buffalonews.com Open in urlscan Pro
192.104.182.109  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://buffalonews.bloxcms.com/ HTTP 301
   https://buffalonews.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

• https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
• https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 68

• https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=2113601160 HTTP 302
• https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=2113601160&ip=217.64.151.6&cuidchk=1

Request Chain 127

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://bidder.newspassid.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GqChqLZHAz8yUdWTR5GX1GFm

Request Chain 129

• https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-newspassid&C=1 HTTP 302
• https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZGPkyMeT56rXf1qR-LiJugAA%261218

Request Chain 130

• https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
• https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=pbs-newspassid&ox_sc=1 HTTP 302
• https://bidder.newspassid.com/setuid?bidder=openx&uid=ba3db499-ec7b-4ad5-ab66-e54234bea4d1

Request Chain 132

• https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
• https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
• https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=4a43e9c9-d8c2-4ee2-89d6-10c2c3b8e77d

Request Chain 133

• https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
• https://bidder.newspassid.com/setuid?bidder=openx&uid=ba3db499-ec7b-4ad5-ab66-e54234bea4d1

Request Chain 135

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1e8f6463-e4c9-4400-8ffd-6588b672058e&gdpr=0&gdpr_consent=

Request Chain 136

• https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685627649318052

Request Chain 138

• https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7580794063742113055

Request Chain 139

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1251A782-53EE-499E-B99F-5F0CA3510D7C&redir=true&gdpr=0&gdpr_consent= HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1251A782-53EE-499E-B99F-5F0CA3510D7C&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 141

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ElGnglPuSZ65n18Mo1ENfA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ElGnglPuSZ65n18Mo1ENfA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 143

• https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
• https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=782642497 HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
• https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1251A782-53EE-499E-B99F-5F0CA3510D7C

Request Chain 144

• https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1251A782-53EE-499E-B99F-5F0CA3510D7C HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2JnN2hwRTllUkRRQTZIMEd0eW94OFpOdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/a?adform_uid=7235409016368083804&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
• https://a.audrte.com/p

Request Chain 145

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTI1MUE3ODItNTNFRS00OTlFLUI5OUYtNUYwQ0EzNTEwRDdD&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTI1MUE3ODItNTNFRS00OTlFLUI5OUYtNUYwQ0EzNTEwRDdD&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 146

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGI3ZypDHM7W0zhtXXqekz4&google_cver=1

Request Chain 148

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7235409016368083804

Request Chain 150

• https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
• https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
• https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=4a43e9c9-d8c2-4ee2-89d6-10c2c3b8e77d

Request Chain 151

• https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
• https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7235409016368083804

Request Chain 152

• https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
• https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
• https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=7a683978-950b-4857-a77c-d665fef8d169

Request Chain 155

• https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fbidder.newspassid.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
• https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4102114611178514225

Request Chain 156

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
• https://bidder.newspassid.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GqChqLZHAz8yUdWTR5GX1GFm

Request Chain 157

• https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
• https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=7a683978-950b-4857-a77c-d665fef8d169

Request Chain 159

• https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
• https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7235409016368083804

Request Chain 160

• https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
• https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D

Request Chain 161

• https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
• https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D

Request Chain 162

• https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
• https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
• https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2477180748445923568344

Request Chain 163

• https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
• https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
• https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2477180748445923568344

Request Chain 165

• https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
• https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4102114611178514225

Request Chain 166

• https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D HTTP 302
• https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZGPkyMeT56rXf1qR-LiJugAA%261218

