS
etag: "f95ea2009349bdb45b43f7188093d9ce"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bbbc3291f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633ba7a13150e.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/9d/89d03c6f-0820-554b-93f6-66c6b184bf56/ 19 KB
19 KB 28ms
27ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/9d/89d03c6f-0820-554b-93f6-66c6b184bf56/633ba7a13150e.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8f6e7d39f191827af23866ca316709b6be4e719cc74153087b1fbf14216926

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=19307, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19019
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 03:25:22 GMT
server: cloudflare
x-vcache: MISS
etag: "d6c17809930fc6b7e3d1a59aee0a188d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bbbc3391f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2443 13 KB
5 KB 92ms
29ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buffalonews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 98552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 11:36:42 GMT
expires: Tue, 03 Oct 2023 11:36:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 633ba1d3b0c00.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/47/a47e6882-1b11-573d-89eb-550c2bb616ab/ 19 KB
20 KB 28ms
27ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/47/a47e6882-1b11-573d-89eb-550c2bb616ab/633ba1d3b0c00.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56877b5359069e86c6e886f9fad7d7a9531bcad8aed0a7510e698154fe95f77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19664
cf-polished: origSize=20090, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19712
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 03:00:37 GMT
server: cloudflare
x-vcache: MISS
etag: "d2fedc9a1bb36912404633a65d94c316"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bd4eec91f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b7d71e0ea4.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/6a/86a2ce2e-7ab9-5e04-a65a-2a6ebed12f5a/ 18 KB
18 KB 53ms
52ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/6a/86a2ce2e-7ab9-5e04-a65a-2a6ebed12f5a/633b7d71e0ea4.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338b4bde43d69914f79a0bfc5cb35b1c5eb41a2d5aba2138378524f0884c7b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19664
cf-polished: origSize=18438, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 18076
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 00:25:23 GMT
server: cloudflare
x-vcache: MISS
etag: "db527dcfb445659cd62e53b42c2ec0ff"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bd4eef91f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b9866861ce.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/7/5e/75eb4c10-852f-5a02-859a-887b9598b1fc/ 17 KB
17 KB 30ms
30ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/7/5e/75eb4c10-852f-5a02-859a-887b9598b1fc/633b9866861ce.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff49cdd45475610840ea1e9b41550c556b86117cc1985890dd90c6b4738b1270

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19664
cf-polished: origSize=17954, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 17490
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 02:20:23 GMT
server: cloudflare
x-vcache: MISS
etag: "3040112108995cacd314889a34bbd883"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bd4ef291f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H3 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame 2443 36 KB
16 KB 90ms
29ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:21:12 GMT

GET
H2 200 633b8b859f2ce.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/d9/ad975b55-f45c-55f0-8588-7505beff7c0f/ 15 KB
15 KB 35ms
34ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/d9/ad975b55-f45c-55f0-8588-7505beff7c0f/633b8b859f2ce.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14b659c3a758b8bb806ebf1f6f4fb74b33998b74128a271b57ebe9fe89911769

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=15734, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 01:25:26 GMT
server: cloudflare
x-vcache: MISS
etag: "e0b33e6efe30fa3a7b08e505e42079fd"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7be38c991f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b6abd81ccd.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/9/68/9682e0dc-04e0-509c-8733-fe792abc4afb/ 18 KB
18 KB 30ms
30ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/9/68/9682e0dc-04e0-509c-8733-fe792abc4afb/633b6abd81ccd.preview-300.jpg?resize=200%2C341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c4c551954c1b621146c4f5355ee8348e29e1a554385397e852c4e9632a8173

