buffalonews.com Open in urlscan Pro
192.104.182.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://buffalonews.com/news/hearing-aid-saleman/
Submission: On September 05 via manual (September 5th 2022, 3:23:59 am UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 81 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is buffalonews.com. The Cisco Umbrella rank of the primary domain is 123886.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on August 28th 2022. Valid for: 3 months.

This is the only time buffalonews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
27	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:1a00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:410... 2600:1f18:410b:aea2:1c09:e98b:93df:f861	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	65.9.66.8 65.9.66.8	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	143.204.205.113 143.204.205.113	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::6815:38ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.195.45.12 34.195.45.12	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2010	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	34.102.205.239 34.102.205.239	15169 (GOOGLE) (GOOGLE)
5	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 2	52.209.222.27 52.209.222.27	16509 (AMAZON-02) (AMAZON-02)
81	20

6 192.104.182.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

buffalonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:1a00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:410b:aea2:1c09:e98b:93df:f861 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.bntech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-8.fra56.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.205.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-113.fra53.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:38ad (United States)

ASN13335 (CLOUDFLARENET, US)

qnhtg9kbqjgw2izax.ay.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.45.12 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-45-12.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.205.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.205.102.34.bc.googleusercontent.com

a.leetemplates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.222.27 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-222-27.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 17336	456 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	497 KB
6	buffalonews.com 1 redirects buffalonews.com — Cisco Umbrella Rank: 123886	68 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 1438	37 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1600	67 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1206 bcp.crwdcntrl.net — Cisco Umbrella Rank: 805	13 KB
2	leetemplates.com a.leetemplates.com — Cisco Umbrella Rank: 34815	19 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2192	1 KB
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 620	408 B
2	gstatic.com www.gstatic.com	13 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 7099	93 KB
1	google.de ampcid.google.de — Cisco Umbrella Rank: 58797	461 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 2007	532 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 376	27 KB
1	ay.delivery qnhtg9kbqjgw2izax.ay.delivery — Cisco Umbrella Rank: 109205	13 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	668 B
1	bntech.io api.bntech.io — Cisco Umbrella Rank: 175218	6 KB
81	18

	Domain	Requested by
27	bloximages.chicago2.vip.townnews.com	buffalonews.com bloximages.chicago2.vip.townnews.com
7	www.googletagmanager.com	buffalonews.com cmp.osano.com
6	buffalonews.com	1 redirects buffalonews.com
5	cdn.segment.com	cmp.osano.com cdn.segment.com
3	tagan.adlightning.com	buffalonews.com cmp.osano.com
2	bcp.crwdcntrl.net	1 redirects cmp.osano.com
2	a.leetemplates.com	storage.googleapis.com
2	www.google-analytics.com	cmp.osano.com
2	trkn.us	1 redirects buffalonews.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	www.gstatic.com	buffalonews.com
2	cmp.osano.com	buffalonews.com cmp.osano.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	storage.googleapis.com	cmp.osano.com
1	qnhtg9kbqjgw2izax.ay.delivery	cmp.osano.com
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	api.bntech.io	buffalonews.com
1	tags.crwdcntrl.net	buffalonews.com
81	19

This site contains links to these domains. Also see Links.

Domain
myaccount.buffalonews.com
subscribe.buffalonews.com
www.legacy.com
reviews.buffalonews.com
www.stringr.com
buffalonews-ny.newsmemory.com
buffalo.com
secure.adpay.com
buffalonewsstore.com
forms.buffalonews.com
bufiservices.newscyclecloud.com
login.buffalonews.com
join.buffalonews.com
bloxcms.com
townnews.com

Subject Issuer	Validity	Valid
buffalonews.com ZeroSSL ECC Domain Secure Site CA	`2022-08-28` - `2022-11-26`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cmp.osano.com Amazon	`2022-09-02` - `2023-09-30`	a year	crt.sh
bntech.io Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-05` - `2023-04-05`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
a.leetemplates.com GTS CA 1D4	`2022-07-30` - `2022-10-28`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://buffalonews.com/news/hearing-aid-saleman/
Frame ID: C38DFFA529285795480A4DFCC14E52C0
Requests: 77 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 01BD0C9F4F622EAADC4124B4A881C776
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: A59727281289971A5BD1C6C1A6E42BF8
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=221292961/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times/rb=%7B%22meta_tag%22%3A%22news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times%22%7D/rt=ifr
Frame ID: 0F999471E6DDDB778518831974976704
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buffalo News | buffalonews.com

Page URL History Show full URLs

https://buffalonews.com/news/hearing-aid-saleman HTTP 301
https://buffalonews.com/news/hearing-aid-saleman/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

79 %
HTTPS

47 %
IPv6

18
Domains

19
Subdomains

20
IPs

4
Countries

1312 kB
Transfer

3851 kB
Size

5
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.buffalonews.com/?returnURL=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fhearing-aid-saleman%2F
Title: Log In

Search URL Search Domain Scan URL

URL: https://subscribe.buffalonews.com/subscribe/E0010125O1
Title: Subscribe for $1

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/buffalonews
Title: Death Notices

Search URL Search Domain Scan URL

URL: https://reviews.buffalonews.com/
Title: Buyer's Guides

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlOPFu9ejbw
Title: Share video

