urlscan.io logo urlscan.io
SecurityTrails logo

buffalonews.com Open in urlscan Pro
192.104.182.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1...
Effective URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7a...
Submission: On March 08 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 10 countries across 87 domains to perform 359 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is buffalonews.com.
TLS certificate: Issued by R3 on February 24th 2021. Valid for: 3 months.
This is the only time buffalonews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.254 209242 (CLOUDFLAR...)
7 192.104.182.109 10668 (LEE-ASN)
36 104.18.130.43 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.226.159.22 16509 (AMAZON-02)
7 2600:1f18:410... 14618 (AMAZON-AES)
3 151.101.1.195 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.16.60.230 13335 (CLOUDFLAR...)
11 13.226.159.63 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.245.253.34 16509 (AMAZON-02)
15 142.250.185.226 15169 (GOOGLE)
6 65.9.24.128 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
16 2600:1901:0:9... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f04... 32934 (FACEBOOK)
1 2600:9000:206... 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
1 3 2.19.34.195 20940 (AKAMAI-ASN1)
2 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 13.226.156.128 16509 (AMAZON-02)
1 35.209.99.174 19527 (GOOGLE-2)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.102.205.239 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 65.9.189.60 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.198.41.31 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13 52.95.123.41 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.86.196.188 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f14... 32934 (FACEBOOK)
2 104.16.88.26 13335 (CLOUDFLAR...)
1 142.250.186.34 15169 (GOOGLE)
1 54.144.144.142 14618 (AMAZON-AES)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 67.202.110.31 32748 (STEADFAST)
10 2a00:1450:400... 15169 (GOOGLE)
2 208.100.17.185 32748 (STEADFAST)
1 2600:9000:206... 16509 (AMAZON-02)
2 54.208.157.219 14618 (AMAZON-AES)
1 104.126.36.152 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.16.39.14 13335 (CLOUDFLAR...)
1 2 54.228.206.35 16509 (AMAZON-02)
3 3 185.33.221.91 29990 (ASN-APPNEX)
2 54.73.214.170 16509 (AMAZON-02)
1 184.30.24.185 16625 (AKAMAI-AS)
1 67.202.110.24 32748 (STEADFAST)
6 6 213.19.147.151 26120 (RHYTHMONE)
9 11 34.252.253.152 16509 (AMAZON-02)
18 63.33.123.138 16509 (AMAZON-02)
6 184.30.24.198 16625 (AKAMAI-AS)
2 23.37.42.132 16625 (AKAMAI-AS)
3 3 3.126.56.137 16509 (AMAZON-02)
2 6 34.98.64.218 15169 (GOOGLE)
5 8 185.33.221.11 29990 (ASN-APPNEX)
1 1 185.86.137.107 201081 (SMARTADSE...)
1 2 63.251.114.182 29791 (VOXEL-DOT...)
2 2 54.93.43.1 16509 (AMAZON-02)
1 34.200.78.134 14618 (AMAZON-AES)
2 2 52.49.59.93 16509 (AMAZON-02)
1 199.232.137.44 54113 (FASTLY)
9 9 18.185.180.173 16509 (AMAZON-02)
6 6 185.29.132.144 30419 (MEDIAMATH...)
1 1 64.202.112.191 23352 (SERVERCEN...)
1 1 3.225.15.51 14618 (AMAZON-AES)
1 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 3.231.119.144 14618 (AMAZON-AES)
1 150.136.25.38 31898 (ORACLE-BM...)
1 1 64.202.112.63 23352 (SERVERCEN...)
2 2 198.148.27.140 19189 (PULSEPOINT)
2 3 151.101.14.49 54113 (FASTLY)
8 13 142.250.186.162 15169 (GOOGLE)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.52 2514 (INFOSPHER...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
4 4 2620:116:800d... 16509 (AMAZON-02)
4 5 37.157.6.245 198622 (ADFORM)
5 5 66.155.71.25 13768 (COGECO-PEER1)
1 1 18.198.126.47 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
5 72.251.249.9 29791 (VOXEL-DOT...)
1 1 69.173.151.80 26667 (RUBICONPR...)
1 2 159.253.128.188 36351 (SOFTLAYER)
3 4 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 185.64.189.115 62713 (AS-PUBMATIC)
2 4 69.173.144.165 26667 (RUBICONPR...)
2 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 52.46.130.13 16509 (AMAZON-02)
2 2 213.155.156.181 1299 (TELIANET ...)
7 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
7 7 52.49.193.31 16509 (AMAZON-02)
2 185.86.138.144 201081 (SMARTADSE...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
11 185.64.190.80 62713 (AS-PUBMATIC)
1 1 188.165.4.142 16276 (OVH)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 2 2001:678:cb4:... 56396 (TURN)
2 2 18.193.31.194 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 185.64.190.81 62713 (AS-PUBMATIC)
2 2 146.59.148.16 16276 (OVH)
1 1 51.255.68.171 16276 (OVH)
2 5 52.48.248.240 16509 (AMAZON-02)
1 54.87.182.193 14618 (AMAZON-AES)
1 52.48.170.220 16509 (AMAZON-02)
359 102
2    199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
7    192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
buffalonews.com
36    104.18.130.43 (United States)

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    13.226.159.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-22.dus51.r.cloudfront.net
tags.crwdcntrl.net
7    2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.bntech.io
3    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
app.worldtable.co
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    104.16.60.230 (United States)

ASN13335 (CLOUDFLARENET, US)
player.field59.com
11    13.226.159.63 (United States)

ASN16509 (AMAZON-02, US)
tagan.adlightning.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.245.253.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-253-34.eu-west-1.compute.amazonaws.com
ad.crwdcntrl.net
15    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
6    65.9.24.128 (Orlando, United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
16    2600:1901:0:94b6:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
the-world-table.firebaseio.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2a03:2880:f045:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:206f:f600:2:36a1:2f40:21 (United States)

ASN16509 (AMAZON-02, US)
d81mfvml8p5ml.cloudfront.net
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
js.matheranalytics.com
3    2.19.34.195 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    2a02:26f0:12d::58dd:dd0b (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
b-code.liadm.com
1    104.18.12.242 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    13.226.156.128 (United States)

ASN16509 (AMAZON-02, US)
d1z2jf7jlzjs58.cloudfront.net
1    35.209.99.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
analytics.worldtable.co
8    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    34.102.205.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
a.leetemplates.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
7    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a2996485052c7313ba81abb470fb9eab.safeframe.googlesyndication.com
c1a55b195c3f5a2e07e1e5cb882c16d3.safeframe.googlesyndication.com
19    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    65.9.189.60 (United States)

ASN16509 (AMAZON-02, US)
cdn.parsely.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    54.198.41.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
www.i.matheranalytics.com
6    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
13    52.95.123.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2600:9000:2182:ba00:7:5031:dc0:21 (United States)

ASN16509 (AMAZON-02, US)
dn1i8v75r669j.cloudfront.net
1    2600:1f18:730:b110:b216:4622:d058:b1a9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.86.196.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp4.liadm.com
2    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a03:2880:f145:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    104.16.88.26 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p1.parsely.com
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    67.202.110.31 (United States)

ASN32748 (STEADFAST, US)
ic.tynt.com
10    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    208.100.17.185 (United States)

ASN32748 (STEADFAST, US)
de.tynt.com
1    2600:9000:206f:aa00:e:98bf:5f00:21 (United States)

ASN16509 (AMAZON-02, US)
dkpklk99llpj0.cloudfront.net
2    54.208.157.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.liadm.com
1    104.126.36.152 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
sli.buffalonews.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    104.16.39.14 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-sic.33across.com
2    54.228.206.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
map.go.affec.tv
3    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
2    54.73.214.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
am.freshrelevance.com
1    184.30.24.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-185.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    67.202.110.24 (United States)

ASN32748 (STEADFAST, US)
sic.33across.com
6    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
11    34.252.253.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-253-152.eu-west-1.compute.amazonaws.com
match.adsrvr.org
18    63.33.123.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
6    184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
us-u.openx.net
eu-u.openx.net
8    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    63.251.114.182 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    54.93.43.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    34.200.78.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
2    52.49.59.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-59-93.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
9    18.185.180.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
6    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    3.225.15.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-15-51.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    3.231.119.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-119-144.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
13    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
1    124.146.215.52 (Setagaya-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
ams.creativecdn.com
4    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
5    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
5    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    69.173.151.80 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    213.155.156.181 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    52.49.193.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-193-31.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    188.165.4.142 (France)