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response buffalonews.com/ Redirect Chain http://buffalonews.bloxcms.com/ https://buffalonews.com/	579 KB 64 KB	432ms 200ms	Document text/html	192.104.182.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.104.182.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.chicago2.vip.townnews.com Software / Resource Hash dc0bd1f160b57382e34a00570f0e75ee2ccde11bb5e2095c04588e555cf2ed59 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 177 cache-control public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate content-encoding gzip content-length 63740 content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Tue, 16 May 2023 20:14:09 GMT etag W/22fcc6074f816673ee6d1dd9ac5114f5 last-modified Tue, 16 May 2023 20:14:09 GMT link <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.927f7b4d39c864e560f306b53aebaa1a.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.5db05a902b65d8369a6c2a8372700e2e.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload vary X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-loop 1 x-robots-tag noarchive x-tncms 1.69.1; app9; 0.73s; 6.4M x-ua-compatible IE=edge x-vcache HIT x-xrds-location https://buffalonews.com/tncms/xrds/ x-xss-protection 1; mode=block Redirect headers age 0 cache-control public, max-age=300 content-encoding gzip content-length 1784 content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Tue, 16 May 2023 20:17:06 GMT link <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin location https://buffalonews.com/ strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-loop 1 x-robots-tag noarchive x-tncms 1.69.1; app10; 0.01s; 1.2M x-vcache MISS x-xrds-location https://buffalonews.com/tncms/xrds/ x-xss-protection 1; mode=block
GET H2	200	jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/	98 KB 34 KB	282ms 39ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 4959379 last-modified Wed, 07 Jul 2021 20:09:22 GMT x-vcache MISS server cloudflare etag W/"60e609f2-1882c" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66ab6990ef-FRA expires Thu, 31 Aug 2023 19:01:19 GMT
GET H2	200	user.js Show response buffalonews.com/shared-content/art/tncms/user/	12 KB 5 KB	102ms 100ms	Script application/x-javascript	192.104.182.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://buffalonews.com/shared-content/art/tncms/user/user.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.104.182.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.chicago2.vip.townnews.com Software / Resource Hash 2e2d9e035b60b9327b80160e2c7bd5bea17951235a6221398f698997b9583d0b Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:13:06 GMT content-encoding gzip last-modified Tue, 18 Apr 2023 15:04:17 GMT x-vcache HIT age 241 etag W/"643eb171-2fd2" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 accept-ranges bytes content-length 4388 service-worker-allowed /
GET H2	200	bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/	39 KB 11 KB	275ms 33ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 2897317 cross-origin-resource-policy cross-origin last-modified Fri, 06 Sep 2019 14:16:03 GMT x-vcache MISS server cloudflare etag W/"5d726a23-9bd8" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66bb7290ef-FRA expires Wed, 27 Mar 2024 10:54:14 GMT
GET H2	200	common.08a61544f369cc43bf02e71b2d10d49f.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	32 KB 12 KB	280ms 38ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 1612297 cross-origin-resource-policy cross-origin last-modified Thu, 16 Mar 2023 19:39:17 GMT x-vcache MISS server cloudflare etag W/"64137065-8154" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66bb7490ef-FRA expires Thu, 21 Mar 2024 06:45:35 GMT
GET H2	200	tnt.927f7b4d39c864e560f306b53aebaa1a.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	22 KB 6 KB	274ms 32ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.927f7b4d39c864e560f306b53aebaa1a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc7b4692ed56424dffd2e57075a03b244959ea06c5590738892db6fae2ab2b Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 18305 cross-origin-resource-policy cross-origin last-modified Mon, 17 Apr 2023 19:51:02 GMT x-vcache MISS server cloudflare etag W/"643da326-5865" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66bb7390ef-FRA expires Wed, 01 May 2024 19:01:15 GMT
GET H2	200	application.5db05a902b65d8369a6c2a8372700e2e.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	4 KB 2 KB	274ms 33ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.5db05a902b65d8369a6c2a8372700e2e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc9d2ec08d5cb963c3b28c81c8de67b3bf03a09e5dd8729d8bdbe7f0b35e88ef Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 4842098 cross-origin-resource-policy cross-origin last-modified Thu, 16 Mar 2023 19:38:56 GMT x-vcache MISS server cloudflare etag W/"64137050-110a" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66bb7590ef-FRA expires Wed, 20 Mar 2024 19:01:12 GMT
GET H2	200	tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	2 KB 1 KB	273ms 31ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 9633087 last-modified Thu, 23 Jun 2022 13:40:11 GMT x-vcache MISS server cloudflare etag W/"62b46d3b-9ae" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66bb7790ef-FRA expires Thu, 06 Jul 2023 19:01:24 GMT
GET H2	200	bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/	107 KB 18 KB	278ms 39ms	Stylesheet text/css	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 18305 cross-origin-resource-policy cross-origin last-modified Fri, 28 Apr 2023 04:51:18 GMT x-vcache MISS server cloudflare etag W/"644b50c6-1ac2e" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66ab6390ef-FRA expires Wed, 01 May 2024 19:01:15 GMT
GET H2	200	layout.7a8987c4a425148919f9be1f77ae1946.css bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/	153 KB 28 KB	286ms 47ms	Stylesheet text/css	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.7a8987c4a425148919f9be1f77ae1946.css Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22c7a9ec99c3bb75aee4f9943c4c960d107d1485438ea754665ea6a1d541119b Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 18305 cross-origin-resource-policy cross-origin last-modified Thu, 11 May 2023 20:01:48 GMT x-vcache MISS server cloudflare etag W/"645d49ac-2638d" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66ab6490ef-FRA expires Wed, 15 May 2024 15:01:09 GMT
GET H2	200	lee.ds.css bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/	96 KB 17 KB	273ms 34ms	Stylesheet text/css	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1683874814 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04da122e70371bba47c7c58135bfed4f21d1545c72ba51d8cbc0d43276f834f9 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 384226 cross-origin-resource-policy cross-origin last-modified Fri, 12 May 2023 07:00:14 GMT x-vcache MISS server cloudflare etag W/"645de3fe-17f3c" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66ab6590ef-FRA expires Sat, 11 May 2024 07:05:17 GMT
GET H2	200	flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/	6 KB 2 KB	271ms 32ms	Stylesheet text/css	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 2905616 cross-origin-resource-policy cross-origin last-modified Thu, 16 Mar 2023 19:40:09 GMT x-vcache MISS server cloudflare etag W/"64137099-189c" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66ab6690ef-FRA expires Thu, 21 Mar 2024 06:45:35 GMT
GET H2	200	owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/	5 KB 1 KB	278ms 39ms	Stylesheet text/css	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 2323368 last-modified Tue, 10 May 2022 15:15:33 GMT x-vcache MISS server cloudflare etag W/"627a8195-12b0" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66ab6890ef-FRA expires Thu, 25 May 2023 16:05:12 GMT
GET H2	200	cc.js Show response tags.crwdcntrl.net/c/6894/	38 KB 12 KB	34ms 6ms	Script application/json	65.9.66.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-104.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 03:36:34 GMT content-encoding gzip via 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront) last-modified Tue, 14 Feb 2023 19:10:09 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 60033 x-amz-server-side-encryption AES256 etag W/"8cd042d9f203fe2e01747c7444f95498" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json cache-control public, max-age=86400 x-amz-cf-id XeiKYd4tkP3Y9ppCXZZya1r-9cGeCj1RSGUT5YY3WQ-n9SLXFWc5Gw==
GET H2	200	access.js Show response buffalonews.com/shared-content/art/tncms/api/	87 KB 35 KB	132ms 130ms	Script application/x-javascript	192.104.182.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://buffalonews.com/shared-content/art/tncms/api/access.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.104.182.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.chicago2.vip.townnews.com Software / Resource Hash 955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8 Request headers Referer https://buffalonews.com/ Origin https://buffalonews.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:16:53 GMT content-encoding gzip last-modified Fri, 07 Apr 2023 20:21:14 GMT x-vcache HIT age 13 etag W/"64307b3a-15cd7" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 accept-ranges bytes content-length 35387 service-worker-allowed /
GET H2	200	osano.js Show response cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/	435 KB 99 KB	48ms 10ms	Script application/javascript	2600:9000:223c:ce00:3:b7e:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:ce00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 28dc2d1f16a8ddcc40862558eeb5df2201e657c4f8b210522b1af10f98fce210 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Mon, 15 May 2023 21:59:03 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000 via 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 80284 x-cache Hit from cloudfront content-length 100317 x-xss-protection mode=block last-modified Mon, 15 May 2023 21:37:39 GMT server CloudFront etag "4eac755bcbe9ff22498447980d3e52cf" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform x-amz-cf-id dcejdLkCXbcFVT2ys3Qit8barwOwm-SVIIzUcl4tJp46hRyrF8UMYQ==
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	230 KB 57 KB	59ms 6ms	Script application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 19:42:09 GMT content-encoding gzip via 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront), 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront) last-modified Wed, 10 May 2023 21:23:08 GMT server AmazonS3 x-amz-cf-pop PRG50-C1, FRA56-P3 age 2099 x-amz-server-side-encryption AES256 etag W/"e6af4658ab1a6fdde1f0066b27d5372e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id Ik0BOWX43t5Vp5nCpPq_rcJjTmaeZgYE-iku4nXxGN_e9PBnT5nVfw==
GET H2	200	video.continue.a2b66a5f72b8916750786031ff004f58.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/	3 KB 1 KB	17ms 13ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/video.continue.a2b66a5f72b8916750786031ff004f58.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd72af68e3fe455ae746ed0416917e83028cd0007e10c96d50f2d7d4bde33130 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 1170184 last-modified Wed, 08 Dec 2021 21:26:20 GMT x-vcache MISS server cloudflare etag W/"61b122fc-dbe" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d683d1c90ef-FRA expires Wed, 26 Jul 2023 07:59:09 GMT
GET H2	200	owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	40 KB 11 KB	21ms 18ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 7760972 last-modified Thu, 21 Jul 2022 21:07:13 GMT x-vcache MISS server cloudflare etag W/"62d9c001-9ff8" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d683d1e90ef-FRA expires Wed, 26 Jul 2023 07:59:09 GMT
GET H2	200	tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	3 KB 1 KB	18ms 15ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 6648959 last-modified Thu, 23 Jun 2022 13:40:09 GMT x-vcache MISS server cloudflare etag W/"62b46d39-db8" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d683d1f90ef-FRA expires Thu, 06 Jul 2023 19:01:22 GMT
GET H2	200	tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	7 KB 2 KB	16ms 13ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 1596544 last-modified Thu, 21 Jul 2022 21:06:46 GMT x-vcache HIT server cloudflare etag W/"62d9bfe6-1ba0" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d683d2090ef-FRA expires Wed, 26 Jul 2023 09:20:33 GMT
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/6.6.2/	11 KB 4 KB	37ms 8ms	Script text/javascript	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Sat, 13 May 2023 06:26:14 GMT content-encoding gzip x-content-type-options nosniff age 309053 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3945 x-xss-protection 0 last-modified Thu, 19 Sep 2019 21:11:52 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 May 2024 06:26:14 GMT
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/6.6.2/	31 KB 9 KB	36ms 7ms	Script text/javascript	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Sat, 13 May 2023 06:20:38 GMT content-encoding gzip x-content-type-options nosniff age 309389 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8653 x-xss-protection 0 last-modified Thu, 19 Sep 2019 21:11:54 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 May 2024 06:20:38 GMT
GET H2	200	messaging.js Show response buffalonews.com/shared-content/art/tncms/api/	4 KB 1 KB	103ms 100ms	Script application/x-javascript	192.104.182.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://buffalonews.com/shared-content/art/tncms/api/messaging.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.104.182.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.chicago2.vip.townnews.com Software / Resource Hash fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:15:38 GMT content-encoding gzip last-modified Tue, 18 Apr 2023 15:04:17 GMT x-vcache HIT age 89 etag W/"643eb171-11aa" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 accept-ranges bytes content-length 1259 service-worker-allowed /
GET H2	200	tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/	200 B 282 B	284ms 47ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 1596544 cross-origin-resource-policy cross-origin last-modified Thu, 16 Mar 2023 19:39:57 GMT x-vcache MISS server cloudflare etag W/"6413708d-c8" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66ab6b90ef-FRA expires Wed, 27 Mar 2024 11:43:22 GMT
GET H2	200	tracking.js Show response buffalonews.com/shared-content/art/tncms/	3 KB 1 KB	194ms 193ms	Script application/x-javascript	192.104.182.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://buffalonews.com/shared-content/art/tncms/tracking.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.104.182.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.chicago2.vip.townnews.com Software / Resource Hash 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:15:07 GMT content-encoding gzip last-modified Tue, 18 Apr 2023 15:04:17 GMT x-vcache HIT age 119 etag W/"643eb171-a4b" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 accept-ranges bytes content-length 1149 service-worker-allowed /
GET H2	200	prebid7.9.0.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/	197 KB 61 KB	283ms 45ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid7.9.0.js?_dc=1684220414 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 46651 cross-origin-resource-policy cross-origin last-modified Tue, 16 May 2023 07:00:14 GMT x-vcache MISS server cloudflare etag W/"646329fe-313f5" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66bb7690ef-FRA expires Wed, 15 May 2024 07:05:20 GMT