Search URL Search Domain Scan URL

URL: https://buffalonews-ny.newsmemory.com/ssindex.php
Title: Special Sections

Search URL Search Domain Scan URL

URL: https://buffalo.com/
Title: Buffalo Magazine

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/searchresultsdisplay.aspx?p=2209&region=2209&catid=600&procid=1b57724b-f93b-4a55-95d4-df4dd8dd6a01
Title: Pets Place

Search URL Search Domain Scan URL

URL: https://buffalonewsstore.com/?utm_source=core_site&utm_medium=navigation&utm_campaign=bn_store/
Title: The Buffalo News Store

Search URL Search Domain Scan URL

URL: https://forms.buffalonews.com/modules/form_builder/published/bndeliver.php
Title: Deliver Us

Search URL Search Domain Scan URL

URL: https://bufiservices.newscyclecloud.com/cgi-bin/cmo_buf-c-cmdb-01.sh/custservice/web/login.html
Title: Manage Account

Search URL Search Domain Scan URL

URL: https://login.buffalonews.com/logout
Title: Logout

Search URL Search Domain Scan URL

URL: https://buffalo.com/wny-weddings/
Title: WNY Weddings

Search URL Search Domain Scan URL

URL: https://buffalonewsstore.com/?utm_source=core_site&utm_medium=footer&utm_campaign=bn_store
Title: The Buffalo News Store

Search URL Search Domain Scan URL

URL: https://join.buffalonews.com/jobs?utm_source=core_site&utm_medium=footer&utm_campaign=join_evolution
Title: Work Here

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://buffalonews.com/news/hearing-aid-saleman HTTP 301
https://buffalonews.com/news/hearing-aid-saleman/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 51

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=774556086 HTTP 302
https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=774556086&ip=217.114.218.28&cuidchk=1

Request Chain 80

https://bcp.crwdcntrl.net/5/c=6894/rand=221292961/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times/rb=%7B%22meta_tag%22%3A%22news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=221292961/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times/rb=%7B%22meta_tag%22%3A%22news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times%22%7D/rt=ifr

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
buffalonews.com/news/hearing-aid-saleman/
Redirect Chain

https://buffalonews.com/news/hearing-aid-saleman
https://buffalonews.com/news/hearing-aid-saleman/

133 KB
25 KB

494ms
493ms

Document
text/html

192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

07ad970fe8065f81d7c2d3055536640d98afa11c397894d403ae41624f8c8dcc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 23961
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 05 Sep 2022 03:23:52 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.62.6; app19; 0.22s; 3.9M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 1783
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 05 Sep 2022 03:23:52 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location: https://buffalonews.com/news/hearing-aid-saleman/
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.62.6; app4; 0.02s; 1.3M
x-vcache: MISS
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 121ms
51ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16287914
cf-ray: 745bd9474d5690dc-FRA
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:01:15 GMT

GET
H2 200 user.js Show response
buffalonews.com/shared-content/art/tncms/user/ 12 KB
4 KB 130ms
111ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://buffalonews.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/news/hearing-aid-saleman/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:20:47 GMT
content-encoding: gzip
last-modified: Thu, 01 Sep 2022 21:19:54 GMT
age: 185
etag: W/"631121fa-2f01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 4332
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 120ms
51ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 19250793
cf-ray: 745bd9476d7690dc-FRA
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 24 May 2022 10:36:50 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 119ms
51ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2030108
cf-ray: 745bd9476d7890dc-FRA
last-modified: Tue, 10 May 2022 15:14:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a815c-8154"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 11 May 2023 19:01:11 GMT

GET
H2 200 tnt.f3739bd4d04bcee9e077d20b4f31f29c.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 21 KB
6 KB 95ms
28ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16183113
cf-ray: 745bd9474d5890dc-FRA
last-modified: Fri, 28 Jan 2022 22:01:23 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61f467b3-5572"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 01 Mar 2023 20:01:08 GMT

GET
H2 200 application.cb897187c4718280fd69d2e6d6c3909d.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
1 KB 98ms
33ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16266807
cf-ray: 745bd9474d5990dc-FRA
last-modified: Wed, 05 May 2021 20:06:24 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fac0-104a"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 24 May 2022 10:36:51 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
962 B 116ms
51ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 19250793
cf-ray: 745bd9476d7490dc-FRA
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-9ae"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:08 GMT

GET
H2 200 bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 90ms
33ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16287914
cf-ray: 745bd9474d4f90dc-FRA
last-modified: Tue, 04 Jan 2022 21:06:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61d4b6c1-1ab8e"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 05 Jan 2023 20:01:08 GMT

GET
H2 200 layout.112f7ff365cd43379f336b81d31a7128.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 86ms
30ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.112f7ff365cd43379f336b81d31a7128.css

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

384d1a9859c551ed8f751789414dc042c907ba0e3e56817e62197bf3a435154d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4087955
cf-ray: 745bd9474d5190dc-FRA
last-modified: Fri, 15 Jul 2022 14:14:10 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d17632-268ce"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 19 Jul 2023 19:01:14 GMT

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 95 KB
16 KB 85ms
29ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1662015614

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6d2a4d559b9e6cf62164e098880237604cdb4812bd53af28b9b3921afbe871