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=18088, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 17990
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 23:05:37 GMT
server: cloudflare
x-vcache: MISS
etag: "9a9eef6519f6f4b07a7b2d292ce824ed"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7be38cc91f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H2 200 633b57fb76ab0.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/35/e35e64ff-d21d-5a78-96cf-949543904623/ 19 KB
19 KB 34ms
33ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/35/e35e64ff-d21d-5a78-96cf-949543904623/633b57fb76ab0.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de2abc875a741171488c1129517d2d0d67f22b371242847e8f0ff4fae681498b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=19671, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19310
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 21:45:38 GMT
server: cloudflare
x-vcache: MISS
etag: "bf4adc8addf38d6f03d7aaddf931131e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7be38cd91f3-FRA
expires: Wed, 04 Oct 2023 04:01:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2443 0
10 B 30ms
30ms Image
text/plain 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?knPltA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 633b580367908.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/5/db/5db321c2-2833-571d-bfbb-118cc12bf908/ 19 KB
20 KB 40ms
39ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/5/db/5db321c2-2833-571d-bfbb-118cc12bf908/633b580367908.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7a1fca162662d40d6bf7f8b3508c794b547f59c8ff8d8b23b33977256226a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=20111, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19834
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 21:45:40 GMT
server: cloudflare
x-vcache: MISS
etag: "88194354fd06f59b13a299553d2ff1db"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bfdbd591f3-FRA
expires: Wed, 04 Oct 2023 04:02:00 GMT

GET
H2 200 633b59153913f.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/46/a46ce600-d96f-50cf-af85-c6de6f9d0b66/ 19 KB
19 KB 28ms
27ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/46/a46ce600-d96f-50cf-af85-c6de6f9d0b66/633b59153913f.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f17a52fe6718c72e031a45e45f9a20015c3d3b0c9038204a7c02e0ffb150cd77

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=19653, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19300
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 21:50:15 GMT
server: cloudflare
x-vcache: MISS
etag: "36b43ea14e218192a6c7b3bcbbfa0440"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bfdbd891f3-FRA
expires: Wed, 04 Oct 2023 04:02:00 GMT

GET
H2 200 633b8b8812eea.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/ec/8ec0e464-0a93-507d-8439-bef0dcf9641e/ 19 KB
20 KB 29ms
28ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/ec/8ec0e464-0a93-507d-8439-bef0dcf9641e/633b8b8812eea.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d75f2af9c36044e5c256db9c98d4d77d2df1f26d6b876f1a9b17b98a3963bab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19663
cf-polished: origSize=20200, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19899
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 01:25:30 GMT
server: cloudflare
x-vcache: MISS
etag: "8012f112b1d320050cb3118d77b9bfa3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7bfdbdb91f3-FRA
expires: Wed, 04 Oct 2023 04:02:00 GMT

GET
H2 200 633ba9ec1efad.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/5/bb/5bb49aef-deb0-5179-bfb0-72b92b2b7034/ 18 KB
19 KB 152ms
151ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/5/bb/5bb49aef-deb0-5179-bfb0-72b92b2b7034/633ba9ec1efad.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62d7c603e01b2d4fe150f1a79fa05293fea78f960cff37ed0cbbed1fca034f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=19179, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 18890
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 03:35:09 GMT
server: cloudflare
x-vcache: MISS
etag: "52717b295042328e5b96f8e93ada414a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7c0dde191f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

GET
H2 200 633b7d741f7e3.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/b/98/b9897614-db30-5439-99e9-dba578eb9ee8/ 19 KB
19 KB 126ms
125ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/b/98/b9897614-db30-5439-99e9-dba578eb9ee8/633b7d741f7e3.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

523363d57e3b4b1332bcf8a792736a7086a3e4ce968f9cea8f0968b9bacc5ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=19928, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19559
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 00:25:25 GMT
server: cloudflare
x-vcache: MISS
etag: "d6533c4bfd0fe42b7559be1476744b29"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7c0dde391f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

GET
H2 200 633bab1449537.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cf/ecff6037-cab9-50e8-9bfe-50604a659635/ 18 KB
19 KB 151ms
151ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/e/cf/ecff6037-cab9-50e8-9bfe-50604a659635/633bab1449537.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3a37b5cbd620cfc887d6c2236616a019712eeb4222cf0c3dc905527afcbc94