GET H2	200	lee.common.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/	9 KB 3 KB	277ms 39ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1683874814 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 391872 cross-origin-resource-policy cross-origin last-modified Fri, 12 May 2023 07:00:14 GMT x-vcache MISS server cloudflare etag W/"645de3fe-2459" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d66ab6a90ef-FRA expires Sat, 11 May 2024 07:05:16 GMT
GET H2	200	fontawesome.fdf2ff06df6c03a5bbbf7b91674e4274.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	264 KB 95 KB	26ms 23ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.fdf2ff06df6c03a5bbbf7b91674e4274.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8263e37dd2cbaca9e4fe01bc54a5a5fb7478dfbae61fe604d735c8e39b496e4 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 18304 cross-origin-resource-policy cross-origin last-modified Thu, 11 May 2023 20:01:05 GMT x-vcache MISS server cloudflare etag W/"645d4981-42150" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d683d2190ef-FRA expires Wed, 15 May 2024 15:01:09 GMT
GET H2	200	tracker.js Show response buffalonews.com/shared-content/art/stats/common/	9 KB 3 KB	194ms 193ms	Script application/x-javascript	192.104.182.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://buffalonews.com/shared-content/art/stats/common/tracker.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.104.182.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.chicago2.vip.townnews.com Software / Resource Hash d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:03 GMT content-encoding gzip last-modified Wed, 22 Mar 2023 14:02:33 GMT x-vcache HIT age 4 etag W/"641b0a79-2200" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 accept-ranges bytes content-length 3224 service-worker-allowed /
GET H2	200	24fbd734-b215-11ec-896b-8b89a4fa0d4f.png bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/	5 KB 5 KB	17ms 14ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/24fbd734-b215-11ec-896b-8b89a4fa0d4f.png Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f467583cf3c2f542573ae63ceede5a99e822a0445eee6cd211fd2f47947b33e0 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 cf-cache-status HIT age 4959378 cf-polished origFmt=png, origSize=5336 cross-origin-resource-policy cross-origin content-disposition inline; filename="24fbd734-b215-11ec-896b-8b89a4fa0d4f.webp" content-length 4774 cf-bgj imgq:85,h2pri last-modified Fri, 01 Apr 2022 23:40:42 GMT server cloudflare x-vcache MISS etag "62478d7a-14d8" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d683d2290ef-FRA expires Fri, 15 Mar 2024 18:32:51 GMT
GET H2	200	user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/	978 B 1 KB	16ms 14ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 cf-cache-status HIT age 10108014 cf-polished origFmt=png, origSize=3610 cross-origin-resource-policy cross-origin content-disposition inline; filename="user_no_avatar.webp" content-length 978 cf-bgj imgq:85,h2pri last-modified Thu, 02 Apr 2015 21:53:54 GMT server cloudflare x-vcache MISS etag "551dba72-e1a" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d683d2390ef-FRA expires Fri, 12 Jan 2024 17:12:58 GMT
GET H2	200	logo-tagline.png bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/	5 KB 5 KB	18ms 15ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1683874814 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 cf-cache-status HIT age 391870 cf-polished origFmt=png, origSize=10949 cross-origin-resource-policy cross-origin content-disposition inline; filename="logo-tagline.webp" content-length 5302 cf-bgj imgq:85,h2pri last-modified Fri, 12 May 2023 07:00:14 GMT server cloudflare x-vcache MISS etag "645de3fe-2ac5" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d683d2490ef-FRA expires Sat, 11 May 2024 07:05:17 GMT
GET H2	200	op.js Show response tagan.adlightning.com/leeenterprises/	46 KB 18 KB	70ms 17ms	Script application/javascript	108.156.2.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/leeenterprises/op.js Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.2.12 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-2-12.mxp63.r.cloudfront.net Software AmazonS3 / Resource Hash 1f5c0cda2f46eacd3d1743b3ffdc829044ff409c7059cf684d31b16fc0ace231 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-amz-version-id 9j8ZueiGR6Tq1pl6_X5rkDrAFV6NvvzC content-encoding gzip via 1.1 3175dee9d95fb9f9ca25e0cf503a3a00.cloudfront.net (CloudFront) date Tue, 16 May 2023 19:33:15 GMT x-amz-cf-pop MXP63-P4 age 2647 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 18093 x-amz-meta-git_commit f140f48 last-modified Mon, 15 May 2023 21:47:26 GMT server AmazonS3 etag "d59a7dcacd35c2d5d9cfcac168dde906" vary Accept-Encoding content-type application/javascript cache-control max-age=3600 accept-ranges bytes x-amz-cf-id cra8hIwgEF99pvx1u7juHPSnKE1LxMNSQijMIYFo1SNuM2mbItoYtg==
GET H2	200	buffalonews.com.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/	1 KB 407 B	13ms 13ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/buffalonews.com.js?_dc=1684220414 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15241e3a3179d10cdc06cc07ba0a0b57fe925c8096abba593b52d4a86f8e86f0 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 46650 cross-origin-resource-policy cross-origin last-modified Tue, 16 May 2023 07:00:14 GMT x-vcache MISS server cloudflare etag W/"646329fe-5b9" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d670bfb90ef-FRA expires Wed, 15 May 2024 07:05:20 GMT
GET H2	200	dfp.lazy.pbjs.js Show response bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/	17 KB 4 KB	15ms 13ms	Script application/x-javascript	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.pbjs.js?_dc=1684220414 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e9c3fe0bb7e27e1fef2af1cae6a8924b40d3240418da5d484c65c00dae8f10a Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT strict-transport-security max-age=604800 content-encoding br cf-cache-status HIT age 46650 cross-origin-resource-policy cross-origin last-modified Tue, 16 May 2023 07:00:14 GMT x-vcache MISS server cloudflare etag W/"646329fe-447d" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d683d1890ef-FRA expires Wed, 15 May 2024 07:05:20 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	211 KB 71 KB	52ms 24ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 01578600eb74d42688c1eb1950e2d614a18ff0c44fc310d112da1943211fd00a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72660 x-xss-protection 0 last-modified Tue, 16 May 2023 19:19:39 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 May 2023 20:17:07 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	21ms 8ms	XHR application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-amz-version-id yHpogsakS7iCluwAmUa6Y9ccBYm32d5h content-encoding gzip via 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront) date Tue, 16 May 2023 04:38:00 GMT x-amz-cf-pop FRA56-P3 age 82610 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 11 May 2023 21:16:48 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id uB9lwBWcaz1bguYcx1tIA0qGdR65s8-6lsr6xM-RNoeFn4nG7ceB4A==
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	604 B 960 B	9ms 9ms	XHR application/json	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Fbuffalonews.com Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software Server / Resource Hash cf978cd2cd49124c75e624c0483aff4dbaa0ee91b1861362b1c7504a4963db9c Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 18:50:58 GMT via 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P3 age 5168 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://buffalonews.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 604 x-amz-cf-id gTjkWT4ZJLr11ULbE9qo7GUEBJwfNKvOtHh4M--oiEPOg9i8t1duIQ==
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	75 KB 25 KB	101ms 74ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 16ddaaf4a83e0ad0f4f3a0b6e0768ba2ddb2f6af9fe414aaf9ff1ac3ad6b5638 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25465 x-xss-protection 0 server cafe etag 523 / 19493 / m202305100101 / config-hash: 16578875482516036035 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 16 May 2023 20:17:07 GMT
GET BLOB	200 OK	841c0217-e9a5-410d-b047-5852d8d29d13 https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/841c0217-e9a5-410d-b047-5852d8d29d13 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET H2	200	tracker.gif buffalonews.com/shared-content/art/stats/common/	0 145 B	103ms 99ms	Image image/gif	192.104.182.109 LEE-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://buffalonews.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1684268227892160012001521938717814&tnms_dt=Buffalo%20News%20%7C%20Breaking%20News%20%7C%20%7C%20Read%20the%20latest%20Buffalo%2C%20NY%2C%20and%20Erie%20County%20news%20from%20the%20Buffalo%20News.%20Get%20headlines%20on%20local%20weather%2C%20entertainment%2C%20and%20events.&tnms_upage=1&tnms_do=buffalonews.com&tnms_uri=/&tnms_ref=&rt=1684268227896 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.104.182.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.chicago2.vip.townnews.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT last-modified Thu, 16 Oct 2008 20:11:25 GMT x-vcache MISS age 0 etag "48f79fed-0" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 0
GET H2	200	gtm.js Show response www.googletagmanager.com/	492 KB 118 KB	18ms 18ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2 Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 32b4a3e1badfd9dd5add6df148af7b8d4c1f106c0df360e79795b88a8c2de23f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 121035 x-xss-protection 0 last-modified Tue, 16 May 2023 19:19:39 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 May 2023 20:17:07 GMT
GET DATA	200 OK	truncated /	75 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Type image/png
OPTIONS H2	200	recordVendorsLoaded prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame	0 0	348ms 97ms	Preflight	44.215.184.28 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.215.184.28 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-215-184-28.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://buffalonews.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Tue, 16 May 2023 20:17:08 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H2	200	recordVendorsLoaded Show response prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/	0 454 B	99ms 99ms	XHR text/plain	44.215.184.28 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.215.184.28 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-215-184-28.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://buffalonews.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Tue, 16 May 2023 20:17:08 GMT content-length 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	serif-ds.woff2 bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/	26 KB 26 KB	40ms 21ms	Font application/font-woff2	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2 Requested by Host: bloximages.chicago2.vip.townnews.com URL: https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1683874814 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1683874814 Origin https://buffalonews.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT age 7969897 content-length 26164 last-modified Fri, 22 Jul 2022 17:15:37 GMT x-vcache HIT server cloudflare etag "62dadb39-6634" vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d6918e18fda-FRA expires Wed, 26 Jul 2023 10:03:13 GMT
GET DATA	200 OK	truncated /	73 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Type image/png
GET H2	200	b-f140f48-7586382c.js Show response tagan.adlightning.com/leeenterprises/	80 KB 30 KB	21ms 21ms	Script application/javascript	108.156.2.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/leeenterprises/b-f140f48-7586382c.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.2.12 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-2-12.mxp63.r.cloudfront.net Software AmazonS3 / Resource Hash b5aa611eb8a0c13f6d491ae88a0e08a706124319137c61e79974dd3488136bd1 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Fri, 31 Mar 2023 19:47:24 GMT content-encoding gzip via 1.1 3175dee9d95fb9f9ca25e0cf503a3a00.cloudfront.net (CloudFront) x-amz-version-id UtkghUTWgSLZyDEEFWZrJ8z1CoE_I..N x-amz-cf-pop MXP63-P4 age 3976185 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 29866 x-amz-meta-git_commit f140f48 last-modified Tue, 24 Jan 2023 18:42:08 GMT server AmazonS3 etag "79fd9040c7076a5f94fad513504e92b9" content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id jYD3V2jqKltX9nIONrDUQ75aLOafaEkUv9wiPqnrMvo60BGQyVU0hQ==
GET H2	200	bl-e09f10f-96efd774.js Show response tagan.adlightning.com/leeenterprises/	61 KB 26 KB	25ms 25ms	Script application/javascript	108.156.2.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/leeenterprises/bl-e09f10f-96efd774.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.2.12 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-2-12.mxp63.r.cloudfront.net Software AmazonS3 / Resource Hash bc4d17d9923c144017b41a5fba710ada45b1f2a1ec674096d2e47d9f8bf14c28 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Mon, 15 May 2023 22:11:59 GMT content-encoding gzip via 1.1 3175dee9d95fb9f9ca25e0cf503a3a00.cloudfront.net (CloudFront) x-amz-version-id 5P1OWM1okHsty7YtsF7GNN2clhKjyHPg x-amz-cf-pop MXP63-P4 age 79510 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 26145 x-amz-meta-git_commit e09f10f last-modified Mon, 15 May 2023 21:46:54 GMT server AmazonS3 etag "9d7f651593c0980918ac84dfdd0d6135" content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id 6lbXnWceAOgD_073ENN2bQM2oZ0wDqh7GA3xLn9PD2bIfevbI1F--Q==
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/	403 KB 125 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 10:47:58 GMT content-encoding br x-content-type-options nosniff age 34150 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127561 x-xss-protection 0 server cafe etag 1000764176958695900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 15 May 2024 10:47:58 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	2 KB 550 B	60ms 44ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=buffalonews.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a89a6e3da41be7dbe78307b123684ad0d0fbbc3038b92e84600f35dbf7770c5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 525 x-xss-protection 0 expires Tue, 16 May 2023 20:17:08 GMT
GET H/1.1	200 OK	iframe Show response d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 134C Redirect Chain https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe	138 B 667 B	43ms 7ms	Document text/html	13.225.83.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.83.200 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-83-200.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447 Request headers Referer https://buffalonews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Age 66395 Cache-Control max-age=86400 Connection keep-alive Content-Length 138 Content-Type text/html Date Tue, 16 May 2023 01:50:38 GMT ETag "50351b1f6590b5c4886c111874e016a0" Last-Modified Fri, 01 Oct 2021 23:50:10 GMT Server AmazonS3 Via 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront) X-Amz-Cf-Id Qs0pxh-WzEuUwt7qImsdARaBWiiXRzJt7wwDdVJCIItNn7rotOOeSA== X-Amz-Cf-Pop FRA2-C2 X-Cache Hit from cloudfront x-amz-server-side-encryption AES256 Redirect headers content-length 183 content-type text/html; charset=UTF-8 date Tue, 16 May 2023 20:17:08 GMT location https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe server Microsoft-IIS/10.0 x-powered-by ASP.NET