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 330952
cf-ray: 745bd9474d5390dc-FRA
last-modified: Thu, 01 Sep 2022 07:00:14 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"6310587e-17c72"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 01 Sep 2023 07:05:17 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 82ms
28ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 19250793
cf-ray: 745bd9474d5490dc-FRA
last-modified: Wed, 05 May 2021 20:07:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fb00-189c"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 24 May 2022 10:36:51 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/6894/ 38 KB
12 KB 77ms
22ms Script
application/json 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 04:12:29 GMT
content-encoding: gzip
etag: W/"8cd042d9f203fe2e01747c7444f95498"
last-modified: Wed, 23 Feb 2022 22:37:16 GMT
server: AmazonS3
age: 83783
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JiOtKyluawTqULahthCdiSLUMKFrtalteniHsjdDJB8jpsCEJXyM5A==

GET
H2 200 access.js Show response
buffalonews.com/shared-content/art/tncms/api/ 86 KB
34 KB 119ms
119ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://buffalonews.com/shared-content/art/tncms/api/access.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://buffalonews.com/news/hearing-aid-saleman/
Origin: https://buffalonews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:19:28 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 14:39:53 GMT
age: 264
etag: W/"628656b9-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 404 KB
92 KB 102ms
24ms Script
application/javascript 2600:9000:206f:1a00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1a00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c4322fb1375025899f0c6cb7d5ca398aa6393db1a8f8db7411df0c647b23250e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
x-content-type-options: nosniff
age: 75420
x-cache: Hit from cloudfront
content-length: 93245
x-xss-protection: mode=block
last-modified: Tue, 16 Aug 2022 23:01:20 GMT
server: CloudFront
date: Sun, 04 Sep 2022 06:26:52 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
etag: "ec3cf309b460fb4f44103d55af0653c0"
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6jeAB8TxDE2zhTOuldLEWvdYF8DjKumWh5PjTTPDwnTDG9KdD_jh3Q==

GET
H/1.1 200
OK 1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0 Show response
api.bntech.io/js/ 19 KB
6 KB 370ms
110ms Script
text/javascript 2600:1f18:410b:aea2:1c09:e98b:93df:f861
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:410b:aea2:1c09:e98b:93df:f861 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3049db4be872564809e26eea512e437046645835cc6a34783d24d5d104271c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 03:23:53 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 30ms
28ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16267238
cf-ray: 745bd948be7190dc-FRA
last-modified: Tue, 06 Jul 2021 13:05:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45507-db8"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:08 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 28ms
26ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8323983
cf-ray: 745bd948be7290dc-FRA
last-modified: Mon, 23 May 2022 19:54:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"628be65d-1ba0"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 May 2023 19:01:04 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 23:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Sep 2023 23:31:02 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 03:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 03:38:22 GMT

GET
H2 200 messaging.js Show response
buffalonews.com/shared-content/art/tncms/api/ 4 KB
1 KB 120ms
119ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://buffalonews.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/news/hearing-aid-saleman/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:22:32 GMT
content-encoding: gzip
last-modified: Thu, 01 Sep 2022 21:19:54 GMT
age: 80
etag: W/"631121fa-11aa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1259
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
277 B 102ms
51ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16274980
cf-ray: 745bd9476d7590dc-FRA
last-modified: Fri, 16 Apr 2021 14:04:15 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6079995f-c8"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 00:53:47 GMT

GET
H2 200 tracking.js Show response
buffalonews.com/shared-content/art/tncms/ 3 KB
1 KB 125ms
119ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://buffalonews.com/shared-content/art/tncms/tracking.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/news/hearing-aid-saleman/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:22:25 GMT
content-encoding: gzip
last-modified: Thu, 01 Sep 2022 21:19:54 GMT
age: 87
etag: W/"631121fa-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 9 KB
3 KB 77ms
27ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1662015614

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 330952
cf-ray: 745bd9474d5790dc-FRA
last-modified: Thu, 01 Sep 2022 07:00:14 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"6310587e-231f"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 01 Sep 2023 07:05:17 GMT

GET
H2 200 fontawesome.46a248d75dc687aa8d928092f6b77fc7.js Show response
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 254 KB
91 KB 36ms
35ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.46a248d75dc687aa8d928092f6b77fc7.js

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284f9037395ddc566160e9265aa01ffc07c05f189473b81df3dc75990c1081d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13162486
cf-ray: 745bd948be7390dc-FRA
last-modified: Fri, 01 Apr 2022 13:29:52 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe50-3f9ec"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 05 Apr 2023 19:01:08 GMT

GET
H2 200 24fbd734-b215-11ec-896b-8b89a4fa0d4f.png
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/ 5 KB
5 KB 28ms
27ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/24fbd734-b215-11ec-896b-8b89a4fa0d4f.png

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f467583cf3c2f542573ae63ceede5a99e822a0445eee6cd211fd2f47947b33e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
vary: Accept
cf-cache-status: HIT
age: 13177406
cf-polished: origFmt=png, origSize=5336
last-modified: Fri, 01 Apr 2022 23:40:42 GMT
content-disposition: inline; filename="24fbd734-b215-11ec-896b-8b89a4fa0d4f.webp"
content-length: 4774
x-vcache: MISS
server: cloudflare
etag: "62478d7a-14d8"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 05 Apr 2023 14:59:46 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd948be7490dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 28ms
27ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
vary: Accept
cf-cache-status: HIT
age: 8930424
cf-polished: origFmt=png, origSize=3610
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
x-vcache: MISS
server: cloudflare
etag: "551dba72-e1a"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 20 May 2023 00:34:43 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd948be7590dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 logo-tagline.png
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 5 KB
6 KB 27ms
26ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1662015614