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=19239, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 18807
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 03:40:05 GMT
server: cloudflare
x-vcache: MISS
etag: "37ccdbcc45a4e27b57aaece1ece0285f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7c0dde791f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=3174747045834842&bg=!dXaldjLNAAYQgTJdMIE7ACkAdvg8WgAuYZ4ZZGCq5e7Rs9SiDQ3nSX2hiiklRS4q9d67pj0wDsEnpAIAAABXUgAAAAJoAQeZAqi_TRLpX6sEk4E28szCkhSsL2Pou1F3BAIzk9bxi9oyJF9BCqae6NZ0xw3qJqvmRiodVxLaLM5fcvP9Bfq0dgO07UEO8CaerRGIcZLU6pbMkXLIzl8iDz98eUe4tR4LaY3WQ0F2ftSoOfcajD0-krLbaxWM1PpdDAlbYg7XcCotfk7OPOEdGvvy44bwOb6ei35mtVhCMLTVi0JXes-WNRr8UoUOa8X72XV6wmNan2iAecvH1hCKhtJRloYCLn7NBwZOK-WHGZAXa8OEvU_hfbE4Tf8DUAWn2bkkPT2noJDKAuBrfrMGAG-0Yo7bYLgcLagvqtymOVXbe9Pb-ml9CuoDLI-3syU47U44gtmdYtG8sC1aWdDPX_0LGCvJ2lQhaoIoCT29QFFyFeN7Z7SzaC7_RloowC2ww3TDKHw3NIFIzTX3vaKgO61hGKK3D2_Q9AiBrYhQBR42q7YkqIywacxnB_w_EbfGrBlMXidU7boG02iRog5m61LdF-XX7O1_AYmHTOc0ob8Y87uIXdqFResyoYG5gkKvh3qaHtuv2h3wDVYR353SwKecQo4jQjj7MWipG_Jk6IXztGhMfsc49EfObS5i9hDyN2CwlWfMI8qEui-4vmPHo8KQ29kZule2OM-iY-LqkFxAenjQzX5g6N6kK_1YbN3GuIuNiVR5nsvR-w-1B03iKmsBAlur0h65QhCuiNkmpmlkKMjmyfw0G0Tmh8A1X8kmPa4EBR4t6ZSZV3FogBfnYibo7UE7RLIdEIcLgLllr_GbtP7m5UgKSTl-xlHqRUaL9Plu1QfF7Eb5W9mLFDTCedIApP2O4Kgsl04Hwou6JrBpixsr6gMk-pm6y4SFJyF34_iulR2LeXvWjbnTLEs5iuPPFKX092q3UG-UOPctC2_yfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 633bac54e6144.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/74/a74f62cb-df02-5f69-b154-5a8d49e63e19/ 17 KB
17 KB 114ms
113ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/74/a74f62cb-df02-5f69-b154-5a8d49e63e19/633bac54e6144.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5867ab8c45afa1cd44d16211f023b03aacc3988eac979d3af766c401ca7afd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:15 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=17648, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 17301
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 03:45:26 GMT
server: cloudflare
x-vcache: MISS
etag: "69ed23febf307af2a5b68af45fa893c0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7c36a4191f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

GET
H2 200 633ba9ee2e169.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/9/ff/9ffb4133-477a-5638-a090-80c436612609/ 18 KB
18 KB 141ms
140ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/9/ff/9ffb4133-477a-5638-a090-80c436612609/633ba9ee2e169.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd13eb3707de5e24b8da8769e4d7780913bc4041930d68283ab3a9e82ed6763

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:15 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=18288, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 17932
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 03:35:11 GMT
server: cloudflare
x-vcache: MISS
etag: "db99f46a5cdc65ff4385554c7d091155"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7c36a4391f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

GET
H2 200 633ba8bb9387a.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/f7/af72e5b5-cb9b-59f9-8ef8-1f05177c583b/ 16 KB
16 KB 135ms
135ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/a/f7/af72e5b5-cb9b-59f9-8ef8-1f05177c583b/633ba8bb9387a.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8105e0f5ce262db8928dfd2ae432da1bab5f1fc76159733f321536ecc046e712

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:15 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=16464, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 16238
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 03:30:05 GMT
server: cloudflare
x-vcache: MISS
etag: "c5fd1990a5fb026347ace0d8c41015d9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7c36a4591f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

GET
H2 200 633b822e84400.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/7/8d/78db8aa1-070f-5d24-9bae-d58b03905afa/ 19 KB
19 KB 116ms
115ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/7/8d/78db8aa1-070f-5d24-9bae-d58b03905afa/633b822e84400.preview-300.jpg?resize=200%2C367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30eddbded3b360833e17e58e6656c2e8ec959ecb0860e8b45cfcb16b3ad7afb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:15 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=20068, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19718
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 00:45:36 GMT
server: cloudflare
x-vcache: MISS
etag: "d0c09257d0709b399a012eed80cf066d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7c5ce9b91f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