GET BLOB	200 OK	56d63ba5-4b1e-4271-a83b-65560cc32517 https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/56d63ba5-4b1e-4271-a83b-65560cc32517 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET BLOB	200 OK	4aba7e85-7c73-476c-97e2-2a216bd4e583 https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/4aba7e85-7c73-476c-97e2-2a216bd4e583 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET BLOB	200 OK	65d40491-361d-4acf-ac88-7f75fe6a8cfe https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/65d40491-361d-4acf-ac88-7f75fe6a8cfe Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET H2	200	/ Show response cmp.osano.com/ Frame A32B	4 KB 1 KB	7ms 6ms	Document text/html	2600:9000:223c:ce00:3:b7e:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/ Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:ce00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://buffalonews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 45845 content-encoding br content-type text/html date Tue, 16 May 2023 07:33:04 GMT etag W/"287b497c992487af362d33204f87d28f" last-modified Thu, 21 Oct 2021 22:01:08 GMT referrer-policy same-origin server AmazonS3 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Origin via 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront) x-amz-cf-id u8ZpqjFEbnZI8WVo1-PzLJb6Aj506XujsXciULSqAnVfXq23F3lR4g== x-amz-cf-pop FRA56-P2 x-amz-version-id xT1PkIFehetvNf5lINcU02FbT3u47kBr x-cache Hit from cloudfront x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	646297d5b6980.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/3/0a/30adf4b2-f360-11ed-b843-87cb7d524ec6/	12 KB 13 KB	107ms 106ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/3/0a/30adf4b2-f360-11ed-b843-87cb7d524ec6/646297d5b6980.image.jpg?crop=1600%2C900%2C0%2C82&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4137eb17d9575d322f61ae9170d3939b29951dce0d47aee0bb642a7c93cfc072 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished qual=85, origFmt=jpeg, origSize=15996 cross-origin-resource-policy cross-origin content-disposition inline; filename="646297d5b6980.webp" cf-bgj imgq:85,h2pri last-modified Mon, 15 May 2023 20:36:37 GMT server cloudflare x-vcache MISS etag "a1e99ff9e0c3a4f0fa33030b42ba5ccf" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d6bc88290ef-FRA expires Wed, 15 May 2024 18:31:26 GMT
GET H2	200	5ef2dcf59b700.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/c/5f/c5f0b21e-36fe-5ae9-9cc8-7ec2ae4df416/	16 KB 16 KB	111ms 110ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/c/5f/c5f0b21e-36fe-5ae9-9cc8-7ec2ae4df416/5ef2dcf59b700.image.jpg?crop=1662%2C935%2C0%2C155&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 349104284aa184fc2f5197482ffd420c597763a96969cbba6639fdbca1d3f40c Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished origSize=16259, status=webp_bigger cross-origin-resource-policy cross-origin content-length 16048 cf-bgj imgq:85,h2pri last-modified Wed, 24 Jun 2020 04:56:22 GMT server cloudflare x-vcache MISS etag "0f925c22fff91abd1d12d55765572472" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d6bc88490ef-FRA expires Wed, 15 May 2024 10:33:38 GMT
GET H2	200	645e8cfbd74d8.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/5/ae/5aee1ea2-f0f7-11ed-a213-73b62fc46923/	19 KB 19 KB	16ms 15ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/5/ae/5aee1ea2-f0f7-11ed-a213-73b62fc46923/645e8cfbd74d8.image.jpg?crop=1350%2C759%2C0%2C70&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8e6e15448956768cd5d9b50df805b45ab3f60f4ce0e841e50bf3c4f17409898 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT age 78641 cf-polished origSize=19733, status=webp_bigger cross-origin-resource-policy cross-origin content-length 19514 cf-bgj imgq:85,h2pri last-modified Fri, 12 May 2023 19:01:16 GMT server cloudflare x-vcache MISS etag "896013553099389ab8293d6d6b60bce3" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d6bc88590ef-FRA expires Tue, 14 May 2024 15:17:30 GMT
GET H2	200	6463e0c520791.preview.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/7/57/75781ec4-f419-11ed-9a13-b76707a9f739/	14 KB 14 KB	110ms 109ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/7/57/75781ec4-f419-11ed-9a13-b76707a9f739/6463e0c520791.preview.jpg?crop=1600%2C900%2C0%2C82&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 130f3f077ed222dce38fad8c14ebad69d89b9af5a8e7881a27ce205f1557df55 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished qual=85, origFmt=jpeg, origSize=17161 cross-origin-resource-policy cross-origin content-disposition inline; filename="6463e0c520791.webp" cf-bgj imgq:85,h2pri last-modified Tue, 16 May 2023 20:00:05 GMT server cloudflare x-vcache MISS etag "9c7c384600cb13982338c5a05ca22397" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d6bc88690ef-FRA expires Wed, 15 May 2024 20:04:09 GMT
GET H2	200	6463dc5c13ef2.preview.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/2/78/2788f606-f41f-11ed-a5d2-bf810a4626c1/	25 KB 25 KB	117ms 116ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/2/78/2788f606-f41f-11ed-a5d2-bf810a4626c1/6463dc5c13ef2.preview.jpg?crop=1600%2C900%2C0%2C82&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37efdab3047c6a89a2008afb5807d84846d6f6eeb208c3203eacd2084cea6c28 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished degrade=85, origSize=26691, status=webp_bigger cross-origin-resource-policy cross-origin cf-bgj imgq:85,h2pri last-modified Tue, 16 May 2023 19:41:16 GMT server cloudflare x-vcache MISS etag "fa52ebef7b8bd627b995f188fcab9be6" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d6bc88990ef-FRA expires Wed, 15 May 2024 19:43:46 GMT
GET H2	200	6463cd1435cff.preview.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/d2/fd2eb980-f410-11ed-906e-134d552c4132/	19 KB 19 KB	108ms 107ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/d2/fd2eb980-f410-11ed-906e-134d552c4132/6463cd1435cff.preview.jpg?crop=1153%2C649%2C1%2C1046&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3961c6e2804734accfa578695b4f96f2596801f4ed24922f5ddbe90b993fe4b1 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished origSize=20003, status=webp_bigger cross-origin-resource-policy cross-origin cf-bgj imgq:85,h2pri last-modified Tue, 16 May 2023 18:36:04 GMT server cloudflare x-vcache MISS etag "cbc2f4776d44b7de99306c7c4cad4534" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d6bc88a90ef-FRA expires Wed, 15 May 2024 19:24:42 GMT
GET H2	200	60a3df39e2c4a.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/1/4c/14cc50f8-c022-11ec-b457-839e4a53da25/	19 KB 19 KB	19ms 18ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/1/4c/14cc50f8-c022-11ec-b457-839e4a53da25/60a3df39e2c4a.image.jpg?resize=400%2C225 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5070e02695817ce74eab7a4170c7b408eb531a59e687d6ed9a2c7e9ed019001 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT age 24522 cf-polished degrade=85, origSize=21261, status=webp_bigger cross-origin-resource-policy cross-origin cf-bgj imgq:85,h2pri last-modified Tue, 19 Apr 2022 20:48:35 GMT server cloudflare x-vcache MISS etag "85abad8ac981d4d8f8e819a3b205aee8" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d6bc88b90ef-FRA expires Fri, 10 May 2024 18:24:35 GMT
GET BLOB	200 OK	1f2d2075-1714-4bb3-bd7b-b7cdf56683ce https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/1f2d2075-1714-4bb3-bd7b-b7cdf56683ce Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET BLOB	200 OK	a7dfa0c6-c0d5-47db-84ab-b939fdf9b8db https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/a7dfa0c6-c0d5-47db-84ab-b939fdf9b8db Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET BLOB	200 OK	70098bce-334c-4859-804e-683fa892c67c https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/70098bce-334c-4859-804e-683fa892c67c Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET BLOB	200 OK	7e11b849-2f73-46b0-905c-294d55ede6fa https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/7e11b849-2f73-46b0-905c-294d55ede6fa Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET BLOB	200 OK	9dc5e018-f19e-4d18-b7e3-9f5bf936fa66 https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/9dc5e018-f19e-4d18-b7e3-9f5bf936fa66 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET H/1.1	200 OK	c trkn.us/pixel/ Redirect Chain https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=2113601160 https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=2113601160&ip=217.64.151.6&cuidchk=1	42 B 780 B	608ms 608ms	Image image/gif	52.4.4.43 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=2113601160&ip=217.64.151.6&cuidchk=1 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol HTTP/1.1 Server 52.4.4.43 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-4-4-43.compute-1.amazonaws.com Software Apache / Resource Hash b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Pragma no-cache Date Tue, 16 May 2023 20:17:08 GMT X-Content-Type-Options nosniff Last-Modified Sun, 9 Nov 1980 12:59:00 GMT Server Apache Content-Type image/gif P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Cache-Control private, no-cache, no-cache=Set-Cookie, proxy-revalidate Connection keep-alive Content-Length 42 Expires Sun, 9 Nov 1980 12:58:00 GMT Redirect headers Date Tue, 16 May 2023 20:17:08 GMT X-Content-Type-Options nosniff Server Apache Content-Type text/html; charset=UTF-8 Location /pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=2113601160&ip=217.64.151.6&cuidchk=1 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Connection keep-alive Content-Length 0
GET H2	200	/ insight.adsrvr.org/track/pxl/ Frame 134C	70 B 260 B	32ms 32ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3 Requested by Host: d1eoo1tco6rr5e.cloudfront.net URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://d1eoo1tco6rr5e.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers content-type image/gif pragma no-cache date Tue, 16 May 2023 20:17:08 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	64 B 505 B	139ms 40ms	XHR text/javascript	52.222.239.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Fbuffalonews.com%2F&pid=7a5omfnENJooH&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22breakout_top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F8438%2Fbuffalonews.com%2Fhomepage%22%7D%5D&pj=%7B%22sections%22%3A%22%22%7D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdpre=1&gdprc=CAAAAAAAAAAAAEXamAENC7CwAAAAAH_AAAYgAAARAgYAALAAqABcADIAHIAQABCACQAGQANAAcgA8gB8AH8ARABFACYAE8AKQAXwAxABmADQAH4AQgAowBSgDIgGUAZYA54B3AHeAQOAg4CEAERAIsATsAoIBTwC0gF1AMUAa8A6gC8wGTAMsAZ8A1UB-4EFAIgAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.239.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-239-116.fra56.r.cloudfront.net Software Server / Resource Hash d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P4 x-amz-rid CF7721BXDK6VCS8NEV49 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://buffalonews.com access-control-allow-credentials true timing-allow-origin * content-length 64 x-amz-cf-id dVlfoFCYligZJwRF5Yzq-fVV9KLWlq_RevYLBrzDcJyqMT1nkWSqqA==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	64 B 502 B	140ms 46ms	XHR text/javascript	52.222.239.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Fbuffalonews.com%2F&pid=7a5omfnENJooH&cb=1&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22breakout_middle%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F8438%2Fbuffalonews.com%2Fhomepage%22%7D%5D&pj=%7B%22sections%22%3A%22%22%7D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdpre=1&gdprc=CAAAAAAAAAAAAEXamAENC7CwAAAAAH_AAAYgAAARAgYAALAAqABcADIAHIAQABCACQAGQANAAcgA8gB8AH8ARABFACYAE8AKQAXwAxABmADQAH4AQgAowBSgDIgGUAZYA54B3AHeAQOAg4CEAERAIsATsAoIBTwC0gF1AMUAa8A6gC8wGTAMsAZ8A1UB-4EFAIgAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.239.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-239-116.fra56.r.cloudfront.net Software Server / Resource Hash 8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P4 x-amz-rid F6ABRSHWKJC2AQRKB6NG vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://buffalonews.com access-control-allow-credentials true timing-allow-origin * content-length 64 x-amz-cf-id bSQDuAd9X9r47DGMup3qP9SMn3ujoi1iIoesoeHf6S0KDGdFz-MGEw==
GET H2	200	ads Show response pagead2.googlesyndication.com/gampad/	0 51 B	84ms 50ms	XHR text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2524598406731266&correlator=1301638422035849&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXamAENC7CwAAAAAH_AAAYgAAARAgYAALAAqABcADIAHIAQABCACQAGQANAAcgA8gB8AH8ARABFACYAE8AKQAXwAxABmADQAH4AQgAowBSgDIgGUAZYA54B3AHeAQOAg4CEAERAIsATsAoIBTwC0gF1AMUAa8A6gC8wGTAMsAZ8A1UB-4EFAIgAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Cbuffalonews.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&ifi=1&adks=3939483084&didk=2287489771&sfv=1-0-40&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D7%26lee_hours%3D20%26lee_day%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3DBuffalo%252Cbuffalo%2520ny%252CBuffalo%2520News%252Cbreaking%2520news%2520buffalo%252Cbuffalo%2520newspaper%252Clocal%2520buffalo%252Cbraves%252Cbills%252Csabres%252Cbulls%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&sc=1&abxe=1&dt=1684268228582&lmt=1684268049&dlt=1684268227371&idt=1157&adxs=799&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fbuffalonews.com%2F&frm=20&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=540764405.1684268229&ga_sid=1684268229&ga_hid=852440385&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/html; charset=UTF-8 access-control-allow-origin https://buffalonews.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response pagead2.googlesyndication.com/gampad/	0 443 B	83ms 49ms	XHR text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2524598406731266&correlator=3804625216124916&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXamAENC7CwAAAAAH_AAAYgAAARAgYAALAAqABcADIAHIAQABCACQAGQANAAcgA8gB8AH8ARABFACYAE8AKQAXwAxABmADQAH4AQgAowBSgDIgGUAZYA54B3AHeAQOAg4CEAERAIsATsAoIBTwC0gF1AMUAa8A6gC8wGTAMsAZ8A1UB-4EFAIgAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Cbuffalonews.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=3x1&ifi=2&adks=2598896842&didk=1673548521&sfv=1-0-40&prev_scp=pos%3Dnative_ad_grid_v3%2Catf%2C50%26density%3Dstandard%26lee_group%3D1%26lee_hours%3D20%26lee_day%3D2&eri=1&cust_params=k%3DBuffalo%252Cbuffalo%2520ny%252CBuffalo%2520News%252Cbreaking%2520news%2520buffalo%252Cbuffalo%2520newspaper%252Clocal%2520buffalo%252Cbraves%252Cbills%252Csabres%252Cbulls%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&sc=1&abxe=1&dt=1684268228588&lmt=1684268049&dlt=1684268227371&idt=1157&adxs=1155&adys=1096&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fbuffalonews.com%2F&frm=20&vis=1&psz=325x1&msz=325x1&fws=4&ohw=1600&ga_vid=540764405.1684268229&ga_sid=1684268229&ga_hid=852440385&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/html; charset=UTF-8 access-control-allow-origin https://buffalonews.