ASN16276 (OVH, FR)
green.erne.co
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    18.193.31.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
pixel.onaudience.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
dsp.nrich.ai
5    52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    54.87.182.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
thrtle.com
1    52.48.170.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ml314.com
Apex Domain
Subdomains		 Transfer
36 townnews.com
bloximages.chicago2.vip.townnews.com
485 KB
35 googlesyndication.com
pagead2.googlesyndication.com
a2996485052c7313ba81abb470fb9eab.safeframe.googlesyndication.com
tpc.googlesyndication.com
c1a55b195c3f5a2e07e1e5cb882c16d3.safeframe.googlesyndication.com
918 KB
35 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
273 KB
30 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
81 KB
20 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
76 KB
18 gumgum.com
rtb.gumgum.com
5 KB
16 firebaseio.com
the-world-table.firebaseio.com
7 KB
12 adnxs.com
secure.adnxs.com
acdn.adnxs.com
ib.adnxs.com
40 KB
11 rubiconproject.com
eus.rubiconproject.com
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
17 KB
11 adsrvr.org
match.adsrvr.org
5 KB
11 adlightning.com
tagan.adlightning.com
186 KB
10 ampproject.org
cdn.ampproject.org
196 KB
9 bidswitch.net
x.bidswitch.net Failed
4 KB
9 google.com
ampcid.google.com
analytics.google.com
adservice.google.com
www.google.com
1 KB
9 google-analytics.com
www.google-analytics.com
75 KB
8 buffalonews.com
buffalonews.com
sli.buffalonews.com
72 KB
7 bidr.io
match.prod.bidr.io
3 KB
7 lijit.com
ap.lijit.com
ce.lijit.com
8 KB
7 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
4 KB
7 bntech.io
api.bntech.io
13 KB
7 crwdcntrl.net
tags.crwdcntrl.net
ad.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
16 KB
7 cookielaw.org
cdn.cookielaw.org
118 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
6 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
i.liadm.com
15 KB
5 sitescout.com
pixel-sync.sitescout.com
3 KB
5 adform.net
c1.adform.net
2 KB
5 tynt.com
cdn.tynt.com
sc.tynt.com
ic.tynt.com
de.tynt.com
9 KB
5 googletagmanager.com
www.googletagmanager.com
258 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 1rx.io
sync.1rx.io
3 KB
4 33across.com
cdn-sic.33across.com
sic.33across.com
ssc.33across.com
133 KB
4 google.de
www.google.de
ampcid.google.de
767 B
4 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
41 KB
4 cloudfront.net
d81mfvml8p5ml.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
dn1i8v75r669j.cloudfront.net
dkpklk99llpj0.cloudfront.net
21 KB
4 worldtable.co
app.worldtable.co
analytics.worldtable.co
20 KB
3 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
1 KB
3 everesttech.net
sync-tm.everesttech.net
845 B
3 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
315 B
3 facebook.com
www.facebook.com
388 B
3 googletagservices.com
www.googletagservices.com
95 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 field59.com
player.field59.com
183 KB
2 onaudience.com
pixel.onaudience.com
808 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 turn.com
ad.turn.com
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 adition.com
dsp.adfarm1.adition.com
1002 B
2 de17a.com
d5p.de17a.com
637 B
2 rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
461 B
2 simpli.fi
um.simpli.fi
1 KB
2 tapad.com
pixel.tapad.com
980 B
2 creativecdn.com
creativecdn.com
ams.creativecdn.com
699 B
2 contextweb.com
bh.contextweb.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 3lift.com
eb2.3lift.com
746 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 freshrelevance.com
am.freshrelevance.com
5 KB
2 affec.tv
map.go.affec.tv
1 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
19 KB
2 google.ch
adservice.google.ch
964 B
2 leetemplates.com
a.leetemplates.com
338 B
2 facebook.net
connect.facebook.net
93 KB
2 onetrust.com
geolocation.onetrust.com
585 B
2 googleapis.com
imasdk.googleapis.com
storage.googleapis.com
139 KB
2 gstatic.com
www.gstatic.com
13 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 ml314.com
ml314.com
422 B
1 thrtle.com
thrtle.com
1 nrich.ai
dsp.nrich.ai
489 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 erne.co
green.erne.co
323 B
1 criteo.com
dis.criteo.com
284 B
1 exelator.com
loadm.exelator.com
616 B
1 rfihub.com
p.rfihub.com
711 B
1 socdm.com
tg.socdm.com
834 B
1 emxdgt.com
cs.emxdgt.com
1 zemanta.com
b1sync.zemanta.com
281 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
614 B
1 outbrain.com
sync.outbrain.com
626 B
1 taboola.com
trc.taboola.com
241 B
1 resonate.com
cdn.resonate.com
204 B
0 addthis.com Failed
x.dlx.addthis.com Failed
359 87
Domain Requested by
36 bloximages.chicago2.vip.townnews.com buffalonews.com
bloximages.chicago2.vip.townnews.com
19 tpc.googlesyndication.com tagan.adlightning.com
buffalonews.com
cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
18 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
16 the-world-table.firebaseio.com app.worldtable.co
16 securepubads.g.doubleclick.net buffalonews.com
securepubads.g.doubleclick.net
www.googletagservices.com
cdn-sic.33across.com
14 pagead2.googlesyndication.com buffalonews.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
13 cm.g.doubleclick.net 8 redirects rtb.gumgum.com
u.openx.net
aax-eu.amazon-adsystem.com
bcp.crwdcntrl.net
13 aax-eu.amazon-adsystem.com 1 redirects tagan.adlightning.com
aax-eu.amazon-adsystem.com
rtb.gumgum.com
u.openx.net
ap.lijit.com
ads.pubmatic.com
11 simage2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
11 match.adsrvr.org 9 redirects i.liadm.com
u.openx.net
aax-eu.amazon-adsystem.com
11 tagan.adlightning.com buffalonews.com
tagan.adlightning.com
10 cdn.ampproject.org buffalonews.com
9 x.bidswitch.net i.liadm.com
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
buffalonews.com
analytics.worldtable.co
8 ib.adnxs.com 5 redirects acdn.adnxs.com
7 match.prod.bidr.io 7 redirects
7 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
7 api.bntech.io buffalonews.com
api.bntech.io
tagan.adlightning.com
7 cdn.cookielaw.org buffalonews.com
cdn.cookielaw.org
7 buffalonews.com info.silobreaker.com
buffalonews.com
6 sync.mathtag.com 6 redirects
6 ads.pubmatic.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
6 c.amazon-adsystem.com buffalonews.com
c.amazon-adsystem.com
cdn-sic.33across.com
5 ce.lijit.com ap.lijit.com
5 pixel-sync.sitescout.com 5 redirects
5 c1.adform.net 4 redirects image6.pubmatic.com
5 www.google.com 2 redirects buffalonews.com
5 www.googletagmanager.com buffalonews.com
www.googletagmanager.com
4 token.rubiconproject.com 3 redirects aax-eu.amazon-adsystem.com
4 pixel.quantserve.com 4 redirects
4 sync.1rx.io 4 redirects
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 bcp.crwdcntrl.net 1 redirects tagan.adlightning.com
bcp.crwdcntrl.net
3 pixel.rubiconproject.com 1 redirects aax-eu.amazon-adsystem.com
3 sync-tm.everesttech.net 2 redirects rtb.gumgum.com
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
3 us-u.openx.net 1 redirects u.openx.net
3 ups.analytics.yahoo.com 3 redirects
3 secure.adnxs.com 3 redirects
3 www.facebook.com connect.facebook.net
buffalonews.com
3 www.googletagservices.com tagan.adlightning.com
securepubads.g.doubleclick.net
3 www.google.de buffalonews.com
3 sb.scorecardresearch.com 1 redirects info.silobreaker.com
buffalonews.com
3 player.field59.com buffalonews.com
player.field59.com
tagan.adlightning.com
3 app.worldtable.co buffalonews.com
app.worldtable.co
tagan.adlightning.com
2 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
2 pixel.onaudience.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 ad.turn.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 dsp.adfarm1.adition.com 2 redirects
2 rtb-csync.smartadserver.com image6.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 pixel.tapad.com 2 redirects
2 bh.contextweb.com 2 redirects
2 dpm.demdex.net 2 redirects
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 1 redirects aax-eu.amazon-adsystem.com
2 u.openx.net 1 redirects aax-eu.amazon-adsystem.com
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 sync.targeting.unrulymedia.com 2 redirects
2 am.freshrelevance.com tagan.adlightning.com
dkpklk99llpj0.cloudfront.net
2 map.go.affec.tv 1 redirects buffalonews.com
2 googleads.g.doubleclick.net buffalonews.com
2 cdn-sic.33across.com tagan.adlightning.com
2 i.liadm.com tagan.adlightning.com
i.liadm.com
2 de.tynt.com cdn.tynt.com
2 www.i.matheranalytics.com buffalonews.com
2 adservice.google.com tagan.adlightning.com
securepubads.g.doubleclick.net
2 adservice.google.ch tagan.adlightning.com
securepubads.g.doubleclick.net
2 a.leetemplates.com storage.googleapis.com
2 b-code.liadm.com www.googletagmanager.com
tagan.adlightning.com
2 js.matheranalytics.com 1 redirects buffalonews.com
2 connect.facebook.net info.silobreaker.com
connect.facebook.net
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.gstatic.com buffalonews.com
2 info.silobreaker.com 1 redirects
1 idsync.rlcdn.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 thrtle.com bcp.crwdcntrl.net
1 dsp.nrich.ai 1 redirects
1 spl.zeotap.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 dis.criteo.com image6.pubmatic.com
1 s.amazon-adsystem.com aax-eu.amazon-adsystem.com
1 ads.yahoo.com aax-eu.amazon-adsystem.com
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 pixel-eu.rubiconproject.com 1 redirects
1 c1a55b195c3f5a2e07e1e5cb882c16d3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 loadm.exelator.com 1 redirects
1 eu-u.openx.net u.openx.net
1 ams.creativecdn.com 1 redirects
1 creativecdn.com 1 redirects
1 p.rfihub.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 b1sync.zemanta.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.outbrain.com 1 redirects
1 trc.taboola.com i.liadm.com
1 ssc.33across.com cdn-sic.33across.com
1 ssbsync.smartadserver.com 1 redirects
1 sic.33across.com tagan.adlightning.com
1 acdn.adnxs.com cdn-sic.33across.com
1 sli.buffalonews.com buffalonews.com
1 dkpklk99llpj0.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 ic.tynt.com buffalonews.com
1 sc.tynt.com tagan.adlightning.com
1 p1.parsely.com buffalonews.com
1 cdn.tynt.com tagan.adlightning.com
1 rp4.liadm.com buffalonews.com
1 rp.liadm.com 1 redirects
1 dn1i8v75r669j.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 ampcid.google.de www.google-analytics.com
1 cdn.parsely.com tagan.adlightning.com
1 a2996485052c7313ba81abb470fb9eab.safeframe.googlesyndication.com tagan.adlightning.com
1 analytics.google.com www.googletagmanager.com
1 ampcid.google.com www.google-analytics.com
1 analytics.worldtable.co tagan.adlightning.com
1 d1z2jf7jlzjs58.cloudfront.net tagan.adlightning.com
1 cdn.resonate.com info.silobreaker.com
1 d81mfvml8p5ml.cloudfront.net www.googletagmanager.com
1 storage.googleapis.com www.googletagmanager.com
1 ad.crwdcntrl.net buffalonews.com
1 imasdk.googleapis.com buffalonews.com
1 tags.crwdcntrl.net buffalonews.com
0 x.dlx.addthis.com Failed i.liadm.com
359 139
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
buffalonews.com
R3		 2021-02-24 -
2021-05-25		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust RSA CA 2018		 2020-02-25 -
2021-04-25		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
bntech.io
Amazon		 2020-05-01 -
2021-06-01		 a year crt.sh
www.kdcontracting.com
GTS CA 1D2		 2021-01-31 -
2021-05-01		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-09 -
2021-06-09		 a year crt.sh
*.adlightning.com
Amazon		 2020-07-22 -
2021-08-22		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
firebaseio.com
GTS CA 1O1		 2021-01-12 -
2021-07-11		 6 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-04 -
2021-04-03		 2 years crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
b-code.liadm.com
DigiCert Secure Site ECC CA-1		 2020-06-23 -
2021-09-22		 a year crt.sh
*.worldtable.co
Sectigo RSA Domain Validation Secure Server CA		 2020-01-08 -
2022-01-13		 2 years crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
a.leetemplates.com
GTS CA 1D2		 2021-01-24 -
2021-04-24		 3 months crt.sh
*.google.ch
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.parsely.com
Amazon		 2020-08-02 -
2021-09-02		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sli.buffalo.com
R3		 2021-03-02 -
2021-05-31		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
affec.tv
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.freshrelevance.com
Amazon		 2020-06-27 -
2021-07-27		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2020-01-02 -
2021-04-02		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2021-05-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-05 -
2022-01-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-03 -
2022-02-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
h2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-02-11 -
2021-04-20		 2 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-28 -
2021-04-13		 a month crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2020-03-22 -
2021-05-21		 a year crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh

This page contains 47 frames:

Primary Page: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Frame ID: 1DE37317FFF8674EB3B95760DC4AC369
Requests: 177 HTTP requests in this frame

Frame: https://analytics.worldtable.co/telem?data=%7B%22metric1%22%3A0%2C%22metric2%22%3A0%2C%22metric3%22%3A0%2C%22metric4%22%3A0%2C%22metric6%22%3A1%2C%22metric7%22%3A0%2C%22dimension1%22%3A%22buffalonews.com%22%2C%22dimension2%22%3A%2200000172ecefa0ea_f7a6346%22%2C%22dimension4%22%3A%22https%3A%2F%2Fapp.worldtable.co%22%2C%22dimension5%22%3Atrue%2C%22dimension7%22%3A%22the-world-table%22%2C%22wtTitle%22%3A%22Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%22%2C%22wtLocation%22%3A%22%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%22%2C%22wtSection%22%3A%22Buffalo%20News%22%7D
Frame ID: 8FFE437C2FE245A1157CA341BF233F42
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Frame ID: 77800F9DBCF2AF823428579CB09E6278
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Frame ID: 1F229D68D8078D6D56609EA65D008CF5
Requests: 6 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Frame ID: A70DC66121ED6C9EDDB0544A7C231D51
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Frame ID: 9C087A5E861E9697613588388FD5653C
Requests: 18 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Frame ID: 2DF2C04507C083A60D85488DE8F7BD8A
Requests: 17 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-0585?s=&cim=&ps=true&ls=false&duid=fb73f250d350--01f08vg4yjdv83b8zh6myzss46&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: F71F94E1BC2DA21A7CE770E7D3653D42
Requests: 8 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 56F41BAFF9A2CA2C538CA2AE5DD0AD1D
Requests: 2 HTTP requests in this frame