GET
H2 200 633b6ac20946c.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/5/39/539cbc37-f364-517d-b0a8-cde4803b7430/ 19 KB
19 KB 28ms
27ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/5/39/539cbc37-f364-517d-b0a8-cde4803b7430/633b6ac20946c.preview-300.jpg?resize=200%2C341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df8c227e24dfd80c7a73c3bade4e39d6357a4fac167a2696d64740d6035110a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:15 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 20795
cf-polished: origSize=19310, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 19060
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 23:05:39 GMT
server: cloudflare
x-vcache: MISS
etag: "b66ea3388fc611d4d2b87fcc53663bee"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 754ec7c5ce9d91f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

GET
H2 200 633b590f5fce8.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/95/895d4c00-6ea7-5743-98b2-7742fa72991a/ 68 KB
68 KB 37ms
37ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/8/95/895d4c00-6ea7-5743-98b2-7742fa72991a/633b590f5fce8.preview-300.jpg?resize=200%2C1350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63030c3a8be842b8993853ae0f7234905d246ab8c89c318c8ef2beed449bda4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:15 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 20795
cf-polished: origSize=69479, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 21:50:09 GMT
server: cloudflare
x-vcache: MISS
etag: "d482aaf19f3c3d53a90d8ed7e66d87c6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7c5ce9e91f3-FRA
expires: Wed, 04 Oct 2023 08:21:35 GMT

GET
H2 200 633b591279a2b.preview-300.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/c/cc/ccc754bc-d547-5285-abe9-2970544f95db/ 52 KB
52 KB 35ms
35ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/eedition/c/cc/ccc754bc-d547-5285-abe9-2970544f95db/633b591279a2b.preview-300.jpg?resize=200%2C1350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46d1f73a395ffa8be81923f059a24044fca8333fdac1e9628331e19a07b4f962

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 14:59:15 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 20795
cf-polished: origSize=53785, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Oct 2022 21:50:12 GMT
server: cloudflare
x-vcache: MISS
etag: "7d65b536a3c5c02a653327244c7fdbd2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 754ec7c83aaa91f3-FRA
expires: Wed, 04 Oct 2023 04:07:49 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
click1.email.buffnews.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: EBFDB0C30FE0769F7BEB9FC354AE3C48
.buffalonews.com/	1970-01-20 06:28:17	Name: spses.8060 Value: *
.trkn.us/	1970-01-20 15:13:51	Name: barometric[cuid] Value: cuid_175d9580-8463-4989-98c5-985b8f38e7e3
.buffalonews.com/	1970-01-20 06:28:19	Name: AMP_TOKEN Value: %24NOT_FOUND
.leetemplates.com/	1970-01-20 15:13:51	Name: sp Value: 064d099e-5360-4649-8c62-76b8c0702c5e
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
buffalonews.com/	1970-01-20 15:13:51	Name: ajs_anonymous_id Value: d0dc8d66-6a1d-4b38-bea5-e42503ccec83