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response pagead2.googlesyndication.com/gampad/	0 60 B	116ms 83ms	XHR text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2524598406731266&correlator=1577152676094941&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXamAENC7CwAAAAAH_AAAYgAAARAgYAALAAqABcADIAHIAQABCACQAGQANAAcgA8gB8AH8ARABFACYAE8AKQAXwAxABmADQAH4AQgAowBSgDIgGUAZYA54B3AHeAQOAg4CEAERAIsATsAoIBTwC0gF1AMUAa8A6gC8wGTAMsAZ8A1UB-4EFAIgAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Cbuffalonews.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&ifi=3&adks=1217498088&didk=2851316612&sfv=1-0-40&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D2%26lee_hours%3D20%26lee_day%3D2&eri=1&cust_params=k%3DBuffalo%252Cbuffalo%2520ny%252CBuffalo%2520News%252Cbreaking%2520news%2520buffalo%252Cbuffalo%2520newspaper%252Clocal%2520buffalo%252Cbraves%252Cbills%252Csabres%252Cbulls%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&sc=1&abxe=1&dt=1684268228591&lmt=1684268049&dlt=1684268227371&idt=1157&adxs=798&adys=7911&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fbuffalonews.com%2F&frm=20&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=540764405.1684268229&ga_sid=1684268229&ga_hid=852440385&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/html; charset=UTF-8 access-control-allow-origin https://buffalonews.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response f805eb2cc30071e035dc64f8d5950e39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A38C	6 KB 3 KB	69ms 14ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://f805eb2cc30071e035dc64f8d5950e39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://buffalonews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 16 May 2023 20:17:08 GMT expires Wed, 15 May 2024 20:17:08 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	35ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 16 May 2023 19:05:00 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 4328 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Tue, 16 May 2023 21:05:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	124 KB 46 KB	26ms 25ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7b366f20fcf8c87a4cadd4fe6e1c99e4301e027fd457911c74af71534b592493 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46726 x-xss-protection 0 last-modified Tue, 16 May 2023 19:19:39 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 May 2023 20:17:08 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	175 KB 61 KB	33ms 33ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e1af52ecbff33261e56e29cb5a6acdb34a3d4571f2749c5de6a8190d605e0dd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62240 x-xss-protection 0 last-modified Tue, 16 May 2023 19:19:39 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 May 2023 20:17:08 GMT
GET H2	200	6463d842e99af.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/2/de/2de57808-f41f-11ed-a67b-c399b7729249/	33 KB 33 KB	387ms 386ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/2/de/2de57808-f41f-11ed-a67b-c399b7729249/6463d842e99af.image.jpg?crop=1741%2C979%2C0%2C105&resize=750%2C422&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55af9918b18ffb7c741b8677100871b15cb795caffef0078cf29e83fa44f2ccb Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished qual=85, origFmt=jpeg, origSize=35546 cross-origin-resource-policy cross-origin content-disposition inline; filename="6463d842e99af.webp" cf-bgj imgq:85,h2pri last-modified Tue, 16 May 2023 19:23:48 GMT server cloudflare x-vcache MISS etag "d0b2bddeca8f6d2952136d1461f76f1c" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d6cd98290ef-FRA expires Wed, 15 May 2024 19:33:22 GMT
GET H2	200	5ef22a23dc856.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/2/60/260df202-f417-11ed-802b-47e87a7b6e2d/	9 KB 9 KB	109ms 108ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/2/60/260df202-f417-11ed-802b-47e87a7b6e2d/5ef22a23dc856.image.jpg?crop=1874%2C1054%2C45%2C0&resize=300%2C169&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e3efa305dfd42fa4cd560be56c856bc970b812845bf6799954f744f24dd324e Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished origSize=9411, status=webp_bigger cross-origin-resource-policy cross-origin cf-bgj imgq:85,h2pri last-modified Tue, 16 May 2023 18:26:17 GMT server cloudflare x-vcache MISS etag "51d8f44c4746bb5dec79238783b645a8" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d6cd98390ef-FRA expires Wed, 15 May 2024 19:26:05 GMT
GET H2	200	64623775cc1a8.preview.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/3/56/356fd772-f324-11ed-8161-9b736cc2b57e/	9 KB 9 KB	106ms 106ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/3/56/356fd772-f324-11ed-8161-9b736cc2b57e/64623775cc1a8.preview.jpg?crop=1002%2C564%2C132%2C80&resize=300%2C169&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4be795d1c960e7b490307897908386b65fc6a38963682e8632a9d19fc6b30ddd Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished qual=85, origFmt=jpeg, origSize=12305 cross-origin-resource-policy cross-origin content-disposition inline; filename="64623775cc1a8.webp" content-length 8792 cf-bgj imgq:85,h2pri last-modified Mon, 15 May 2023 13:45:26 GMT server cloudflare x-vcache MISS etag "d61a6e5e928162a6fd35cbacfd17714b" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d6cd98590ef-FRA expires Tue, 14 May 2024 13:56:49 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	224 KB 79 KB	20ms 20ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9192d3b199cead6514f5c9b5587be32ad24c3299cadaa99ad4808ab2fab572e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80321 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 16 May 2023 20:17:08 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	228 KB 79 KB	21ms 21ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7WMGT4N7SH&l=dataLayer&cx=c Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0a0bb27238307d1cc32540746dd6f2a3954770dcd84e103c328246902e579ff7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81157 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 16 May 2023 20:17:08 GMT
GET H2	200	/ Show response cmp.osano.com/ Frame A054	4 KB 1 KB	8ms 6ms	Document text/html	2600:9000:223c:ce00:3:b7e:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/ Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:ce00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://buffalonews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 45845 content-encoding br content-type text/html date Tue, 16 May 2023 07:33:04 GMT etag W/"287b497c992487af362d33204f87d28f" last-modified Thu, 21 Oct 2021 22:01:08 GMT referrer-policy same-origin server AmazonS3 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Origin via 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront) x-amz-cf-id DIgiR5RypGzOV0FCPFkLf_FU6b35NiPWyIefRC2oURFq2X9dN2STBw== x-amz-cf-pop FRA56-P2 x-amz-version-id xT1PkIFehetvNf5lINcU02FbT3u47kBr x-cache Hit from cloudfront x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/	74 B 439 B	71ms 15ms	XHR application/json	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://buffalonews.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type text/plain Response headers date Tue, 16 May 2023 20:17:08 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://buffalonews.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94 x-xss-protection 0
GET BLOB	200 OK	d5ed98fe-9311-45c7-90e5-7b5cd7889652 https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/d5ed98fe-9311-45c7-90e5-7b5cd7889652 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
POST H2	200	auction Show response bidder.newspassid.com/openrtb2/	134 B 760 B	510ms 218ms	XHR application/json	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/openrtb2/auction Requested by Host: bloximages.chicago2.vip.townnews.com URL: https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid7.9.0.js?_dc=1684220414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash ec5933119917bcdd2cf6c33375f2da7c467d6ada8e39ce17fbb17e31290261a8 Request headers Referer https://buffalonews.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 May 2023 20:17:09 GMT vary Origin content-type application/json access-control-allow-origin https://buffalonews.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 134 expires 0
POST H2	200	auction Show response bidder.newspassid.com/openrtb2/	134 B 761 B	513ms 230ms	XHR application/json	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/openrtb2/auction Requested by Host: bloximages.chicago2.vip.townnews.com URL: https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid7.9.0.js?_dc=1684220414 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash 0043ce257e456af3946566b578aae91dcbc460424d09f5ea6a898361f6532f74 Request headers Referer https://buffalonews.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 May 2023 20:17:09 GMT vary Origin content-type application/json access-control-allow-origin https://buffalonews.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 134 expires 0
POST H2	200	publisher:getClientId Show response ampcid.google.de/v1/	3 B 368 B	51ms 15ms	XHR application/json	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://buffalonews.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type text/plain Response headers date Tue, 16 May 2023 20:17:08 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://buffalonews.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 x-xss-protection 0
GET BLOB	200 OK	0f950bd6-2a14-485b-a52f-7b7036b5a6de https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/0f950bd6-2a14-485b-a52f-7b7036b5a6de Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET BLOB	200 OK	e1ffc0c6-64de-4652-8188-f626e441ca60 https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/e1ffc0c6-64de-4652-8188-f626e441ca60 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET H2	200	6463bf8328659.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/6/0f/60fe8856-f410-11ed-a839-53a43320294e/	12 KB 13 KB	103ms 102ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/6/0f/60fe8856-f410-11ed-a839-53a43320294e/6463bf8328659.image.jpg?crop=1024%2C576%2C0%2C53&resize=300%2C169&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c2d1f29b049cffd94a1c385ec336736981911168a24bcc53e90d25aeed16e7f Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished origSize=12870, status=webp_bigger cross-origin-resource-policy cross-origin content-length 12739 cf-bgj imgq:85,h2pri last-modified Tue, 16 May 2023 17:38:11 GMT server cloudflare x-vcache MISS etag "66968028e57232f7b26f6d90ad51ce6b" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d6e1a9e90ef-FRA expires Wed, 15 May 2024 17:56:26 GMT
GET H2	200	64628e1819a70.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/6/b7/6b781c86-f35a-11ed-8068-c759df67f6be/	15 KB 15 KB	113ms 113ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/6/b7/6b781c86-f35a-11ed-8068-c759df67f6be/64628e1819a70.image.jpg?crop=1782%2C1002%2C0%2C80&resize=300%2C169&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5e22e48e781aa05bc436de311d628f284af80e621b46956b6c55213febc382d Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished degrade=85, origSize=17427, status=webp_bigger cross-origin-resource-policy cross-origin cf-bgj imgq:85,h2pri last-modified Mon, 15 May 2023 19:55:19 GMT server cloudflare x-vcache MISS etag "266c8a32e00d52f2247b82dbc690ae42" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d6e1aa090ef-FRA expires Wed, 15 May 2024 16:00:08 GMT
GET H2	200	6348386423e8a.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/3/34/334ac39a-f3fa-11ed-9150-b36d8e366417/	16 KB 16 KB	107ms 107ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/3/34/334ac39a-f3fa-11ed-9150-b36d8e366417/6348386423e8a.image.jpg?crop=1040%2C585%2C0%2C41&resize=300%2C169&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 885e289afcbc63bcf840396b7219ba2db04e0940a97ba23224bbc670bbdc1cc8 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished degrade=85, origSize=18170, status=webp_bigger cross-origin-resource-policy cross-origin content-length 16100 cf-bgj imgq:85,h2pri last-modified Tue, 16 May 2023 14:59:04 GMT server cloudflare x-vcache MISS etag "8f86fec262a1fc0dca667e2a721b05ba" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d6e1aa290ef-FRA expires Wed, 15 May 2024 15:08:07 GMT
GET H2	200	636aee5abc001.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/68/f6867f98-5fc1-11ed-b49b-6352981394ad/	14 KB 15 KB	125ms 125ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/68/f6867f98-5fc1-11ed-b49b-6352981394ad/636aee5abc001.image.jpg?crop=1600%2C900%2C0%2C82&resize=300%2C169&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9dd78bce764f45f5822ef265f4d396d152def3c9a8e0294123dec041b514fac5 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished degrade=85, origSize=16847, status=webp_bigger cross-origin-resource-policy cross-origin content-length 14648 cf-bgj imgq:85,h2pri last-modified Wed, 09 Nov 2022 00:03:39 GMT server cloudflare x-vcache MISS etag "15ed5f84df07a2990a60fdd9f62591aa" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d6e1aa390ef-FRA expires Wed, 15 May 2024 15:05:09 GMT
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:06:33 GMT content-encoding gzip x-content-type-options nosniff age 635 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 16 May 2023 21:06:33 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	223 KB 78 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f5a21c6140d95c72a77f79ccd2dc9cff4b36b1f23a44e863eae78b313742d305 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80050 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 16 May 2023 20:17:08 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/	104 KB 28 KB	87ms 18ms	Script text/javascript	108.138.203.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.203.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-203-175.mxp64.r.cloudfront.net Software AmazonS3 / Resource Hash 78750729dbbbdc0c9e92a1d6deb1a9e7c11a0e15672b297269ad96d71ad8cfad Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-amz-version-id TjREG5pO6c7neKS4lyRZq2ILF.GPSb2y content-encoding br via 1.1 0dc077fca1f502dbc27ace63a9467318.cloudfront.net (CloudFront) date Tue, 16 May 2023 20:16:44 GMT x-amz-cf-pop MXP64-P2 age 30 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 09 May 2023 20:11:50 GMT server AmazonS3 etag W/"3f54773943d8aa47eb507df55eaa2a3a" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 vary Accept-Encoding x-amz-cf-id Jhs2OttkT-0gf1TTR91Jjce9cjTY_krxiNHGvAfvPFYc9qT6e7mwCw==
GET H2	200	settings Show response cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/	2 KB 1 KB	47ms 16ms	Fetch application/json	108.138.203.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.203.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-203-175.mxp64.r.cloudfront.net Software AmazonS3 / Resource Hash fb031d9dee6e32d8d7ff3da0161c065c973d405726d5ab2d128b432ec1c74256 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-amz-version-id fCjfMoP.e7DW7bpiXOE_ANgtpW9pVkie content-encoding gzip via 1.1 d69f68bdb59268bebbaddc94da429b1a.cloudfront.net (CloudFront) date Tue, 16 May 2023 18:59:25 GMT x-amz-cf-pop MXP64-P2 age 4664 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 26 Apr 2023 22:31:59 GMT server AmazonS3 etag W/"6fce5d1d76e3f61669081d1dcbc00a29" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 vary Accept-Encoding x-amz-cf-id 0I1X_YRNx_H-G6HEKq0W_oOWLoxgZk1RrbxkBj-SPyamP5apz9A6rg==