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
vary: Accept
cf-cache-status: HIT
age: 330953
cf-polished: origFmt=png, origSize=10949
last-modified: Thu, 01 Sep 2022 07:00:14 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="logo-tagline.webp"
content-length: 5302
x-vcache: MISS
server: cloudflare
etag: "6310587e-2ac5"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 07:05:22 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd948be7690dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 40 KB
16 KB 80ms
25ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbd63359b0b400d926dd62ab91bf9abf65f458a29cf5eb07e0790ddddb9e8d97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: bMyFMfIPdnPZmP6.WdCPHM0e9bFiB7HE
content-encoding: gzip
etag: "7b5d5fa32d9e542e61d7c4970fab0097"
age: 3243
x-cache: Hit from cloudfront
content-length: 15936
x-amz-meta-git_commit: 12c5e29
last-modified: Fri, 02 Sep 2022 17:27:34 GMT
server: AmazonS3
date: Mon, 05 Sep 2022 02:37:57 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: Ofm_CcqN38cw421EGw-F_HSIdjuuR0SkidbfUNz8u7gIBbS2vwyEAw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
67 KB 81ms
32ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f15eb802e64a2ce13b5ba4cd2123cf6394850e9ef023a3eaa9affef6403c0d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68364
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Sep 2022 03:23:53 GMT

GET
BLOB 200
OK e161e688-59ac-489a-8dbb-97aa23e701dc
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/e161e688-59ac-489a-8dbb-97aa23e701dc
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 489 KB
114 KB 126ms
109ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d298b655143175e4b137bfc3bcfefccd6d8dec6e81e1335b67f2ee4bc1eebb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117085
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Sep 2022 03:23:53 GMT

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 70ms
26ms Font
application/font-woff2 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1662015614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1662015614
Origin: https://buffalonews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 13176503
last-modified: Tue, 05 Apr 2022 07:00:18 GMT
content-length: 26164
x-vcache: MISS
server: cloudflare
etag: "624be902-6634"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd9497aac9067-FRA
expires: Wed, 05 Apr 2023 14:59:46 GMT

GET
H2 200 b-12c5e29-68486fe6.js Show response
tagan.adlightning.com/leeenterprises/ 89 KB
33 KB 25ms
25ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-12c5e29-68486fe6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff0302b9ded05a56d6ac04983230f1b137d6967b819184783d5c5cc1009a4a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:14:38 GMT
content-encoding: gzip
age: 2297356
x-cache: Hit from cloudfront
content-length: 33154
x-amz-meta-git_commit: 12c5e29
last-modified: Tue, 09 Aug 2022 13:13:27 GMT
server: AmazonS3
etag: "d0fa46139ec82918e3e3f8b6560c9359"
x-amz-version-id: ObLtC8W.AuUwyElu6NexCaDm9BwK_INo
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 8g4uVmWMwjc39Zg2D3K5L2H2bSNOuePDjPcAicPHg4HjbSvQT1CraQ==

GET
H2 200 bl-6399065-8918a417.js Show response
tagan.adlightning.com/leeenterprises/ 43 KB
18 KB 32ms
32ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-6399065-8918a417.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85ecfae03c5c9fa49b03d994f7c6e247ecc4743928a404f575ccb23edd19aff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 17:27:54 GMT
content-encoding: gzip
age: 208560
x-cache: Hit from cloudfront
content-length: 18355
x-amz-meta-git_commit: 6399065
last-modified: Fri, 02 Sep 2022 17:27:12 GMT
server: AmazonS3
etag: "c8f1885ed57d5d3a4b093f176371781d"
x-amz-version-id: yfk7dAP6d28QRxvZ1EhZLUV2zNLLJo3u
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: GUZVqZBJlbpBHix1pc52xgXgbJE7zOxDC5qhHrafT70c5ssY92Zypw==

GET
H2 200 / Show response
cmp.osano.com/ Frame 01BD 4 KB
1 KB 20ms
20ms Document
text/html 2600:9000:206f:1a00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1a00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buffalonews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9598
content-encoding: gzip
content-type: text/html
date: Mon, 05 Sep 2022 00:43:59 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-id: miyLXMOars_SwTfWveNsaqpTxQko_ma8Gux-v_aIB1dF0mxSDno8xQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 999f7288-daea-435b-8d8b-71bcadaa6592
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/999f7288-daea-435b-8d8b-71bcadaa6592
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK c850190e-c9b6-409c-997e-31e7413dd0a2
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/c850190e-c9b6-409c-997e-31e7413dd0a2
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 1f847fa0-1ddf-4487-839c-e00ec5a812cc
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/1f847fa0-1ddf-4487-839c-e00ec5a812cc
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 0d3b9386-08e0-4229-b58d-0e40ea7171f9
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/0d3b9386-08e0-4229-b58d-0e40ea7171f9
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 1527bcc3-ef1e-4128-a643-7b0ecc4c3b6d
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/1527bcc3-ef1e-4128-a643-7b0ecc4c3b6d
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 6315549e6a267.image.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/ea/feacbdae-42a0-589c-9799-be5a2dfc24dc/ 15 KB
15 KB 120ms
119ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/ea/feacbdae-42a0-589c-9799-be5a2dfc24dc/6315549e6a267.image.jpg?crop=1763%2C992%2C0%2C91&resize=400%2C225&order=crop%2Cresize