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1096830db2e2bff8a8a4181f86f5c230.safeframe.googlesyndication.com
a.leetemplates.com
aax-dtb-cf.amazon-adsystem.com
ampcid.google.com
ampcid.google.de
api.bntech.io
api.segment.io
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
buffalonews.com
c.amazon-adsystem.com
cdn.segment.com
click1.email.buffnews.com
cmp.osano.com
d1eoo1tco6rr5e.cloudfront.net
insight.adsrvr.org
pagead2.googlesyndication.com
qnhtg9kbqjgw2izax.ay.delivery
securepubads.g.doubleclick.net
storage.googleapis.com
tagan.adlightning.com
tags.crwdcntrl.net
tpc.googlesyndication.com
trkn.us
www.google-analytics.com
www.googletagmanager.com
104.16.132.24
108.138.17.100
13.32.106.197
18.66.123.144
18.66.138.112
18.66.147.43
192.104.182.109
2001:4860:4802:32::178
2600:1f18:410b:aea1:6c44:2e43:3e3:c8da
2600:9000:223c:5800:3:b7e:8940:93a1
2606:4700:e6::ac40:cb0a
2a00:1450:4001:800::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:400d:804::2001
2a00:1450:400d:804::2002
2a00:1450:400d:806::2001
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2010
3.228.232.15
34.102.205.239
34.223.186.214
34.251.218.252
52.222.209.55
52.223.40.198
74.214.203.11
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0cfbc80492caece0232581490c4b3ba3fa570a98fafd9fd5ed5eb013a553eba9
0dfee6313da23d5f532e73b11d2545c56746b80aca8f31bc34c2b9cc4e1e2663
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14b659c3a758b8bb806ebf1f6f4fb74b33998b74128a271b57ebe9fe89911769
15c079782ef7f474a672487a9bf93593d1be4098e699040ac9da2542689d79b3
161e4b5222f63cb4c8de9e08a5dfc3f013195ac7898ac824571b61c1f37abd2d
188664f649ab050a68805c924a68923d24ccf251e880c30138eccea6f619f597
18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
1e8a02509c4d963962da9a455673b7ebfd5f957cea4e14d764ce1d0293072306
1f2de963f2a87cdc594fe83aa0ef7270255dc1345c22b1a0a19d15d8bc74a541
1f2edd86203b443845bb63f66f1ad8459d0550797d4711750f83d4f138b59c87
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3049db4be872564809e26eea512e437046645835cc6a34783d24d5d104271c82
30eddbded3b360833e17e58e6656c2e8ec959ecb0860e8b45cfcb16b3ad7afb9
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
338b4bde43d69914f79a0bfc5cb35b1c5eb41a2d5aba2138378524f0884c7b2b
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
38cbad3f0760fd779e554bb11c9ba0811125c5409237405f99d94d087afcf16c
3a7a1fca162662d40d6bf7f8b3508c794b547f59c8ff8d8b23b33977256226a0
3ca150a20490d9375c61e2b56e85da92b5a8e5138dc4bbb3b5d70486e115df82
3d2dd4469f84eee0b4a7fc1791a51c9fe3544bf4b26df414af78a2fddbe5938d
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
46d1f73a395ffa8be81923f059a24044fca8333fdac1e9628331e19a07b4f962
49d58baa56c886a4f17f81b4a45712f984e19ca26e9b017f822a4eef2c1c90af
4ad0b3585f0400535d85393d350940ac0e36e8058585e6be66152adb61f54a7b
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
523363d57e3b4b1332bcf8a792736a7086a3e4ce968f9cea8f0968b9bacc5ef0
524e0c711703caaeeb5842af69e372eb9f09ea786d110531f86a9bd3ce8e55c0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f9a76878f9b58263a9e73ec823b6653710df062341d673773a2d8b23ab1740
56877b5359069e86c6e886f9fad7d7a9531bcad8aed0a7510e698154fe95f77c
5867ab8c45afa1cd44d16211f023b03aacc3988eac979d3af766c401ca7afd76
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5ba3004a89101640eb620dd89b7de32cf75809a426e24e4b6a80d0ed258c8c19
5cee4f651ba177446ee831639bd82b56886d0ff76894c3b57bbe1f47993687cd
5d3a6046c5bd7ed05c2d929511a0a1b74774f083062876f2bce9333f76c86500
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63030c3a8be842b8993853ae0f7234905d246ab8c89c318c8ef2beed449bda4a
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
678d4ac4a14d788e91c631db4c545df5acc5197735f47a9a66d4008a445caede
705e3af7994961bde67317d67191989cabc28a98c56dd8a1f9598a90f14adfe9