GET H2	200	ajs-destination.bundle.a1b5627f72b6c90f2baa.js Show response cdn.segment.com/analytics-next/bundles/	9 KB 3 KB	15ms 15ms	Script application/javascript	108.138.203.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.a1b5627f72b6c90f2baa.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.203.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-203-175.mxp64.r.cloudfront.net Software AmazonS3 / Resource Hash d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Thu, 13 Apr 2023 20:54:43 GMT x-amz-version-id Fjraw.Lsd8HbYPy_0cCEVx.u3xIkkAr4 content-encoding br via 1.1 0dc077fca1f502dbc27ace63a9467318.cloudfront.net (CloudFront) x-amz-cf-pop MXP64-P2 age 2848947 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 13 Apr 2023 20:09:29 GMT server AmazonS3 etag W/"dba2c033bf5f6f351c330af3a7fde619" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id mIeZlPPcXLE59MV0I-AhCKFj4yMpPLghi-1JrvOqzx0sm9t9eVwpMQ==
GET H2	200	schemaFilter.bundle.f63551a29dc1697f71b6.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	17ms 17ms	Script application/javascript	108.138.203.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.203.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-203-175.mxp64.r.cloudfront.net Software AmazonS3 / Resource Hash b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Sun, 09 Apr 2023 08:13:50 GMT x-amz-version-id 7v1rN2ivnCU2uh31E1NLY_8wZAV9scTR content-encoding br via 1.1 0dc077fca1f502dbc27ace63a9467318.cloudfront.net (CloudFront) x-amz-cf-pop MXP64-P2 age 3240200 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Sun, 09 Apr 2023 08:07:19 GMT server AmazonS3 etag W/"2a359f6227308e4ee31623f9381ae1d7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id 775DpPX8uUmJgAo1gd_O1_cA9c03VKmPSzQjiLCqNPf75CY50wYRdw==
GET H2	200	survicate.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/survicate/1.0.3/	31 KB 8 KB	23ms 22ms	Script application/javascript	108.138.203.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/survicate/1.0.3/survicate.dynamic.js.gz Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.203.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-203-175.mxp64.r.cloudfront.net Software AmazonS3 / Resource Hash 6b4834d2f44f07a9da65dd002108da7f574827f3bfadfc55d5885ae5d48169ef Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 29 Mar 2023 00:15:15 GMT content-encoding gzip via 1.1 0dc077fca1f502dbc27ace63a9467318.cloudfront.net (CloudFront) x-amz-version-id r7Yd9e1wl2O66d8_0rShzjtBHHKEBJkL x-amz-cf-pop MXP64-P2 age 4219315 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 7696 last-modified Thu, 23 Mar 2023 13:55:25 GMT server AmazonS3 etag "6e9c384e02a329217f6eacce8a8af979" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id 5vmlIZYgyuVsrJU8MJa6zzHsiJJfOXhirWzuA4i_077S26CCf9bpRg==
GET H2	200	commons.c42222c4cb2f8913500f.js.gz Show response cdn.segment.com/next-integrations/integrations/vendor/	73 KB 22 KB	31ms 30ms	Script application/javascript	108.138.203.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.203.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-203-175.mxp64.r.cloudfront.net Software AmazonS3 / Resource Hash b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Thu, 20 Apr 2023 06:01:04 GMT content-encoding gzip via 1.1 0dc077fca1f502dbc27ace63a9467318.cloudfront.net (CloudFront) x-amz-version-id _CDAHRpSMnFhUQgRIVvCIby4N2cITv0X x-amz-cf-pop MXP64-P2 age 2297766 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 22177 last-modified Mon, 17 Apr 2023 06:44:02 GMT server AmazonS3 etag "befb217271e2e926c7d898f1c85f6cb7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id BhzNmnqGDBRwDK6H_tLzsX0n_0VVU1nfQ9y60ld5DTaQFFuy8ak6wQ==
GET BLOB	200 OK	999e79c4-4ff3-471c-9efb-e17fc7da6d09 https://buffalonews.com/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://buffalonews.com/999e79c4-4ff3-471c-9efb-e17fc7da6d09 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
POST H2	200	p Show response api.segment.io/v1/	21 B 174 B	526ms 170ms	Fetch application/json	52.36.153.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.36.153.191 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-36-153-191.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://buffalonews.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://buffalonews.com date Tue, 16 May 2023 20:17:09 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET H2	200	web_surveys.js Show response survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/	74 KB 8 KB	91ms 14ms	Script application/javascript	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/web_surveys.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash 83310177a0430374d57a21b944749a745009e5ed8b4f4a9290f143aec5f38f97 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT x-amz-version-id wO4HNVvwuHmtBoBloX4EJgnXogH4Lpxk x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cdn-edgestorageid 723 content-security-policy default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey; x-amz-request-id G3FY7HE0BD8RV0RJ cdn-cachedat 05/16/2023 19:36:04 cdn-pullzone 1158558 x-amz-id-2 7Unlf3ZDpxIH0uE4IWRWbBcbF9GWKwBPTWtobs1xvnf/Dta3Pk6VShnaHQXmqupPNR16X+H+Fek= x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 16 May 2023 19:34:58 GMT server BunnyCDN-DE1-1077 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"e5491b469031207db3779d0d9edf3f24" vary Accept-Encoding, Accept-Encoding report-to { "group": "csp-endpoint-survey", "max_age": 10886400, "endpoints": [{ "url": "https://panel-api.survicate.com/_/report_csp/survey" }] } content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid 039640c0-4b09-428d-a0ae-513ccdd44502 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=300 cdn-requestid 804821caf1cf85da4cdd62750e9edf2c cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	fonts.css surveys-static.survicate.com/fonts/	10 KB 2 KB	75ms 13ms	Stylesheet text/css	2400:52e0:1e00::863:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://surveys-static.survicate.com/fonts/fonts.css Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::863:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-863 / Resource Hash bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-security-policy default-src 'self' content-encoding br cdn-edgestorageid 1078 x-amz-request-id 8CPJXTKVE7VJQ2B4 cdn-cachedat 01/24/2023 13:37:14 cdn-pullzone 1133799 x-amz-id-2 rygMf0uKHUTDCp40XETvI5YhfgpM07l9py3qK0kUWWMMEBSS/WT96eIZTQi0fOlvyJRzahcGiDs= x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 13 Apr 2022 12:02:06 GMT server BunnyCDN-DE1-863 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"175a0d0343589473e72c6e512936d749" vary Accept-Encoding, Accept-Encoding x-frame-options DENY content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 039640c0-4b09-428d-a0ae-513ccdd44502 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=604800 cdn-requestid 5e96ec4c25924757bf300ecc6faea186 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	widget_core-18.5.0.js Show response surveys-static.survicate.com/	310 KB 85 KB	74ms 14ms	Script application/x-javascript	2400:52e0:1e00::863:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://surveys-static.survicate.com/widget_core-18.5.0.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::863:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-863 / Resource Hash 463840b9e759662087638ea7dfe5d3edec642b18ee941f11c93dcfb8d2c45612 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://buffalonews.com/ Origin https://buffalonews.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding br x-amz-request-id VFX5AM4V177WVKV3 cdn-pullzone 1133799 x-amz-meta-codebuild-content-md5 65b8a79ed016fb55543863cdc1d01f6d referrer-policy strict-origin-when-cross-origin cdn-proxyver 1.03 etag W/"c4a863a0c8f16cb5fff334b2870f59a7" x-frame-options DENY vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=604800 x-amz-meta-codebuild-content-sha256 46d9567673a95dd85376d45dc1285aebc0fc8d7dc45da069825c5b330f3a197e cdn-cache HIT cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match date Tue, 16 May 2023 20:17:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cdn-edgestorageid 723 x-amz-meta-codebuild-buildarn arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:af85a177-6974-487f-8d50-15e2a06378a6 cdn-cachedat 05/16/2023 08:45:33 x-amz-id-2 KP4Yepv/WH1cgqPdd2Ry2gvfNyYKtZDKSffFNtGsI5uXXvcmX8iqYLf8kF+8PK2WIO8tddfgk8M= x-xss-protection 1; mode=block last-modified Tue, 16 May 2023 08:34:56 GMT server BunnyCDN-DE1-863 cdn-requestpullcode 200 access-control-max-age 3600 cdn-uid 039640c0-4b09-428d-a0ae-513ccdd44502 cdn-requestid d305a85f755a9e8f0d08107522d4fb9b cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ads Show response pagead2.googlesyndication.com/gampad/	0 60 B	53ms 53ms	XHR text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2524598406731266&correlator=1594122175852936&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXamAENC7CwAAAAAH_AAAYgAAARAgYAALAAqABcADIAHIAQABCACQAGQANAAcgA8gB8AH8ARABFACYAE8AKQAXwAxABmADQAH4AQgAowBSgDIgGUAZYA54B3AHeAQOAg4CEAERAIsATsAoIBTwC0gF1AMUAa8A6gC8wGTAMsAZ8A1UB-4EFAIgAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Cbuffalonews.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=4&adks=4133320444&didk=143978982&sfv=1-0-40&prev_scp=pos%3Dbreakout_top%2Cbtf%26density%3Dstandard%26lee_group%3D6%26lee_hours%3D20%26lee_day%3D2%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3DBuffalo%252Cbuffalo%2520ny%252CBuffalo%2520News%252Cbreaking%2520news%2520buffalo%252Cbuffalo%2520newspaper%252Clocal%2520buffalo%252Cbraves%252Cbills%252Csabres%252Cbulls%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&ppid=c291aaea557a48d2995cbd8786498d0d&sc=1&abxe=1&dt=1684268229314&lmt=1684268049&dlt=1684268227371&idt=1157&adxs=315&adys=779&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fbuffalonews.com%2F&frm=20&vis=1&psz=1600x250&msz=1600x250&fws=4&ohw=1600&cbidsp=ClwIATIGdjcuOS4wEh0KCm5ld3NwYXNzaWRSCm5ld3NwYXNzaWQQhgQgAhgCIiQwY2JkZmQwNS1mMzc1LTQ1NTYtYTY1Zi01ZGFlMGQwZjc2OWYqBAgDIABKAEDoBw.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/html; charset=UTF-8 access-control-allow-origin https://buffalonews.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response pagead2.googlesyndication.com/gampad/	0 60 B	51ms 51ms	XHR text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2524598406731266&correlator=2529050337538344&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXamAENC7CwAAAAAH_AAAYgAAARAgYAALAAqABcADIAHIAQABCACQAGQANAAcgA8gB8AH8ARABFACYAE8AKQAXwAxABmADQAH4AQgAowBSgDIgGUAZYA54B3AHeAQOAg4CEAERAIsATsAoIBTwC0gF1AMUAa8A6gC8wGTAMsAZ8A1UB-4EFAIgAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Cbuffalonews.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=5&adks=3409498352&didk=1152253615&sfv=1-0-40&prev_scp=pos%3Dbreakout_middle%2Cbtf%2C60%26density%3Dstandard%26lee_group%3D6%26lee_hours%3D20%26lee_day%3D2%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3DBuffalo%252Cbuffalo%2520ny%252CBuffalo%2520News%252Cbreaking%2520news%2520buffalo%252Cbuffalo%2520newspaper%252Clocal%2520buffalo%252Cbraves%252Cbills%252Csabres%252Cbulls%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&ppid=c291aaea557a48d2995cbd8786498d0d&sc=1&abxe=1&dt=1684268229326&lmt=1684268049&dlt=1684268227371&idt=1157&adxs=315&adys=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fbuffalonews.com%2F&frm=20&vis=1&psz=1584x250&msz=1584x250&fws=4&ohw=1600&cbidsp=ClwIATIGdjcuOS4wEh0KCm5ld3NwYXNzaWRSCm5ld3NwYXNzaWQQkwQgAhgCIiQzMGQ5N2ViZi1iZmQ5LTQyNTUtOWUzNy00ZjE0MDQ1ZDJjOTAqBAgDIABKAEDoBw.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/html; charset=UTF-8 access-control-allow-origin https://buffalonews.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response buffalonews.com/tncms/dmp/segment_audiences/	120 B 678 B	339ms 339ms	Fetch application/json	192.104.182.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://buffalonews.com/tncms/dmp/segment_audiences/?anonymous_id=6ea25335-dfa4-4127-bb08-6c1a7c9d1151 Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.104.182.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.chicago2.vip.townnews.com Software / Resource Hash ef06f81d5b520b37b572a36f73360026c0762156eea79a211b41a2d3674d8e56 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json Referer https://buffalonews.com/ X-Requested-Feature geoip accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-security-policy upgrade-insecure-requests content-encoding gzip age 0 content-length 110 x-xss-protection 1; mode=block x-loop 1 referrer-policy strict-origin-when-cross-origin last-modified Tue, 16 May 2023 20:17:09 GMT x-vcache MISS etag W/cc338f76254fc6f2684e2ed851ae73fb x-frame-options SAMEORIGIN vary Origin, X-Townnews-Now-API-Version, Accept-Encoding content-type application/json; charset=UTF-8 x-tncms 1.69.1; app11; 0.23s; 0.9M cache-control public, max-age=300 accept-ranges bytes x-robots-tag noarchive
GET H2	200	646257db38471.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/0/7a/07aecffa-f34c-11ed-9da4-b7bb3cb6ff1d/	13 KB 13 KB	120ms 119ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/0/7a/07aecffa-f34c-11ed-9da4-b7bb3cb6ff1d/646257db38471.image.jpg?crop=1600%2C900%2C0%2C28&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7929edc804767e32f4b2318fdd6c742a38a8c1058de8cbd6f15700add78ab47 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished qual=85, origFmt=jpeg, origSize=17085 cross-origin-resource-policy cross-origin content-disposition inline; filename="646257db38471.webp" content-length 13136 cf-bgj imgq:85,h2pri last-modified Mon, 15 May 2023 18:12:19 GMT server cloudflare x-vcache MISS etag "925fc2f9f6dfa0b999f7f28a002d8c31" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d725f6990ef-FRA expires Wed, 15 May 2024 10:08:32 GMT
GET H2	200	6462a33fef668.preview.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/0/20/020db42e-f367-11ed-bff0-c343646f33e6/	23 KB 23 KB	120ms 120ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/0/20/020db42e-f367-11ed-bff0-c343646f33e6/6462a33fef668.preview.jpg?crop=1280%2C720%2C0%2C39&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71225dc878fcbb0654764b55f3961f9c6e9b5e7b35dd57bbcb412b17fed9b20e Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT strict-transport-security max-age=604800 cf-cache-status HIT cf-polished origSize=23382, status=webp_bigger cross-origin-resource-policy cross-origin cf-bgj imgq:85,h2pri last-modified Mon, 15 May 2023 21:25:27 GMT server cloudflare x-vcache MISS etag "80911f48d7b6fecca14ecf18cdc6ee97" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d725f6c90ef-FRA expires Wed, 15 May 2024 09:45:31 GMT
GET H2	200	63fcfdde90823.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/1/7d/17d7877a-f359-11ed-a85d-b32ce20784b5/	10 KB 10 KB	15ms 14ms	Image image/webp	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/1/7d/17d7877a-f359-11ed-a85d-b32ce20784b5/63fcfdde90823.image.jpg?crop=1600%2C900%2C0%2C82&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09b216ec4e8d6744684877fa1a20590d0bc73969c96e34b9c69d3f1796a9528a Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT strict-transport-security max-age=604800 cf-cache-status HIT age 78624 cf-polished qual=85, origFmt=jpeg, origSize=14478 cross-origin-resource-policy cross-origin content-disposition inline; filename="63fcfdde90823.webp" cf-bgj imgq:85,h2pri last-modified Mon, 15 May 2023 19:45:49 GMT server cloudflare x-vcache MISS etag "07e2cd4fd9cba83692d35dd826b44137" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive cf-ray 7c864d725f6d90ef-FRA expires Tue, 14 May 2024 20:48:32 GMT