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c8b0b10e4882e1c261b73c4aa712849651b791f11f4cdc176bbcaf926c212a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=15526
last-modified: Mon, 05 Sep 2022 01:45:02 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6315549e6a267.webp"
content-length: 15148
x-vcache: MISS
server: cloudflare
etag: "a9faae5a70083a9b8f7f3cfcd138cc5e"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 05 Sep 2023 01:47:25 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd94abfb590dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 63149a581676d.image.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/5/34/53443be6-ebc5-5685-9c8e-e2a09250dbaa/ 12 KB
12 KB 117ms
116ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/5/34/53443be6-ebc5-5685-9c8e-e2a09250dbaa/63149a581676d.image.jpg?crop=1763%2C992%2C0%2C92&resize=400%2C225&order=crop%2Cresize

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d314a1de8a4444d98f1b0cee0eba20454670b107c782abfbc316adacb37e261c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=13384
last-modified: Sun, 04 Sep 2022 12:30:16 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="63149a581676d.webp"
content-length: 12344
x-vcache: MISS
server: cloudflare
etag: "3862deb4728c0b8db4017210c38a54bd"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 04 Sep 2023 12:39:47 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd94abfb690dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 631546ad2d5a4.image.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/1/23/1232a011-a8fb-52d6-8718-23f3b5097845/ 11 KB
12 KB 121ms
119ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/1/23/1232a011-a8fb-52d6-8718-23f3b5097845/631546ad2d5a4.image.jpg?crop=1763%2C992%2C0%2C91&resize=400%2C225&order=crop%2Cresize

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4b7d86fc04366af0c8558dfecde0828a62d1c8f5646d34deb579f62c251dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=12530
last-modified: Mon, 05 Sep 2022 00:45:33 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="631546ad2d5a4.webp"
content-length: 11566
x-vcache: MISS
server: cloudflare
etag: "710ce707b121009ddba5179b134bd70f"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 05 Sep 2023 00:55:04 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd94abfb790dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 63122569f25a1.preview.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/0/7b/07b69264-487f-51a4-ba8d-758947ed470b/ 23 KB
23 KB 118ms
117ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/0/7b/07b69264-487f-51a4-ba8d-758947ed470b/63122569f25a1.preview.jpg?crop=1626%2C915%2C112%2C97&resize=400%2C225&order=crop%2Cresize

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cca40a5b41c8be18210c95244bc0667e0f5d5cfaaf70a44027a1a2db160bcd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
cf-cache-status: HIT
cf-polished: origSize=23337, status=webp_bigger
last-modified: Fri, 02 Sep 2022 15:46:50 GMT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800
content-length: 23235
x-vcache: MISS
server: cloudflare
etag: "1a016e04cd1380982ce298afa69f1fc2"
x-robots-tag: noarchive
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 05 Sep 2023 00:22:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd94abfb890dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 63137a48a4d0b.preview.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/b/f7/bf7b16f7-f33d-5a24-9f0d-ff8dfb8d608e/ 15 KB
16 KB 121ms
120ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/b/f7/bf7b16f7-f33d-5a24-9f0d-ff8dfb8d608e/63137a48a4d0b.preview.jpg?crop=1102%2C620%2C290%2C211&resize=400%2C225&order=crop%2Cresize

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9a1de6661f7fb972569fad00e5d6c5052ff0ed7220ac80bafddb896dee74b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
cf-cache-status: HIT
cf-polished: origSize=16045, status=webp_bigger
last-modified: Sat, 03 Sep 2022 16:01:13 GMT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800
content-length: 15857
x-vcache: MISS
server: cloudflare
etag: "34d76ab0ed92ee0056f34844388cda7f"
x-robots-tag: noarchive
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 03 Sep 2023 18:19:52 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd94abfb990dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 63137b9779e67.preview.png
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/e/e5/ee506761-071f-53a0-8f1e-f4de49ed810b/ 81 KB
81 KB 123ms
122ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/e/e5/ee506761-071f-53a0-8f1e-f4de49ed810b/63137b9779e67.preview.png?resize=400%2C225

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e173242f0b364a7114803102b264b09baa99cf16b3ffa1e1f920c3af3cbe163

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=142793
last-modified: Sat, 03 Sep 2022 16:06:48 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="63137b9779e67.webp"
x-vcache: MISS
server: cloudflare
etag: "38307ffafd6c1145902cb0b653673410"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 03 Sep 2023 16:13:57 GMT
cache-control: public, max-age=31536000
cf-ray: 745bd94abfba90dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 631378ef273d0.image.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/b2/fb22c82b-ac5f-52f8-8cf8-b641aa28d9a8/ 18 KB
19 KB 116ms
115ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/b2/fb22c82b-ac5f-52f8-8cf8-b641aa28d9a8/631378ef273d0.image.jpg?crop=1763%2C992%2C0%2C91&resize=400%2C225&order=crop%2Cresize

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb65099cd7407d0e977f8e2bfabebdbdd6bec4de0529639378c792899177b041