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
731be3bdb484843b990607488646145beaac098bde8c2082c804e304d53d3793
787afc0aca7e48e8df2b3fd4cac119567bb9e5f88ef745a229870a6808d76b5b
7dbf15747ec420e9647d13e8dc00c65f708ee42098b5e673bb69957fff1236e7
7eed831637144a57dc3fa39375e233aa8affb128f579657c4dcac695ab3dde2a
7fee6f6d40fa876af57e1cb4626397960a539281f37903d22126825fd3cbd0e1
8105e0f5ce262db8928dfd2ae432da1bab5f1fc76159733f321536ecc046e712
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8a1b58d624eeb47e9e3073531a5d364e41a2e7853c052873a79917f97dd0bb44
8bd13eb3707de5e24b8da8769e4d7780913bc4041930d68283ab3a9e82ed6763
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c4c551954c1b621146c4f5355ee8348e29e1a554385397e852c4e9632a8173
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
980fd07f041470b33ad1caae471189131babf8d759d0da5778a5ed2e850a0eab
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a08f0a7a6626d64d40ce2e5852c321f71df7fe69a8415b011769dbb07f07d3e
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a62d7c603e01b2d4fe150f1a79fa05293fea78f960cff37ed0cbbed1fca034f6
a68cd9ef0239975b713db8bfce03427ae07d6d69d9972cc3038c203378a9724d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8b39adcb8b7f52a5fc6eac1a63906361a0c1282204a608aef7e8ec3511f60e0
aa76078dc3765f75a7cfe5808e6b7d0f1ba4b557f51376e3155c1bf20a8bd8b5
ab6859b407de61d31320d067fc6834c2c64fad8c1a80c8ee32b374691fb955e5
b0b323b4b513c2e1765af140e60df8645c8ff19205c55d4e63e3664a0f36efb3
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b433d56dd3051a04092971f2aca6e8f311c222aaf05ff1b4e1e27d2792da9a2e
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bfd126ac0ab625bcf5593a41432b04177248382666e755aeeaf5458a822bee72
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdb40ac8836ea88b63e5affeca8a6e0ecd49d683dcb8a40de483711badee2821
ce3a37b5cbd620cfc887d6c2236616a019712eeb4222cf0c3dc905527afcbc94
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d75f2af9c36044e5c256db9c98d4d77d2df1f26d6b876f1a9b17b98a3963bab6
d810ffa4c50151f1c5dc1beb3a7d09d631248e13c2ed5c68b9fa0b73cd0a6e03
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de2abc875a741171488c1129517d2d0d67f22b371242847e8f0ff4fae681498b
df8c227e24dfd80c7a73c3bade4e39d6357a4fac167a2696d64740d6035110a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c21fcdec7e1b94d85c94aac21d969329a41494bc54594e139fdaafdba399ee
e3cbdbb20c71a69d9af5d4e715c5d535697bbeb85cc4b7a269c3145c57c65f77
e3f5786ce9fe14605e32f61d35c809d8d5a03dbfe6ef1494761b847eda1a2d19
e7376ac5d189aa6709ce824da6ab6a3c2c85bacb7cf8dafbf5c423de19c891e8
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ee8f6e7d39f191827af23866ca316709b6be4e719cc74153087b1fbf14216926
f17a52fe6718c72e031a45e45f9a20015c3d3b0c9038204a7c02e0ffb150cd77
f2348dedf8d16f84fda26dd4153491d47327a259ea67c80612ac563649de92f5
f77e396f1e185be2313dd303447ec8c2684eb50e32c414fe46b206f7f5a36d3e
f85d0239fb29dafa0d919730e7fa9b3da031b340a0825bf653ca167cde364ecd
fa41104fbc7b5ace6322ad07f26099524a5fb257e3a39425cc4af7887ba26152
fccaf545c8f28b53c6fdade65d96e8ef4effa8ad2de0f1bb2c8d1bf911c278f0
fe8390d7cfd8396d63a8c81eb7b91e6d67b84b1ad3cc185ce6d4b5effe1feebd
ff0302b9ded05a56d6ac04983230f1b137d6967b819184783d5c5cc1009a4a2f
ff49cdd45475610840ea1e9b41550c556b86117cc1985890dd90c6b4738b1270

buffalonews.com Open in urlscan Pro 192.104.182.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

88 %HTTPS

46 %IPv6

22 Domains

26 Subdomains

26 IPs

4 Countries

6042 kBTransfer

9186 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buffalonews.com Open in urlscan Pro
192.104.182.109 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

88 %
HTTPS

46 %
IPv6

22
Domains

26
Subdomains

26
IPs

4
Countries

6042 kB
Transfer

9186 kB
Size

7
Cookies

122 HTTP transactions
0 data transactions