GET H2	200	6177599127bdd.image.jpg bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/d/1b/d1b67876-35fb-11ec-8a30-17b564938ae9/	15 KB 16 KB	15ms 15ms	Image image/jpeg	104.16.133.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/d/1b/d1b67876-35fb-11ec-8a30-17b564938ae9/6177599127bdd.image.jpg?crop=1592%2C896%2C0%2C1&resize=400%2C225&order=crop%2Cresize Requested by Host: buffalonews.com URL: https://buffalonews.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c717c731c30a994fd1b836200e0391d6662aa985383f38b8242215796f7bc84 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT strict-transport-security max-age=604800 cf-cache-status HIT age 78629 cf-polished origSize=15915, status=webp_bigger cross-origin-resource-policy cross-origin content-length 15704 cf-bgj imgq:85,h2pri last-modified Tue, 26 Oct 2021 01:27:45 GMT server cloudflare x-vcache MISS etag "3a53d06347b726a686242d52c2832735" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noarchive cf-ray 7c864d725f6e90ef-FRA expires Tue, 14 May 2024 19:26:37 GMT
GET H2	404	rt=ifr Show response bcp.crwdcntrl.net/5/c=6894/rand=286952319/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%... Frame B21E	181 B 409 B	105ms 30ms	Document text/html	34.255.163.138 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/5/c=6894/rand=286952319/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22Buffalo%2C%20buffalo%20ny%2C%20Buffalo%20News%2C%20breaking%20news%20buffalo%2C%20buffalo%20newspaper%2C%20local%20buffalo%2C%20braves%2C%20bills%2C%20sabres%2C%20bulls%2C%20bandits%2C%20erie%20county%2C%20buffalo%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%20New%20York%22%7D/rt=ifr Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.163.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-163-138.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash eb922d8aa175b8fe481c695f4fb7e741c8eb665ef7469c305d2d4414a5e2d678 Request headers Referer https://buffalonews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-cache content-length 181 content-type text/html;charset=utf-8 date Tue, 16 May 2023 20:17:09 GMT expires 0 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV pragma no-cache server Jetty(9.4.38.v20210224) x-server 10.45.23.177
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	65ms 64ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305100101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 125ad7bec06faaad125f00314c47dad990aa9fdee923afe74f8276af73146c09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11122 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	104ms 83ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 16 May 2023 20:17:09 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 757C	13 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://buffalonews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 10305 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 16 May 2023 17:25:24 GMT expires Wed, 15 May 2024 17:25:24 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response pagead2.googlesyndication.com/bg/ Frame 757C	37 KB 14 KB	21ms 7ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 16:53:57 GMT content-encoding br x-content-type-options nosniff age 12192 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14627 x-xss-protection 0 last-modified Mon, 08 May 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 15 May 2024 16:53:57 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 757C	0 10 B	6ms 6ms	Image text/plain	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?a3Vc3Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:09 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	44ms 43ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305100101&jk=2524598406731266&bg=!eHuley_NAAYldGN0BXQ7ADkAdvg8WiUpxSsNF4KUw4fDHS8yLrIuSdnNXW95yyMiWPOsas_S0qdd0N0dmctCn3ykp7jMX9gXQzgCAAAASVIAAAABaAEHmQKj8XqlN_PO9eK736XbYjOd8-btJbMDP7TvHEnc3dxuFQ1E7-N_8Nzdk7RnHe8TOoQ_0ZMpsDA2t9j_GtKx_4TG3Btz8F_832sgvbd7tuCBSfwkUjDMp7hAYm4AOmUpaw_6qllRSpjDas9Am1qZLgxvlu5iCNTD2Pz-VSq7h8BPtmK0g5HLxcQkXGSoyDs9tVT10sajSMz9A_G5GePoRVdQSryOGuJ3Af0PgPcZL4-cy3QoUuC9ZZZpr-Rf51Mnz88VwW4x91_MtC7gs5DsLJ9mYjSkUR4pmBTF6tegsbcXZa-avfCnhNSJiTOTtS6qN96sESuI6gnkAEbb47oEHm0Mbt6SNRuPhK4Qtr0-EL9MTKsgmqgdNUjOQPojjJn5e_z0fwWhJzd6PdgqMS2Oph-IIGRgECpy9n-yapcfndVsXY7Mzrp4uYkCjDT_-iJ-pjYR10ZeQYPszu33WEAJmZ21e-QsKK6h5T7LVHYys-B9bTzmsieSlys4YOf1YWZIPyZUgGtlY0cQBwpb4bXmeNLeLupJyhG5yaqgFR6sckU1-xSuqYYy0__7cnl7z8C7xHzKzG1jxCjvuKfx2bJiL9ycf4_BOSy8EfIjen-tEThA4fkacIwv9tHUmbRZmrgFPmb1frF-TFpfZ1KXoJhI4WUleIzYVoHyLiPTv6KgHqUaeCN3iFGwXX_S1AbzgBms9_txClSrOS5pIX8a3eDO8uLmoaKxoqCGPJG-SEc4tL1dWkeZgp6_ldF6sofvJ6HUcc-oPuPcAfXujrLofSuYk1cVU-dxBiEehJxPZ_5jUST2ga8ZC_syBCfvfGyKjdWGBwt2NsWsCo4CO0kduCqGLbckE3l1r3lcgh5zf7wQ5qCJhD2wxhjDaVZSra1d_a0Igw0SPesb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://buffalonews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers
GET H2	200	load-cookie.html Show response bidder.newspassid.com/static/ Frame EFA9	12 KB 13 KB	103ms 102ms	Document text/html	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=c291aaea-557a-48d2-995c-bd8786498d0d&publisherId=NPID10000001&siteId=3500000368&cb=1684268229305&bidder=newspassid Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash 202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2 Request headers Referer https://buffalonews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache, no-store, must-revalidate content-length 12255 content-type text/html; charset=utf-8 date Tue, 16 May 2023 20:17:12 GMT expires 0 last-modified Thu, 11 May 2023 10:29:14 GMT pragma no-cache vary Origin
GET H2	200	load-cookie.html Show response bidder.newspassid.com/static/ Frame 1F67	12 KB 13 KB	201ms 201ms	Document text/html	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=c291aaea-557a-48d2-995c-bd8786498d0d&publisherId=NPID10000001&siteId=3500000368&cb=1684268229323&bidder=newspassid Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash 202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2 Request headers Referer https://buffalonews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache, no-store, must-revalidate content-length 12255 content-type text/html; charset=utf-8 date Tue, 16 May 2023 20:17:12 GMT expires 0 last-modified Thu, 11 May 2023 10:29:14 GMT pragma no-cache vary Origin
POST H2	200	cookie_sync Show response bidder.newspassid.com/ Frame EFA9	3 KB 4 KB	106ms 103ms	XHR text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/cookie_sync Requested by Host: bidder.newspassid.com URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=c291aaea-557a-48d2-995c-bd8786498d0d&publisherId=NPID10000001&siteId=3500000368&cb=1684268229305&bidder=newspassid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash b4ed93d628acbbf0d0a7ed8273bcf9c9f18b98ee1943d7ee21ab912d92129e4f Request headers Referer https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=c291aaea-557a-48d2-995c-bd8786498d0d&publisherId=NPID10000001&siteId=3500000368&cb=1684268229305&bidder=newspassid accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 May 2023 20:17:12 GMT vary Origin content-type text/plain; charset=utf-8 access-control-allow-origin https://bidder.newspassid.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true expires 0
POST H2	200	cookie_sync Show response bidder.newspassid.com/ Frame 1F67	3 KB 4 KB	115ms 114ms	XHR text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/cookie_sync Requested by Host: bidder.newspassid.com URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=c291aaea-557a-48d2-995c-bd8786498d0d&publisherId=NPID10000001&siteId=3500000368&cb=1684268229323&bidder=newspassid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash 6e494b717f5b5e548157730dc1adbe304bbb1251e08cdce803a436f21ef2f867 Request headers Referer https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=c291aaea-557a-48d2-995c-bd8786498d0d&publisherId=NPID10000001&siteId=3500000368&cb=1684268229323&bidder=newspassid accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 May 2023 20:17:12 GMT vary Origin content-type text/plain; charset=utf-8 access-control-allow-origin https://bidder.newspassid.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true expires 0
GET H2	200	setuid bidder.newspassid.com/ Frame EFA9 Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&sovrn_retry=true https://bidder.newspassid.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GqChqLZHAz8yUdWTR5GX1GFm	0 780 B	103ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GqChqLZHAz8yUdWTR5GX1GFm Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:12 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers Date Tue, 16 May 2023 20:17:12 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://bidder.newspassid.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GqChqLZHAz8yUdWTR5GX1GFm Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap2ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	204	v1 match.sharethrough.com/FGMrCMMc/ Frame 1F67	0 365 B	49ms 8ms	Image text/plain	35.158.212.168 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.212.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-212-168.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:12 GMT
GET H2	200	setuid bidder.newspassid.com/ Frame 1F67 Redirect Chain https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_p... https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D&gdpr=0&gdpr_consent=&s=... https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZGPkyMeT56rXf1qR-LiJugAA%261218	0 898 B	103ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZGPkyMeT56rXf1qR-LiJugAA%261218 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:12 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers Pragma no-cache Date Tue, 16 May 2023 20:17:12 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZGPkyMeT56rXf1qR-LiJugAA%261218 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 0 Expires 0
GET H2	200	setuid bidder.newspassid.com/ Frame EFA9 Redirect Chain https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=pbs-newspassid&ox_sc=1 https://bidder.newspassid.com/setuid?bidder=openx&uid=ba3db499-ec7b-4ad5-ab66-e54234bea4d1	0 909 B	103ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=openx&uid=ba3db499-ec7b-4ad5-ab66-e54234bea4d1 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:12 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers pragma no-cache date Tue, 16 May 2023 20:17:12 GMT via 1.1 google content-type text/html; charset=utf-8 location https://bidder.newspassid.com/setuid?bidder=openx&uid=ba3db499-ec7b-4ad5-ab66-e54234bea4d1 p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 117
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame FF65	16 KB 6 KB	47ms 7ms	Document text/html	23.32.184.192 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Requested by Host: bidder.newspassid.com URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=c291aaea-557a-48d2-995c-bd8786498d0d&publisherId=NPID10000001&siteId=3500000368&cb=1684268229323&bidder=newspassid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-184-192.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48 Request headers Referer https://bidder.newspassid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=24600 content-encoding gzip content-length 5554 content-type text/html date Tue, 16 May 2023 20:17:12 GMT expires Wed, 17 May 2023 03:07:12 GMT last-modified Fri, 16 Dec 2022 06:36:49 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	setuid bidder.newspassid.com/ Frame EFA9 Redirect Chain https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=4a43e9c9-d8c2-4ee2-89d6-10c2c3b8e77d	0 1 KB	109ms 102ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=4a43e9c9-d8c2-4ee2-89d6-10c2c3b8e77d Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers location https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=4a43e9c9-d8c2-4ee2-89d6-10c2c3b8e77d access-control-allow-origin * date Tue, 16 May 2023 20:17:13 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	setuid bidder.newspassid.com/ Frame 1F67 Redirect Chain https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D https://bidder.newspassid.com/setuid?bidder=openx&uid=ba3db499-ec7b-4ad5-ab66-e54234bea4d1	0 908 B	114ms 114ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=openx&uid=ba3db499-ec7b-4ad5-ab66-e54234bea4d1 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT via 1.1 google content-type text/html; charset=utf-8 location https://bidder.newspassid.com/setuid?bidder=openx&uid=ba3db499-ec7b-4ad5-ab66-e54234bea4d1 p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 117
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame FF65	3 KB 3 KB	118ms 44ms	Script text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58837114&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1--- Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash cf2f82566b3ddcb495e0e492ebde9736288af69326440f7a85be30568e1f6a81 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Tue, 16 May 2023 20:17:12 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame 3C97 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1e8f6463-e4c9-4400-8ffd-6588b672058e&gdpr=0&gdpr_consent=	42 B 556 B	88ms 13ms	Document image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1e8f6463-e4c9-4400-8ffd-6588b672058e&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Tue, 16 May 2023 20:17:12 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Length 0 Content-Type image/gif Date Tue, 16 May 2023 20:17:13 GMT Expires Tue, 16 May 2023 20:17:12 GMT Keep-Alive timeout=360 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server MT3 851 9bd98ae master zrh-pixel-x31 config_version:"unknown" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1e8f6463-e4c9-4400-8ffd-6588b672058e&gdpr=0&gdpr_consent=
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame 32CE Redirect Chain https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685627649318052	42 B 273 B	60ms 22ms	Document image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685627649318052 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Tue, 16 May 2023 20:17:12 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers Content-Length 0 Date Tue, 16 May 2023 20:17:13 GMT Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685627649318052 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H2	200	usersync.aspx Show response dis.criteo.com/dis/ Frame 912C	43 B 363 B	343ms 13ms	Document image/gif	178.250.1.9
General Check archive.org Show headers Download Go to Full URL https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-type image/gif cross-origin-resource-policy cross-origin date Tue, 16 May 2023 20:17:13 GMT expires Tue, 16 May 2023 00:00:00 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" pragma no-cache server Kestrel server-processing-duration-in-ticks 315134 strict-transport-security max-age=31536000; preload; x-errorlevel 0