Frame: https://am.freshrelevance.com/tpc/
Frame ID: DFB5D141C306926C6427413949D82F99
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: E9E76D2A8C02D91207DE1D7F8ECB3F68
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 5314C4E40F73EF67052F58BBD8B0F05A
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 109B592A92D64615645C84EABB17196A
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: FC107651977AA080AA24E558A2B92351
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: FD2A6DC9CD544BFB5AFA627830021E79
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-OOz65tF1l2O6MZyZGEBjmrchfmtb2nw-&
Frame ID: F4F9FE375CEFB5E0F050A40C9B4C4FF7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: C331317E4E87AC20F21466820ED81398
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=districtm
Frame ID: 54116F4709E964BD9B13CF7A22058068
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3045499457929008087
Frame ID: 47A8094571E13C6A4F6F3DB4DA7DE5A5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=appnexus.com
Frame ID: 42D1770804404497AC70C062AF5EDBD7
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 48967FE5EE6DE4D5FDA943F37B742073
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10359810293852434939
Frame ID: 878C7B69BBA2E8DFE326CC498403DB57
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4BF13CAEBDCAFBBEC4D57AC6E7A93BAB
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=&gdpr_consent=
Frame ID: 93C469C9B0B11CC8DAD1738BA6058365
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YEYSfQAAAJVIPjoG
Frame ID: 9FA35E83D7CFB8EFF7C5DEA01EE94404
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YjMwMTM1OS05YTc5LTRlYjAtOTJhMi00NzRjNmFlNzRjMDQ=&gdpr=&gdpr_consent=
Frame ID: C94920B859201064E9BE8BCC687BEF49
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: B3DA5073816153FB822C2C0CB1B60740
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=d6e871c4-b233-4c97-a282-22cade79053e&t=1617796990
Frame ID: 026A7AAD51F094A60B57ADFBE844B0B8
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: E4315431560B2A35E6EEEA2F4C4FED61
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YEYSfsCo8YwAACQwhGwAAAAA
Frame ID: A8FDD8E4CFD26EE719DE389541C010A9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316018137507092
Frame ID: 1B8ABEAD7B813709CDBF62B5F53F4AF1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=nywOzJCYIN05R5OHRRJx&pi=gumgum&tc=1
Frame ID: 9A442A5A4749A371639B64DF59D707CC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 48168344E4D2E7D87FE1ADA075AE006E
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F5C83922B6F97CE891FEFB5E4B70F8F0
Requests: 9 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2671732945416036899
Frame ID: A5F560813C9A1A51DEB3113D809DBF19
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 00550A8EBBCD670624877E500356575B
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir
Frame ID: B5BECD0792EB7B7B098A80AB8EF70602
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252616993568915
Frame ID: 67A3C366FA55FAC4D05F3FD02532B7A5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=arhbr8T1Dj3fX4ssrottWb9T
Frame ID: 8350885CB2C066279F569179BF73258C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=C3917F33-A129-4FF8-BAD0-7A89FE18C046&ex=pubmatic.com
Frame ID: 677036387114074B7129C7D538BBE674
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 2637D335E55C5AEDDDF12B9C1CD6B11D
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
Frame ID: 90E2C46F1ED929210831798EB164324B
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir
Frame ID: 9D56BC26C52996E5C1BEB6623DA8A16F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252634159151251
Frame ID: CBFCCFDB59FB9ACE542E55E4F2BCE608
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
Frame ID: 7358E26CC8635B77287E9B5C569E2A69
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Frame ID: BDC78DE712C11B2CFF41648A2733DD70
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 6E88E19E76213AABDBCDEEF35A22001D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8n... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_r... HTTP 307
    https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

359
Requests

97 %
HTTPS

30 %
IPv6

87
Domains

139
Subdomains

102
IPs

10
Countries

3628 kB
Transfer

9553 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1?_ud=fdb284af-856f-4db5-9768-c6deb0de2351&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://js.matheranalytics.com/s/ma1527/725149308/lee/ml.js?cb=1558 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.br.js
Request Chain 129
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1615204977573&ns_c=UTF-8&cv=3.5&c8=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&c7=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1615204977573&ns_c=UTF-8&cv=3.5&c8=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&c7=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&c9=&cs_ak_ss=1
Request Chain 149
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Request Chain 153
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-0585&wpn=lc-bundle&pu=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&duid=fb73f250d350--01f08vg4yjdv83b8zh6myzss46&se=e30&dtstmp=1615204979685 HTTP 302
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-0585&wpn=lc-bundle&pu=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&duid=fb73f250d350--01f08vg4yjdv83b8zh6myzss46&se=e30&dtstmp=1615204979685&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Request Chain 212
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 216
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 221
  • https://map.go.affec.tv/map/3a/?pid=CmUMKmBGEnchLHIaA8t%2FAg%3D%3D&us_privacy=&ts=1615204984941.1 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6046127a76b79e00013919cd%26chc%3Dtt%26redirect_url%3D HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6046127a76b79e00013919cd%2526chc%253Dtt%2526redirect_url%253D HTTP 302
  • https://map.go.affec.tv/map/an/2000765467304499041?ch=6046127a76b79e00013919cd&chc=tt&redirect_url=
Request Chain 231
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962846714 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962846714 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d6e871c4-b233-4c97-a282-22cade79053e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-64302105-53bb-416a-86b9-862dd4b48e1a-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-64302105-53bb-416a-86b9-862dd4b48e1a-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-64302105-53bb-416a-86b9-862dd4b48e1a-003
Request Chain 235
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-OOz65tF1l2O6MZyZGEBjmrchfmtb2nw-&
Request Chain 236
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 237
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=districtm
Request Chain 238
  • https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3045499457929008087
Request Chain 239
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=appnexus.com
Request Chain 240
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 241
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10359810293852434939
Request Chain 248
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0585%2F0%2F52d73466035f4e368018fad901a51e8a%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&777388e8-5b73-4777-8079-74db9a19542d HTTP 302
  • https://i.liadm.com/s/e/a-0585/0/52d73466035f4e368018fad901a51e8a?mpid=7156&muid=b5a26046-127c-4d00-b219-dcaa64e75cac
Request Chain 249
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
Request Chain 250
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=777388e8-5b73-4777-8079-74db9a19542d&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0585%2F0%2F52d73466035f4e368018fad901a51e8a%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=777388e8-5b73-4777-8079-74db9a19542d&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0585%2F0%2F52d73466035f4e368018fad901a51e8a%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-0585/0/52d73466035f4e368018fad901a51e8a?mpid=82775&muid=05715401747461771571284338554917751885
Request Chain 251
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=777388e8-5b73-4777-8079-74db9a19542d HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=777388e8-5b73-4777-8079-74db9a19542d&rd=Y
Request Chain 252
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=777388e8-5b73-4777-8079-74db9a19542d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=777388e8-5b73-4777-8079-74db9a19542d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
Request Chain 253
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=777388e8-5b73-4777-8079-74db9a19542d HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=777388e8-5b73-4777-8079-74db9a19542d
Request Chain 257
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=6662429354289246574
Request Chain 258
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5b301359-9a79-4eb0-92a2-474c6ae74c04&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_5b301359-9a79-4eb0-92a2-474c6ae74c04&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3Dac00d7b6-f429-4340-9447-c7bbfc217b0d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=94b86046-127c-4500-9afb-74df214b7fd2&expires=30&ssp=gumgum2&bsw_param=ac00d7b6-f429-4340-9447-c7bbfc217b0d HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=ac00d7b6-f429-4340-9447-c7bbfc217b0d
Request Chain 259
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28_5caf6jygLEuxXNOSquSmEzF-miR_oekdow24rTlCA2IajzzQvHmuh_T6EjeRF--%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28_5caf6jygLEuxXNOSquSmEzF-miR_oekdow24rTlCA2IajzzQvHmuh_T6EjeRF--%29
Request Chain 260
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=588ac20a-716a-0869-2621-836d620f24d3
Request Chain 261
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-ebb44b4a-b667-463c-53c0-2d2ddddb6caf$ip$185.156.175.107
Request Chain 262
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-p3Je8_51lxABQY.5I0IR332C8KodsQc6rDJj
Request Chain 263
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=400413a7-8006-11eb-adba-45ecbc5c04f7
Request Chain 265
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5b301359-9a79-4eb0-92a2-474c6ae74c04&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 266
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8460029133 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a816842f-8d77-4d25-9a9b-60af248bb530 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-64302105-53bb-416a-86b9-862dd4b48e1a-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-64302105-53bb-416a-86b9-862dd4b48e1a-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-64302105-53bb-416a-86b9-862dd4b48e1a-003
Request Chain 267
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=HPnUrEl5KWVW&ev=1&pid=558355
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=&gdpr_consent=
Request Chain 270
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YEYSfQAAAJVIPjoG
Request Chain 273
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=d6e871c4-b233-4c97-a282-22cade79053e&t=1617796990
Request Chain 275
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YEYSfsCo8YwAACQwhGwAAAAA
Request Chain 276
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316018137507092
Request Chain 277
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=nywOzJCYIN05R5OHRRJx&pi=gumgum&tc=1
Request Chain 281
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=aQ58I24Mf3FyW3gnZlhlJWlffCNyW3Akb1tD_Mcs
Request Chain 282
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2686957056971588346
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO6XDOB44vyEHnnowsZ0HSk&google_cver=1
Request Chain 288
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&gdpr=0&gdpr_consent=
Request Chain 289
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=HSBOOxoiTWkGdUo_EnZXPR1xTjsGdUI8G3VNCz1m
Request Chain 290
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=KM0JCJM9-28-9KJM&gdpr=0
Request Chain 291
  • https://um.simpli.fi/lj_match?r=1615204988607&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EFB09C652EB745829FBC772A8E722CAD
Request Chain 292
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=1968a1f05710a5b116077782&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=0&gdpr_consent=
Request Chain 301
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KM0JCJM9-28-9KJM&ex=d-rubiconproject.com&status=ok
Request Chain 303
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=94b86046-127c-4500-9afb-74df214b7fd2
Request Chain 306
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KM0JCJM9-28-9KJM&sigv=1&esig=2~c3fca04414cf137d2fa1dce6f6a613ca14f7f2c0
Request Chain 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KM0JCJM9-28-9KJM&ex=d-rubiconproject.com&status=ok
Request Chain 308
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S00wSkNKTTktMjgtOUtKTQ==
Request Chain 309
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBhMWY3OTI5YzU2MmQ0MDI2NWRmYWE1NGU3OWJjZGQ1MWY5YjQ2Mg
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH-kjhgZtY6tGMGdLItMB7U&google_cver=1
Request Chain 311
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2671732945416036899
Request Chain 313
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdTZrN0FqQ1VBQUVYTGs2S3Iwdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir
Request Chain 314
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252616993568915
Request Chain 315
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=arhbr8T1Dj3fX4ssrottWb9T
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w5F_M6EpT_i60HqJ_hjARg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 319
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C3917F33-A129-4FF8-BAD0-7A89FE18C046&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C3917F33-A129-4FF8-BAD0-7A89FE18C046&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 320
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&addseg=31
Request Chain 321
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a816842f-8d77-4d25-9a9b-60af248bb530
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBNrrJRA2VyrURPT0uUJxlc&google_cver=1
Request Chain 323
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2686957056971588346
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:94b86046-127c-4500-9afb-74df214b7fd2&gdpr=0&gdpr_consent=
Request Chain 325
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2000765467304499041&gdpr=0&gdpr_consent=
Request Chain 326
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NWvdvSN1l2KP1J5LgHPqEEVaqe742tk-&gdpr=0&gdpr_consent=
Request Chain 328
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3502989270376122679&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 329
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=09-sQdTdrxPIiqhF3Im1R9OOrEHIiqBG1YqFoydO
Request Chain 330
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ac00d7b6-f429-4340-9447-c7bbfc217b0d HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ac00d7b6-f429-4340-9447-c7bbfc217b0d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=0c9cedd0-dfca-4be8-8ce3-8c5fd7762341&ssp=pubmatic&expires=30&user_group=5&bsw_param=ac00d7b6-f429-4340-9447-c7bbfc217b0d HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac00d7b6-f429-4340-9447-c7bbfc217b0d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 331
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEYSfQAAAJVIQDoG&gdpr=0&gdpr_consent=
Request Chain 332
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&gdpr=0&gdpr_consent=
Request Chain 334
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acf60116-affa-40a9-98d8-0bc4287e0934&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 342
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CF8B3BE6-6DAF-4C54-B763-68C50A99293D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
Request Chain 343
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PEGqnDtDppknFKmYa0aznG4QrcwnRvjLbhMiAGTp
Request Chain 344
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEcG9rN0FqQ1VBQUVhelNIeVZDQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADpok7AjCUAAEazSHyVCA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADpok7AjCUAAEazSHyVCA&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir
Request Chain 345
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252634159151251
Request Chain 347
  • https://pixel.onaudience.com/?partner=214&mapped=CF8B3BE6-6DAF-4C54-B763-68C50A99293D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=514256d1-f23f-4c88-8df7-fb161e47cb2a&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=452f97fe81737571 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3577360-4431-4bef-5eb6-bae9033c0250&reqId=2b383616-a60f-4cb5-6c8a-79029bf750d8&zcluid=452f97fe81737571&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3577360-4431-4bef-5eb6-bae9033c0250&reqId=2b383616-a60f-4cb5-6c8a-79029bf750d8&zcluid=452f97fe81737571&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMVV6tX1cqeWHAIhiC-l9ns&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3577360-4431-4bef-5eb6-bae9033c0250&reqId=2b383616-a60f-4cb5-6c8a-79029bf750d8&zcluid=452f97fe81737571&zdid=1332
Request Chain 348
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cdc16046-1283-4000-b5be-35cfc8bec463
Request Chain 350
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6975812139869407543&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 351
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=69c43e81-caf8-40da-95fc-9e6f593d2266&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b64c5cb8-27dc-49f4-8a16-0b9c9a730b97&expires=1&user_group=5&ssp=pubmatic&bsw_param=69c43e81-caf8-40da-95fc-9e6f593d2266 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=283&user_id=b64c5cb8-27dc-49f4-8a16-0b9c9a730b97&expires=1&user_group=5&ssp=pubmatic&bsw_param=69c43e81-caf8-40da-95fc-9e6f593d2266 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e06b7da8-4df6-464d-bb3f-2c2395102d22&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 353
  • https://bcp.crwdcntrl.net/5/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Request Chain 360
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b78dcfca-160c-493b-a08e-512779e84dc6-6046128a-4348 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b78dcfca-160c-493b-a08e-512779e84dc6-6046128a-4348
Request Chain 363
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e8264fb0-3700-478c-9f73-9bd5c973822a