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
cf-cache-status: HIT
cf-polished: origSize=19024, status=webp_bigger
last-modified: Sat, 03 Sep 2022 15:55:27 GMT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800
content-length: 18842
x-vcache: MISS
server: cloudflare
etag: "aa70b2e898826b8cd0e2bbaab79ebbaa"
x-robots-tag: noarchive
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 03 Sep 2023 16:04:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd94abfbb90dc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 63137894d9b53.image.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/3/2f/32f7e05b-fc42-5157-a962-3288f5cac7f1/ 13 KB
13 KB 112ms
112ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/3/2f/32f7e05b-fc42-5157-a962-3288f5cac7f1/63137894d9b53.image.jpg?crop=1763%2C992%2C0%2C92&resize=400%2C225&order=crop%2Cresize

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83b71f0dd56d880f50af107bf12a698c5e6b76d769cd6ace6ea7282955b9e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
cf-cache-status: HIT
cf-polished: origSize=13762, status=webp_bigger
last-modified: Sat, 03 Sep 2022 15:53:57 GMT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800
content-length: 13548
x-vcache: MISS
server: cloudflare
etag: "e00948ee724577adee2348b64ad64cd1"
x-robots-tag: noarchive
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 03 Sep 2023 16:17:22 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 745bd94abfbc90dc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame A597
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

138 B
668 B

89ms
23ms

Document
text/html

143.204.205.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Referer: https://buffalonews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 86143
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Sun, 04 Sep 2022 03:33:34 GMT
ETag: "50351b1f6590b5c4886c111874e016a0"
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
Server: AmazonS3
Via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
X-Amz-Cf-Id: JwQxnltY37gHHRW0VSzFIFmlgNvxixCR5cKdJIBZY7xMgOduvRk0Tg==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Mon, 05 Sep 2022 03:23:53 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 client-v2.9.0-openWrap.js Show response
qnhtg9kbqjgw2izax.ay.delivery/ 37 KB
13 KB 100ms
37ms Script
application/javascript 2606:4700:3036::6815:38ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qnhtg9kbqjgw2izax.ay.delivery/client-v2.9.0-openWrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2dd4469f84eee0b4a7fc1791a51c9fe3544bf4b26df414af78a2fddbe5938d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jan 2022 14:36:43 GMT
server: cloudflare
etag: W/"61eeb97b-95af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2dxeR%2FSX8VStZ5gw4hib966Xt3zvgt%2BfGii6Z%2FeOmLqbIqAv4kznC5gxlW3sM%2F2U5Xa0Sn8VaJXKQ74iVoBGmjC832IbkcEgIu5SvHKCVurH4VK22YJV3NkiLwywBWlEkjlj5XkazrZcPj%2Bz7%2BYm3pcdP%2B8Ot0Er7SiXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 745bd94bdbc99094-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

c
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=774556086
https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=774556086&ip=217.114.218.28&cuidchk=1

42 B
780 B

138ms
138ms

Image
image/gif

34.195.45.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=774556086&ip=217.114.218.28&cuidchk=1

Requested by

Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/

Protocol

HTTP/1.1

Server

34.195.45.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-195-45-12.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Sep 2022 03:23:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Mon, 05 Sep 2022 03:23:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=buffalonews.com&ord=774556086&ip=217.114.218.28&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
BLOB 200
OK 3e3f9e1c-cc53-42b1-8450-51135b291036
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/3e3f9e1c-cc53-42b1-8450-51135b291036
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f9860fd9-e9f7-4d78-bd03-e2d194f83dd2
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/f9860fd9-e9f7-4d78-bd03-e2d194f83dd2
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 43a82306-c62a-4270-ab1b-95eb6ab42e57
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/43a82306-c62a-4270-ab1b-95eb6ab42e57
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK bf58be18-9631-4476-ac25-361efa4ee124
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/bf58be18-9631-4476-ac25-361efa4ee124
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 2d6b42f3-de7a-4f3e-9037-3c09b72077bf
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/2d6b42f3-de7a-4f3e-9037-3c09b72077bf
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK b7d7eeb8-854f-490e-b525-01b97b77e8be
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/b7d7eeb8-854f-490e-b525-01b97b77e8be
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 91ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1076
date: Mon, 05 Sep 2022 03:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 05 Sep 2022 05:05:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
56 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adadc16181eeac1651134003540566c21181de2976866b7557a88ae3db82a74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57355
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Sep 2022 03:23:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
43 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88bb669fe0cde4aa4c725785ca5b5ca8b4128cf3902660795049add010ef09ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44046
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Sep 2022 03:23:53 GMT

GET
H2 200 sp-gzip-2-17-3.js Show response
storage.googleapis.com/lee-snowplow/static/ 77 KB
27 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:802::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 02:50:14 GMT
content-encoding: gzip
age: 2019
x-guploader-uploadid: ADPycdsLh4nTYYp9VUrgY82qFP-Hzoha3v9kmMaYPWa55bXsnfhyOIJzcsxHimasWlkPC8rBXTZgX_Cmq2PC-dl1faqcxQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26950
x-goog-meta-
last-modified: Thu, 18 Feb 2021 15:16:40 GMT
server: UploadServer
etag: "d3142accd3f370a95f561f0fbfb3114b"
vary: Accept-Encoding
x-goog-hash: crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation: 1613661400000346
cache-control: max-age=31536000
x-goog-stored-content-length: 26950
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 05 Sep 2023 02:50:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a48576171dd692dbe773f5bc36e7367d4525094a00b7842e7f7c36bf90acf18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75633
x-xss-protection: 0
expires: Mon, 05 Sep 2022 03:23:53 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame A597 70 B
260 B 45ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Sep 2022 03:23:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
532 B 125ms
64ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buffalonews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://buffalonews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