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame BBC0 Redirect Chain https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7580794063742113055	42 B 195 B	30ms 25ms	Document image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7580794063742113055 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Tue, 16 May 2023 20:17:12 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers content-length 0 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7580794063742113055 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H/1.1	200 OK	dcm Show response aax-eu.amazon-adsystem.com/s/ Frame BD8C Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1251A782-53EE-499E-B99F-5F0CA3510D7C&redir=true&gdpr=0&gdpr_consent= https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1251A782-53EE-499E-B99F-5F0CA3510D7C&redir=true&gdpr=0&gdpr_consent=&dcc=t	43 B 855 B	219ms 211ms	Document image/gif	67.220.226.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1251A782-53EE-499E-B99F-5F0CA3510D7C&redir=true&gdpr=0&gdpr_consent=&dcc=t Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Tue, 16 May 2023 20:17:13 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid M3WR9X4AAFJXJ9K4BZ53 Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Tue, 16 May 2023 20:17:13 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1251A782-53EE-499E-B99F-5F0CA3510D7C&redir=true&gdpr=0&gdpr_consent=&dcc=t Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid GAWCW36703MKV3YCG51G
GET H2	200	setuid Show response bidder.newspassid.com/ Frame 9BBB	0 1 KB	104ms 103ms	Document text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=1251A782-53EE-499E-B99F-5F0CA3510D7C Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, must-revalidate content-length 0 date Tue, 16 May 2023 20:17:13 GMT expires 0 pragma no-cache vary Origin
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame FF65 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ElGnglPuSZ65n18Mo1ENfA%3D%3D&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ElGnglPuSZ65n18Mo1ENfA%3D%3D&gdpr=0&gdpr_consent=&google_tc= https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=	16 KB 16 KB	10ms 7ms	Image text/html	23.32.184.192 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent= Protocol H2 Server 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-184-192.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:13 GMT content-encoding gzip last-modified Fri, 16 Dec 2022 06:36:49 GMT server Apache vary Accept-Encoding content-type text/html p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=24599 accept-ranges bytes content-length 5554 expires Wed, 17 May 2023 03:07:12 GMT Redirect headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 301 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	qmap sync.crwdcntrl.net/ Frame FF65	49 B 266 B	110ms 29ms	Image image/gif	63.33.105.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1251A782-53EE-499E-B99F-5F0CA3510D7C&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.33.105.75 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-105-75.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.10.119 content-length 49 expires 0
GET H2	204	ids idsync.frontend.weborama.fr/ Frame FF65 Redirect Chain https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=782642497 https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1251A782-53EE-499E-B99F-5F0CA3510D7C	0 284 B	64ms 16ms	Image text/plain	34.111.131.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1251A782-53EE-499E-B99F-5F0CA3510D7C Protocol H2 Server 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.131.111.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:12 GMT via 1.1 google last-modified Tue, 16 May 2023 20:17:13 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Jul 2001 06:00:00 GMT Redirect headers location https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1251A782-53EE-499E-B99F-5F0CA3510D7C date Tue, 16 May 2023 20:17:12 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H/1.1	200	p a.audrte.com/ Frame FF65 Redirect Chain https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1251A782-53EE-499E-B99F-5F0CA3510D7C https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2JnN2hwRTllUkRRQTZIMEd0eW94OFpOdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL... https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= https://a.audrte.com/a?adform_uid=7235409016368083804&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D https://a.audrte.com/p	68 B 424 B	99ms 98ms	Image image/png	52.22.241.33
General Check archive.org Show headers Download Go to Show image Full URL https://a.audrte.com/p Protocol HTTP/1.1 Server 52.22.241.33 -, , ASN (), Reverse DNS Software nginx/1.18.0 / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Date Tue, 16 May 2023 20:17:13 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Length 68 Redirect headers Date Tue, 16 May 2023 20:17:13 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Access-Control-Allow-Origin * Location https://a.audrte.com:443/p Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame FF65 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTI1MUE3ODItNTNFRS00OTlFLUI5OUYtNUYwQ0EzNTEwRDdD&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTI1MUE3ODItNTNFRS00OTlFLUI5OUYtNUYwQ0EzNTEwRDdD&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 95 B	111ms 24ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Tue, 16 May 2023 20:17:12 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame FF65 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGI3ZypDHM7W0zhtXXqekz4&google_cver=1	42 B 530 B	107ms 20ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGI3ZypDHM7W0zhtXXqekz4&google_cver=1 Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Tue, 16 May 2023 20:17:13 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGI3ZypDHM7W0zhtXXqekz4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame FF65	43 B 612 B	59ms 17ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Mon, 15 May 2023 20:17:13 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame FF65 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7235409016368083804	42 B 322 B	22ms 15ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7235409016368083804 Protocol H2 Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Tue, 16 May 2023 20:17:11 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7235409016368083804 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame FF65	70 B 264 B	40ms 32ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers content-type image/gif pragma no-cache date Tue, 16 May 2023 20:17:13 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	setuid bidder.newspassid.com/ Frame 1F67 Redirect Chain https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=4a43e9c9-d8c2-4ee2-89d6-10c2c3b8e77d	0 1 KB	110ms 102ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=4a43e9c9-d8c2-4ee2-89d6-10c2c3b8e77d Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers location https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=4a43e9c9-d8c2-4ee2-89d6-10c2c3b8e77d access-control-allow-origin * date Tue, 16 May 2023 20:17:13 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	setuid bidder.newspassid.com/ Frame EFA9 Redirect Chain https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7235409016368083804	0 1 KB	118ms 118ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7235409016368083804 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers location https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7235409016368083804 date Tue, 16 May 2023 20:17:13 GMT server nginx content-length 0 content-type text/plain
GET H2	200	setuid bidder.newspassid.com/ Frame 1F67 Redirect Chain https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-news... https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=7a683978-950b-4857-a77c-d665fef8d169	0 1 KB	104ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=7a683978-950b-4857-a77c-d665fef8d169 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:13 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers location https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=7a683978-950b-4857-a77c-d665fef8d169 date Tue, 16 May 2023 20:17:13 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Frame EFA9	0 239 B	279ms 7ms	Image image/gif	69.173.144.139
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-newspassid&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 63B3	16 KB 6 KB	7ms 7ms	Document text/html	23.32.184.192 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D Requested by Host: bidder.newspassid.com URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=c291aaea-557a-48d2-995c-bd8786498d0d&publisherId=NPID10000001&siteId=3500000368&cb=1684268229305&bidder=newspassid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-184-192.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48 Request headers Referer https://bidder.newspassid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=24599 content-encoding gzip content-length 5554 content-type text/html date Tue, 16 May 2023 20:17:13 GMT expires Wed, 17 May 2023 03:07:12 GMT last-modified Fri, 16 Dec 2022 06:36:49 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	setuid bidder.newspassid.com/ Frame EFA9 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fbidder.newspassid.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4102114611178514225	0 1 KB	103ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4102114611178514225 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers Date Tue, 16 May 2023 20:17:14 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.64.151.6; 217.64.151.6; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 11395c97-9eee-4423-a279-5a9d5e986080 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4102114611178514225 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid bidder.newspassid.com/ Frame 1F67 Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://bidder.newspassid.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GqChqLZHAz8yUdWTR5GX1GFm	0 1 KB	103ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GqChqLZHAz8yUdWTR5GX1GFm Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers Date Tue, 16 May 2023 20:17:14 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://bidder.newspassid.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GqChqLZHAz8yUdWTR5GX1GFm Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap2ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	setuid bidder.newspassid.com/ Frame EFA9 Redirect Chain https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=7a683978-950b-4857-a77c-d665fef8d169	0 1 KB	104ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=7a683978-950b-4857-a77c-d665fef8d169 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers location https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=7a683978-950b-4857-a77c-d665fef8d169 date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Frame 1F67	0 239 B	11ms 11ms	Image image/gif	69.173.144.139
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-newspassid&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	setuid bidder.newspassid.com/ Frame 1F67 Redirect Chain https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7235409016368083804	0 1 KB	103ms 102ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7235409016368083804 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers location https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=7235409016368083804 date Tue, 16 May 2023 20:17:14 GMT server nginx content-length 0 content-type text/plain
GET H/1.1	204 No Content	getuid ads.avct.cloud/ Frame EFA9 Redirect Chain https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B...	0 0	28ms 28ms	Image text/plain	18.202.160.70
General Check archive.org Show headers Download Go to Show image Full URL https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D Protocol HTTP/1.1 Server 18.202.160.70 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Redirect headers Location /getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D Date Tue, 16 May 2023 20:17:14 GMT P3p policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive Content-Length 244 Content-Type text/html; charset=utf-8
GET H/1.1	204 No Content	getuid ads.avct.cloud/ Frame 1F67 Redirect Chain https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B...	0 0	31ms 31ms	Image text/plain	18.202.160.70
General Check archive.org Show headers Download Go to Show image Full URL https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D Protocol HTTP/1.1 Server 18.202.160.70 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Redirect headers Location /getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D Date Tue, 16 May 2023 20:17:14 GMT P3p policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive Content-Length 244 Content-Type text/html; charset=utf-8
GET H2	200	setuid bidder.newspassid.com/ Frame EFA9 Redirect Chain https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2477180748445923568344	0 1 KB	102ms 102ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2477180748445923568344 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers location https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2477180748445923568344 date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	setuid bidder.newspassid.com/ Frame 1F67 Redirect Chain https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2477180748445923568344	0 1 KB	103ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2477180748445923568344 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers location https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2477180748445923568344 date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	204	v1 match.sharethrough.com/FGMrCMMc/ Frame EFA9	0 361 B	8ms 8ms	Image text/plain	35.158.212.168 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.212.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-212-168.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 16 May 2023 20:17:14 GMT
GET H2	200	setuid bidder.newspassid.com/ Frame 1F67 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4102114611178514225	0 2 KB	107ms 107ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4102114611178514225 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers Date Tue, 16 May 2023 20:17:14 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.64.151.6; 217.64.151.6; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 29f9b363-75df-46e8-a2eb-0878951f8756 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4102114611178514225 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid bidder.newspassid.com/ Frame EFA9 Redirect Chain https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_p... https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZGPkyMeT56rXf1qR-LiJugAA%261218	0 2 KB	103ms 103ms	Image text/plain	35.172.255.82 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZGPkyMeT56rXf1qR-LiJugAA%261218 Protocol H2 Server 35.172.255.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-255-82.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers pragma no-cache date Tue, 16 May 2023 20:17:14 GMT cache-control no-cache, no-store, must-revalidate content-length 0 vary Origin expires 0 Redirect headers Pragma no-cache Date Tue, 16 May 2023 20:17:14 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZGPkyMeT56rXf1qR-LiJugAA%261218 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0