359 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1x...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:51 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=da8a9cad53d962fc3bbbf4131674eab191615204971; expires=Wed, 07-Apr-21 12:02:51 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=74b9ab52890e86213c3ebfc472d4726ca73f13f6-1615204971; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
62cbeabd6fd8cc56-ZRH
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
08b3510a5f0000cc56a508f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mxWElUcWkIwIMoVW9unTR1xcTGpEU5f4mcfJ0UC2EuAtUrnV9quDOm%2BEOgYuEl3JgDTue2ZiMGh%2Bz2YSOWy475BMtQDU3IiXJe7%2F0UOs2Rvu%2BSuW4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
content-encoding
br
Primary Request article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html
buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__...
  • https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgV...
280 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
d2c7e8a5926cac8dfd90f415e07c099b78908d0cee59fca1f8b95e813aac2ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
buffalonews.com
:scheme
https
:path
/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-type
text/html; charset=UTF-8
x-loop
1
referrer-policy
strict-origin-when-cross-origin
cache-control
public, max-age=300
last-modified
Mon, 08 Mar 2021 03:54:00 GMT
x-robots-tag
noarchive
x-ua-compatible
IE=edge
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js>; rel=preload; as=script <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script
x-tncms
1.56.4; app10; 0.31s; 5.6M
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
etag
W/089a90bf9d30ca70347720cbedb624f8
content-encoding
gzip
vary
X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age
0
x-vcache
MISS
accept-ranges
bytes
content-length
52385