OPTIONS
H2 200 yy2
a.leetemplates.com/lee/ Frame 0
0 183ms
132ms Preflight 34.102.205.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://buffalonews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://buffalonews.com
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 05 Sep 2022 03:23:53 GMT
server: akka-http
via: 1.1 google

POST
H3 200 yy2 Show response
a.leetemplates.com/lee/ 2 B
19 B 174ms
133ms XHR
text/plain 34.102.205.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://buffalonews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
via: 1.1 google
server: akka-http
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://buffalonews.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
BLOB 200
OK f216f9a6-d29b-439f-8899-a8a078d561cd
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/f216f9a6-d29b-439f-8899-a8a078d561cd
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a51a55d9-3c83-43e5-9112-4c529a202361
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/a51a55d9-3c83-43e5-9112-4c529a202361
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a00761bc-4f97-4886-ba6a-038df3a8009b
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/a00761bc-4f97-4886-ba6a-038df3a8009b
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 64ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 02:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Sep 2022 03:37:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a54afc65138c00c986baf05a7f37f64afa436c2c3f5d6b6475a9f730d5189c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:53 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71112
x-xss-protection: 0
expires: Mon, 05 Sep 2022 03:23:53 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 96 KB
26 KB 97ms
26ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3c21fcdec7e1b94d85c94aac21d969329a41494bc54594e139fdaafdba399ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: i3uu2peqmrsKXJmQkX2D6VLw1eflkz_G
content-encoding: br
etag: W/"56a5d0385c98ba3d3989ec2cab0e94a5"
age: 111
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:26:28 GMT
server: AmazonS3
date: Mon, 05 Sep 2022 03:23:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 2vWT3hvJCE5pijkFZPJo8b_8QR34Ii7gS-m5XjAEXu6PK3jWSq9awg==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
461 B 105ms
29ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buffalonews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Sep 2022 03:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://buffalonews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
BLOB 200
OK 35f57bd7-b18c-47ba-9166-e7f6fdd14094
https://buffalonews.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buffalonews.com/35f57bd7-b18c-47ba-9166-e7f6fdd14094
Requested by: Host: buffalonews.com
URL: https://buffalonews.com/news/hearing-aid-saleman/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 206 KB
73 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee2eff88e9d412cea3884decc0eecced82b80f1fab033e71ce3c4d6b3f79dfff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 03:23:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74478
x-xss-protection: 0
expires: Mon, 05 Sep 2022 03:23:54 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 805 B
1 KB 58ms
19ms XHR
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe8390d7cfd8396d63a8c81eb7b91e6d67b84b1ad3cc185ce6d4b5effe1feebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: U_DmAvTTpoQ6C.9IdBZR.E.jS2H.lkmM
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
etag: "7bf7698e1a3707083bae5a0fc51dd25e"
age: 6059
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 805
last-modified: Mon, 29 Aug 2022 20:40:06 GMT
server: AmazonS3
date: Mon, 05 Sep 2022 02:05:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: QwelZvochRYomEX3Y2pOVFB5zdLDzyutyMK63uj4Ry3uUVfB1aA_pQ==

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 21ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:38:35 GMT
content-encoding: br
vary: Accept-Encoding
age: 783920
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 26 Aug 2022 03:04:21 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: qltndKW7QqDrf8ZSZrei2HuGEvEC2x.O
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 1hHlCMh4vY9gwLTZm2CyX-jvbz4kriDjGghWjrJL-PcCewiUpxN5ag==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 20ms
20ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 06:12:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 335484
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 21:47:48 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 1ps0Y.cQfeUJnD6vrqu.rtfMUGfr8v9x
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: ZIkjR2LAe1VEQWE-GNdgxPbbTbzngnQp1yT6ORegZPfUiCHnJMLIMA==

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 20ms
20ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buffalonews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 15:59:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 3151439
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 28 Jul 2022 21:17:25 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: bdGJW00hoMEULfpND6wyp6DIUgkdrIDO
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: XaGlJGQr-jRklgKYCO0YsFBswuUGJb-Am4qgY44_0akuokxbRZSDnA==

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=221292961/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20... Frame 0F99
Redirect Chain

https://bcp.crwdcntrl.net/5/c=6894/rand=221292961/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total...
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=221292961/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20...