Redirect headers

date
Mon, 08 Mar 2021 12:02:51 GMT
location
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
cf-ray
62cbeabe192fcc56-ZRH
link
<https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
08b3510acd0000cc56f3022000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pFOdNBkr5RqCwliOIYGoG%2F4BWAby8R9wM8Farjd5GlZP612GpBqoi3MI%2Bzf0sHOSwiPrUmFN8pzcF3o4SRPmXPpuwGvSW4OgAu7HIJvc1e70kJVmiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10824922
last-modified
Wed, 09 Sep 2020 19:56:59 GMT
cf-request-id
08b351109c000023f7d8044000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f59338b-18813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac76be023f7-ZRH
expires
Wed, 29 Sep 2021 19:01:15 GMT
user.js
buffalonews.com/shared-content/art/tncms/user/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:00:34 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
137
etag
W/"60395f93-1891"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
2304
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2196532
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
cf-request-id
08b351109c000023f7d910f000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac76be323f7-ZRH
expires
Thu, 04 Nov 2021 04:50:28 GMT
common.5ee3960b4d37bc106988fa535b393865.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10647559
last-modified
Wed, 17 Jun 2020 15:23:39 GMT
cf-request-id
08b351109c000023f75fb6c000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5eea357b-8a06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac76be523f7-ZRH
expires
Fri, 25 Jun 2021 18:20:26 GMT
tnt.1477faac295a3745e4796d2263e75f11.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10659534
last-modified
Fri, 23 Oct 2020 13:08:14 GMT
cf-request-id
08b351109c000023f7c0a73000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
W/"5f92d5be-1bf3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac76be723f7-ZRH
expires
Wed, 27 Oct 2021 15:01:17 GMT
application.93d1db0a57d520951552a1dcd8fd9aeb.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10647559
last-modified
Wed, 05 Aug 2020 17:34:39 GMT
cf-request-id
08b351109d000023f7df01c000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f2aedaf-f5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac76be823f7-ZRH
expires
Tue, 10 Aug 2021 12:14:45 GMT
tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2908766
last-modified
Fri, 29 Jan 2021 17:55:48 GMT
cf-request-id
08b351109d000023f784bbb000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"60144c24-925"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac76be923f7-ZRH
expires
Wed, 02 Feb 2022 20:01:13 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
DgCf/JQeR4+J+ZEYMfLA9Q==
age
4852
vary
Accept-Encoding
content-length
4211
cf-request-id
08b3510fc70000e0070dbca000000001
x-ms-lease-status
unlocked
last-modified
Wed, 24 Feb 2021 17:18:08 GMT
server
cloudflare
etag
0x8D8D8E828181ED0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c3880db3-801e-0143-0bda-0ab45a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62cbeac60bc6e007-FRA
bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10667936
last-modified
Wed, 17 Jun 2020 15:23:12 GMT
cf-request-id
08b351109c000023f7bb810000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5eea3560-1ab8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac75bdf23f7-ZRH
expires
Fri, 25 Jun 2021 18:20:26 GMT
layout.7184a3fd9e2a26950cb17f25ecb2d516.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		130 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.7184a3fd9e2a26950cb17f25ecb2d516.css
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7697d635aedaa4ef158c2bb64e3accf0cc41fa763261508c25fef0006d662abb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1006625
last-modified
Wed, 24 Feb 2021 19:07:08 GMT
cf-request-id
08b351109a000023f7982db000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"6036a3dc-2079e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac75bd323f7-ZRH
expires
Thu, 24 Feb 2022 20:01:12 GMT
lee.ds.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/ 		63 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1614844821
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6bc5ccc0d04e6ccfbecd2bd5775b3604995e5196b4e08c179d0885e7e94925
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
359849
last-modified
Thu, 04 Mar 2021 08:00:21 GMT
cf-request-id
08b351109b000023f7d29d9000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"60409395-fc8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac75bde23f7-ZRH
expires
Fri, 04 Mar 2022 08:05:23 GMT
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4614966
last-modified
Mon, 16 Nov 2020 16:06:26 GMT
cf-request-id
08b351109d000023f76127a000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fb2a382-189c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac76bea23f7-ZRH
expires
Sat, 20 Nov 2021 08:51:21 GMT
video-js.7.8.4.397a94bb87dfd0a64ba4d3d502912e4a.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/styles/ 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/styles/video-js.7.8.4.397a94bb87dfd0a64ba4d3d502912e4a.css
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1f8289d7da4a3140226d8166094062e5312348fc06b0e09404bb0ee9135aca
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5327245
last-modified
Wed, 16 Dec 2020 15:07:00 GMT
cf-request-id
08b35110a7000023f794317000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fda2294-9cc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac77c1023f7-ZRH
expires
Sat, 01 Jan 2022 03:46:33 GMT
videojs.ima.2020.faad6d610a7700f489432ee9abfaf760.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/styles/ 		2 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/styles/videojs.ima.2020.faad6d610a7700f489432ee9abfaf760.css
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69c04056c122357b419e9b0c7eaa95fa1654c35e1b5f84d686add64f17ff94b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3413611
last-modified
Wed, 16 Dec 2020 15:06:59 GMT
cf-request-id
08b35110ac000023f77c3aa000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fda2293-94a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac77c1123f7-ZRH
expires
Sat, 01 Jan 2022 03:46:33 GMT
tnt.video.8d99fe2817ed06c4b7e68cbf826b4812.css
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/styles/tnt.video.8d99fe2817ed06c4b7e68cbf826b4812.css
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e946c38368c51a1500ed211ca45ec434d80035d7934b3f0649df7ba54d3d70
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1092142
last-modified
Fri, 19 Feb 2021 13:59:06 GMT
cf-request-id
08b35110a7000023f763b1a000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
W/"602fc42a-1ffb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac77c1423f7-ZRH
expires
Wed, 23 Feb 2022 20:01:11 GMT
cc.js
tags.crwdcntrl.net/c/6894/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-22.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 17:11:02 GMT
content-encoding
gzip
etag
W/"8cd042d9f203fe2e01747c7444f95498"
last-modified
Tue, 15 Dec 2020 16:50:47 GMT
server
AmazonS3
age
67912
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
SiTdRwBYTlCI2PcoKAeeOwK8ZIDKusyPM2JhNlTgz1rXUrgPQiRf4Q==
access.js
buffalonews.com/shared-content/art/tncms/api/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/shared-content/art/tncms/api/access.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
0d262fec5a2e1fad9c43acfd1bbde63054560a3332d9fb4e87abb2e81ab19b37

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:01:03 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
110
etag
W/"60395f93-7747"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
9740
service-worker-allowed
/
1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
api.bntech.io/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3049db4be872564809e26eea512e437046645835cc6a34783d24d5d104271c82