163 B
403 B

53ms
53ms

Document
text/html

52.209.222.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=221292961/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times/rb=%7B%22meta_tag%22%3A%22news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times%22%7D/rt=ifr
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.222.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-222-27.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer: https://buffalonews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 163
content-type: text/html;charset=utf-8
date: Mon, 05 Sep 2022 03:23:54 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-consent: absent
x-server: 10.45.18.12

Redirect headers

cache-control: no-cache
content-length: 0
date: Mon, 05 Sep 2022 03:23:54 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=221292961/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times/rb=%7B%22meta_tag%22%3A%22news%2C%20breaking%2C%20local%2C%20Niagara%20River%2C%20Lake%20Erie%2C%20Buffalo%E2%80%93Niagara%20Falls%2C%20metropolitan%20area%2C%20Buffalo%20Niagara%20Region%2C%20Western%2C%20New%20York%2C%20NY%2C%20metro%2C%20area%2C%20new%2C%20latest%2C%20topic%2C%20observer%2C%20enterprise%2C%20times%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.15.36

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.buffalonews.com/	1970-01-20 05:45:50	Name: spses.8060 Value: *
.trkn.us/	1970-01-20 14:31:24	Name: barometric[cuid] Value: cuid_1e9d7000-165e-431b-936e-e3ed428ab26a
.buffalonews.com/	1970-01-20 05:45:51	Name: AMP_TOKEN Value: %24NOT_FOUND
.leetemplates.com/	1970-01-20 14:31:24	Name: sp Value: 7c408e0b-2ba2-448d-8047-3b5fee69f683
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://buffalonews.com/news/hearing-aid-saleman/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.leetemplates.com
ampcid.google.com
ampcid.google.de
api.bntech.io
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
buffalonews.com
cdn.segment.com
cmp.osano.com
d1eoo1tco6rr5e.cloudfront.net
insight.adsrvr.org
qnhtg9kbqjgw2izax.ay.delivery
storage.googleapis.com
tagan.adlightning.com
tags.crwdcntrl.net
trkn.us
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.16.132.24
143.204.205.113
192.104.182.109
2600:1f18:410b:aea2:1c09:e98b:93df:f861
2600:9000:206f:1a00:3:b7e:8940:93a1
2606:4700:3036::6815:38ad
2a00:1450:4001:802::2010
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82f::200e
3.33.220.150
34.102.205.239
34.195.45.12
52.209.222.27
65.9.66.122
65.9.66.8
99.86.8.175
0284f9037395ddc566160e9265aa01ffc07c05f189473b81df3dc75990c1081d
07ad970fe8065f81d7c2d3055536640d98afa11c397894d403ae41624f8c8dcc
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e173242f0b364a7114803102b264b09baa99cf16b3ffa1e1f920c3af3cbe163
3049db4be872564809e26eea512e437046645835cc6a34783d24d5d104271c82
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
384d1a9859c551ed8f751789414dc042c907ba0e3e56817e62197bf3a435154d
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3d2dd4469f84eee0b4a7fc1791a51c9fe3544bf4b26df414af78a2fddbe5938d
3d6d2a4d559b9e6cf62164e098880237604cdb4812bd53af28b9b3921afbe871
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce
85ecfae03c5c9fa49b03d994f7c6e247ecc4743928a404f575ccb23edd19aff0
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
88bb669fe0cde4aa4c725785ca5b5ca8b4128cf3902660795049add010ef09ec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c8b0b10e4882e1c261b73c4aa712849651b791f11f4cdc176bbcaf926c212a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48576171dd692dbe773f5bc36e7367d4525094a00b7842e7f7c36bf90acf18a
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a54afc65138c00c986baf05a7f37f64afa436c2c3f5d6b6475a9f730d5189c8d
adadc16181eeac1651134003540566c21181de2976866b7557a88ae3db82a74c
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bbd63359b0b400d926dd62ab91bf9abf65f458a29cf5eb07e0790ddddb9e8d97
c4322fb1375025899f0c6cb7d5ca398aa6393db1a8f8db7411df0c647b23250e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cca40a5b41c8be18210c95244bc0667e0f5d5cfaaf70a44027a1a2db160bcd99
ce4b7d86fc04366af0c8558dfecde0828a62d1c8f5646d34deb579f62c251dc2
d298b655143175e4b137bfc3bcfefccd6d8dec6e81e1335b67f2ee4bc1eebb8e
d314a1de8a4444d98f1b0cee0eba20454670b107c782abfbc316adacb37e261c
d83b71f0dd56d880f50af107bf12a698c5e6b76d769cd6ace6ea7282955b9e1d
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3c21fcdec7e1b94d85c94aac21d969329a41494bc54594e139fdaafdba399ee
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ee2eff88e9d412cea3884decc0eecced82b80f1fab033e71ce3c4d6b3f79dfff
f15eb802e64a2ce13b5ba4cd2123cf6394850e9ef023a3eaa9affef6403c0d5e
f467583cf3c2f542573ae63ceede5a99e822a0445eee6cd211fd2f47947b33e0
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
f9a1de6661f7fb972569fad00e5d6c5052ff0ed7220ac80bafddb896dee74b87
fb65099cd7407d0e977f8e2bfabebdbdd6bec4de0529639378c792899177b041
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f
fe8390d7cfd8396d63a8c81eb7b91e6d67b84b1ad3cc185ce6d4b5effe1feebd
ff0302b9ded05a56d6ac04983230f1b137d6967b819184783d5c5cc1009a4a2f

buffalonews.com Open in urlscan Pro 192.104.182.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

79 %HTTPS

47 %IPv6

18 Domains

19 Subdomains

20 IPs

4 Countries

1312 kBTransfer

3851 kBSize

5 Cookies

17 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buffalonews.com Open in urlscan Pro
192.104.182.109 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

79 %
HTTPS

47 %
IPv6

18
Domains

19
Subdomains

20
IPs

4
Countries

1312 kB
Transfer

3851 kB
Size

5
Cookies

81 HTTP transactions
1 data transactions