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:53 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		517 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10572338
last-modified
Wed, 17 Jun 2020 15:23:24 GMT
cf-request-id
08b35113a4000023f77995d000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5eea356c-205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc398d23f7-ZRH
expires
Fri, 25 Jun 2021 18:20:26 GMT
sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		1 KB
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9180a94ecd3d5f93f0fb9fcd95a68ec3a9e1decce55694bfb9e5ce6281bdd672
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10824923
last-modified
Wed, 17 Jun 2020 15:23:33 GMT
cf-request-id
08b35113a4000023f79833e000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
W/"5eea3575-5b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc399223f7-ZRH
expires
Fri, 25 Jun 2021 18:20:46 GMT
the-world-table.js
app.worldtable.co/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.worldtable.co/the-world-table.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bafd639d549f06a8dc21014dd142575090fa5625d731412cf594f4a6f52ff4c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
etag
"097684e92c084f8277f8fcdd849062559f2e08793a4ef3f505966cc960e3b45f-br"
x-cache
HIT
content-length
6969
x-served-by
cache-hhn4070-HHN
last-modified
Thu, 04 Feb 2021 11:40:45 GMT
x-timer
S1615204974.598985,VS0,VE0
date
Mon, 08 Mar 2021 12:02:53 GMT
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Location
x-cache-hits
2
videojs.7.8.4.26a390cff45ca901d0bc2567843d762d.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/ 		497 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/videojs.7.8.4.26a390cff45ca901d0bc2567843d762d.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78db01167fe726a5986416c3144750a9b9945beb8058561ec0797ee329b2aa1d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5327245
last-modified
Wed, 16 Dec 2020 15:05:57 GMT
cf-request-id
08b35110a7000023f782a89000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fda2255-7c419"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac77c1523f7-ZRH
expires
Tue, 04 Jan 2022 14:52:51 GMT
can-autoplay.min.2f8e56400253e0b33bc91649afa7cc63.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/can-autoplay.min.2f8e56400253e0b33bc91649afa7cc63.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eae4e0ad8125be62df236e4c1d5718c5e4673ff6339cc389265185699cc3501
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7563574
last-modified
Tue, 15 Jan 2019 16:52:17 GMT
cf-request-id
08b35110a7000023f75e9ac000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5c3e0fc1-2ae3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac77c1623f7-ZRH
expires
Wed, 03 Nov 2021 04:41:31 GMT
videojs.ads.6.6.5.7fd626ae17d0cbd9ad6b8be7bf2a8b7c.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/videojs.ads.6.6.5.7fd626ae17d0cbd9ad6b8be7bf2a8b7c.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d40cca6a2dd641c853bc995b45aada61fc0857c63dd668abf0937082b561c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5327245
last-modified
Wed, 16 Dec 2020 15:06:40 GMT
cf-request-id
08b35110a8000023f765add000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fda2280-69a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac77c1823f7-ZRH
expires
Tue, 04 Jan 2022 14:52:51 GMT
tnt.video.ads.vast-ima.7.1.28893abd55fa9595a24a6b236eb82930.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/tnt.video.ads.vast-ima.7.1.28893abd55fa9595a24a6b236eb82930.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b370b2f1b45465d3e34a13d89ec896089f77a3dd03c7a612ea87d0b0a6547ac6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2908236
last-modified
Fri, 29 Jan 2021 17:56:59 GMT
cf-request-id
08b35110a8000023f75cb9d000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"60144c6b-d50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac77c1b23f7-ZRH
expires
Wed, 02 Feb 2022 20:01:18 GMT
tnt.followed.notifications.6600e99595fd219e961e9882c796e61c.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/tnt.followed.notifications.6600e99595fd219e961e9882c796e61c.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
758b62cab63c4bae4f662cf7e6096948060c0c46a6bec28539d0875ed9ade529
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10738647
last-modified
Fri, 23 Oct 2020 13:08:54 GMT
cf-request-id
08b35113a5000023f75fbbf000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5e6-cf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc399323f7-ZRH
expires
Wed, 03 Nov 2021 00:04:22 GMT
tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
392129
last-modified
Fri, 23 Oct 2020 13:08:13 GMT
cf-request-id
08b35113a5000023f7d11d8000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5bd-de1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc399523f7-ZRH
expires
Fri, 05 Nov 2021 08:35:17 GMT
tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10670993
last-modified
Wed, 17 Jun 2020 15:23:23 GMT
cf-request-id
08b35113a5000023f7ce19d000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5eea356b-19fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc399723f7-ZRH
expires
Fri, 25 Jun 2021 18:20:26 GMT
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 00:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 21:11:52 GMT
server
sffe
age
560145
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3945
x-xss-protection
0
expires
Wed, 02 Mar 2022 00:27:08 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 21:11:54 GMT
server
sffe
age
581250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8653
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:35:23 GMT
messaging.js
buffalonews.com/shared-content/art/tncms/api/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/shared-content/art/tncms/api/messaging.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:01:41 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
71
etag
W/"60395f93-11aa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1259
service-worker-allowed
/
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		198 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10648059
last-modified
Fri, 23 Oct 2020 13:09:55 GMT
cf-request-id
08b35110a8000023f7d7bf9000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d623-c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeac77c1d23f7-ZRH
expires
Fri, 05 Nov 2021 06:06:07 GMT
tracking.js
buffalonews.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/shared-content/art/tncms/tracking.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:01:25 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
87
etag
W/"60395f93-a4c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1150
service-worker-allowed
/
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YyyuJSQqC/IlFtjhtrYhpg==
age
4853
vary
Accept-Encoding
cf-request-id
08b35113970000e007733db000000001
x-ms-lease-status
unlocked
last-modified
Wed, 03 Mar 2021 08:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43f20523-e01e-007e-7e06-104729000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
62cbeacc29eee007-FRA
fontawesome.edd147e4c2830f416874012247117438.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		252 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.edd147e4c2830f416874012247117438.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10742816
last-modified
Thu, 30 Jul 2020 16:51:21 GMT
cf-request-id
08b35113b7000023f7612c1000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f22fa89-3f1a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc59e023f7-ZRH
expires
Fri, 30 Jul 2021 18:01:21 GMT
tracker.js
buffalonews.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buffalonews.com/shared-content/art/stats/common/tracker.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:00:03 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 17:41:07 GMT
age
169
etag
W/"5fc92333-2242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3240
service-worker-allowed
/
buffalonews.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/buffalonews.com.png?_dc=Mar.Mon.2021
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e60092679e16296caf55a2416579d53012e25d166e20b7c36daf9b31bcf2282
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
cf-cache-status
HIT
age
24114
last-modified
Thu, 18 Jun 2020 19:45:13 GMT
strict-transport-security
max-age=604800
content-length
2413
cf-request-id
08b35113b4000023f780ad1000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5eebc449-96d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62cbeacc59e723f7-ZRH
expires
Tue, 01 Mar 2022 05:00:06 GMT
4e938746-b194-11ea-b84c-1309a4f5dbcb.png
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/4e938746-b194-11ea-b84c-1309a4f5dbcb.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ebe287af2e73150d18385835247ae96531af4aa3f041f29ab5030ef194c18e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
cf-cache-status
HIT
age
920249
last-modified
Thu, 18 Jun 2020 18:48:31 GMT
strict-transport-security
max-age=604800
content-length
1096
cf-request-id
08b35113b5000023f794385000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5eebb6ff-448"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62cbeacc59ea23f7-ZRH
expires
Sun, 07 Nov 2021 09:07:45 GMT
60441ba29aff8.image.jpg
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/3e/f3ec8a26-b994-5243-a0ec-fb7dd7771c94/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/assets/v3/editorial/f/3e/f3ec8a26-b994-5243-a0ec-fb7dd7771c94/60441ba29aff8.image.jpg?resize=1200%2C800
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3d0da252cf0822f28f4a5a781302a94872bc599eeb66f2d2bea194649593d0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
cf-cache-status
HIT
last-modified
Sun, 07 Mar 2021 00:17:38 GMT
strict-transport-security
max-age=604800
content-length
77871
cf-request-id
08b35113b5000023f791a82000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"58a63c09d3926d48910305418f20f421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 07 Mar 2022 00:27:46 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62cbeacc59eb23f7-ZRH
cf-bgj
h2pri
6d0cb4dea8681a922c27d0711d0561a7a445868f
player.field59.com/v4/vp/LEEDCC/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.field59.com/v4/vp/LEEDCC/6d0cb4dea8681a922c27d0711d0561a7a445868f
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.60.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f276448c97288b46635f8ab2ef74b7afa3575bcce00d87f0a408c6406453a1ef

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
expires
Mon, 08 Mar 2021 12:11:33 GMT
cache-control
max-age=600, public, s-maxage=600
cf-ray
62cbeacb6877cc4e-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
cf-request-id
08b35113210000cc4e69876000000001
x-ua-compatible
IE=Edge,chrome=1
buffalonews.com.js
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/postup/ 		662 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/postup/buffalonews.com.js?_dc=03.08.2021
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48602e537a47130c63187cb4259765bf3a17bae7f391f7a0b650d8dbfb18087f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
16849
last-modified
Sun, 07 Mar 2021 06:00:23 GMT
cf-request-id
08b35113bb000023f7d6012000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
W/"60446bf7-296"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc59ed23f7-ZRH
expires
Tue, 08 Mar 2022 05:00:07 GMT
4492d60c-b194-11ea-b84c-fb41f4e61c56.png
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/custom/image/4492d60c-b194-11ea-b84c-fb41f4e61c56.png?resize=400%2C34
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59d94c51aec510721e7ee56de516af7e48880d327f7fea8b480f67e955a15adb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
cf-cache-status
HIT
age
10832742
last-modified
Thu, 18 Jun 2020 18:48:15 GMT
strict-transport-security
max-age=604800
content-length
4527
cf-request-id
08b35113b6000023f763b88000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"44899001912b88262a90a1f6d8919525"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62cbeacc59ef23f7-ZRH
expires
Fri, 25 Jun 2021 18:20:26 GMT
op.js
tagan.adlightning.com/leeenterprises/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/op.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
046d14f3385c3caeac15821297b11ecd1c9551bbb9792a4e401095111d1b2eb7

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fDro5YlwBx4INiH7bDJUqSwIkCa8RQca
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 18:47:32 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"16a6bcb4ca5de61de47156c0c7f2640f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Mon, 08 Mar 2021 12:02:53 GMT
accept-ranges
bytes
content-length
13412
x-amz-cf-id
s4ML664h3tV8QGSZafGmY7xF0nrEnJ_-RLeU6mwmgNP1SSAqN5r5rQ==
x-amz-meta-git_commit
9a4f7ce
asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		941 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7563574
last-modified
Thu, 05 Nov 2020 18:39:34 GMT
cf-request-id
08b3511394000023f7d2a3e000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fa446e6-3ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc294e23f7-ZRH
expires
Sun, 07 Nov 2021 06:10:40 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:53 GMT
videojs.ima.2020.5d1da9e38d4dfc6926356436c42248a1.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/videojs.ima.2020.5d1da9e38d4dfc6926356436c42248a1.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b7704636a2c65a933e653fe446845ed0bea2510e1efac98b320444f918482e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5327246
last-modified
Wed, 16 Dec 2020 15:06:42 GMT
cf-request-id
08b35113a0000023f7acb58000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fda2282-92ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc296c23f7-ZRH
expires
Mon, 03 Jan 2022 08:01:42 GMT
tnt.video.7.ccfix.03ae5e53419af7b5c71c09c0c2fdab9f.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/shared-content/art/tncms/templates/libraries/flex/components/video/resources/scripts/tnt.video.7.ccfix.03ae5e53419af7b5c71c09c0c2fdab9f.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ea2100a3e4b5115ac915d6f176a5dbeb4599941e66d809e7f0af4f82966b372
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2908236
last-modified
Fri, 29 Jan 2021 17:57:22 GMT
cf-request-id
08b351139c000023f7a4a69000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"60144c82-22d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc296d23f7-ZRH
expires
Wed, 02 Feb 2022 20:01:18 GMT
sticky-kit.min.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/scripts/sticky-kit.min.js?_dc=1614844821
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738465a35668cea4cf13644bbaf6eeb18dfe494d6941a242d138ee87280c8a9c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
359850
last-modified
Thu, 04 Mar 2021 08:00:21 GMT
cf-request-id
08b351139c000023f75e9fe000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"60409395-cd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc296e23f7-ZRH
expires
Fri, 04 Mar 2022 08:05:23 GMT
dfp.lazy.min.js
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.min.js?_dc=1614153622
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79456b94ef17205d2e7ce09158c3c97e909feb47209e69b0590d7951759849c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1050735
last-modified
Wed, 24 Feb 2021 08:00:22 GMT
cf-request-id
08b351139d000023f7bb872000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"60360796-1292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
62cbeacc296f23f7-ZRH
expires
Thu, 24 Feb 2022 08:05:25 GMT
gtm.js
www.googletagmanager.com/ 		150 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a54054f50b4fce868194e8b8b336d38a90610119e630d53549c38f584d2da187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50551
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:53 GMT
var=tncms_siteaud
ad.crwdcntrl.net/5/c=6881/pe=y/ 		77 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.crwdcntrl.net/5/c=6881/pe=y/var=tncms_siteaud
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.253.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-245-253-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
059bc42513157b8af9033f063157dffd7a9a1c6bbc9e4f2b3bc75d52be38863d

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:53 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.213
content-type
application/javascript;charset=UTF-8
content-length
77
expires
0
ads.js
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ads/BNTy6k0ejvVfq/googleads/ 		25 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ads/BNTy6k0ejvVfq/googleads/ads.js
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d3f6463ab665b143ea05f888b01d363f3d65e32b45f106d3557f8b814bcb149a

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 08 Mar 2021 12:02:53 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
25
Content-Type
text/javascript;charset=UTF-8
ab
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ 		875 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ab
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1f53ccc2d3e1fb7bb0c211b32b7f8e7bb93f77b994660ac9628e5e0ebe3fc00d

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 08 Mar 2021 12:02:53 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
875
Content-Type
text/javascript;charset=UTF-8
sso
api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/sso
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
6a2b37628207d196780c1e4ce3f27adc580a0f9e67e91f85bbf75991c3f0741b

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:53 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
08a6dc318332eea605b4b83b0bffd06c3512071f676895f252c97ab84c04b62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"805 / 723 of 1000 / last-modified: 1615200068"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19790
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:53 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
content-encoding
gzip
server
Server
age
749
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Mon, 08 Mar 2021 11:50:23 GMT
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
HMkobIQTnIkaYOMrQDLromO2D00yuy0tTdgoJidcMbntOhP9_5MXqA==
bb454db5-14f7-4f42-afaa-f3551e68451a.json
cdn.cookielaw.org/consent/bb454db5-14f7-4f42-afaa-f3551e68451a/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/bb454db5-14f7-4f42-afaa-f3551e68451a/bb454db5-14f7-4f42-afaa-f3551e68451a.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173a1d325590ba0dba29e1aa784fe064646134fadafc34ea41e8d6f84e7c85fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
yd7k88E/IUWDJ/8TuLG9ng==
age
7111
vary
Accept-Encoding
content-length
1102
cf-request-id
08b351133e00000742d78a0000000001
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jul 2020 15:13:25 GMT
server
cloudflare
etag
0x8D81E9A77AF1251
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1c98c789-b01e-00cc-7721-04bc53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62cbeacb9c9c0742-FRA
5d7d8700-f8e7-4f86-9040-804971b9cd0e
https://buffalonews.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://buffalonews.com/5d7d8700-f8e7-4f86-9040-804971b9cd0e
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
tracker.gif
buffalonews.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buffalonews.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_upage=1&tnms_do=buffalonews.com&tnms_uri=/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&tnms_ref=&rt=1615204973415
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
age
0
etag
"48f79fed-0"
x-vcache
MISS
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
gtm.js
www.googletagmanager.com/ 		328 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94c90feec6b804cbc3ab16ee80fad6d1029534e8df646b919d4ed2812c49cc7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73429
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:53 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		164 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
62cbeaccf84cc2ef-FRA
cf-request-id
08b351141d0000c2ef18b54000000001
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		162 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:53 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
62cbeacd3886c2ef-FRA
cf-request-id
08b35114490000c2ef6c219000000001
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
serif-ds.woff2
bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/serif-ds.woff2
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1614844821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://buffalonews.com
Referer
https://bloximages.chicago2.vip.townnews.com/buffalonews.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1614844821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:54 GMT
cf-cache-status
HIT
age
10664958
last-modified
Mon, 02 Nov 2020 19:40:35 GMT
strict-transport-security
max-age=604800
content-length
26164
cf-request-id
08b35116220000cc36edb86000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"5fa060b3-6634"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62cbead03f00cc36-ZRH
expires
Wed, 03 Nov 2021 07:24:43 GMT
main-7ef0356524.css
player.field59.com/release-3.16.3/css/ 		58 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.field59.com/release-3.16.3/css/main-7ef0356524.css
Requested by
Host: player.field59.com
URL: https://player.field59.com/v4/vp/LEEDCC/6d0cb4dea8681a922c27d0711d0561a7a445868f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.60.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
969008e9123da9c1e989cffc16067096b417fc97428f509e67d209b83ff600c6

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:54 GMT
content-encoding
br
cf-cache-status
HIT
age
315682
cf-request-id
08b35117dc0000cc4ebf856000000001
last-modified
Wed, 10 Feb 2021 14:41:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
62cbead2f8a1cc4e-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires
Thu, 11 Mar 2021 06:07:10 GMT
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
track
api.bntech.io/m/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/m/track
Protocol
HTTP/1.1
Server
2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type,x-api-key,x-api-token,x-metric-type
Origin
https://buffalonews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Mon, 08 Mar 2021 12:02:54 GMT
Content-Type
application/json
Content-Length
21
Connection
keep-alive
Server
nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Token, X-API-Key, X-API-Token, X-Metric-Type
Access-Control-Allow-Methods
OPTIONS, GET, PUT
Access-Control-Allow-Origin
*
track
api.bntech.io/m/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/m/track
Requested by
Host: api.bntech.io
URL: https://api.bntech.io/js/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
68d022befcc9197da1e8fba69f61e22389c84085cc699de5c89b4a694d1ca4d2

Request headers

Referer
https://buffalonews.com/
X-Metric-Type
view
Content-Type
application/json;charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-API-Key
1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0
X-API-Token
sDHRhYNcAY76jxfUf8TSMaMu8a10WkQaw6DJ4Vi3kboimcYAGX

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 08 Mar 2021 12:02:54 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
built.txt
app.worldtable.co/ 		25 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.worldtable.co/built.txt?wtb=53840166
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8edb526b1fb165f5216a8ce3715f023767e74e7cbc2db016194bd5d30d549e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
last-modified
Thu, 04 Feb 2021 11:40:45 GMT
x-timer
S1615204975.711826,VS0,VE1
etag
"f282ac69c9f3376b01d7ec61085c384d66de4d3783eb7306f8511aff08195cde"
x-served-by
cache-hhn4073-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=36000
date
Mon, 08 Mar 2021 12:02:54 GMT
accept-ranges
bytes
access-control-allow-headers
Location
content-length
25
x-cache-hits
1
e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/ 		26 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2c5e865d153eecebe29b635da42d75cbcbddd5c82d0e081940a7443cba529c60
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:54 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
26
e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/ 		26 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2c5e865d153eecebe29b635da42d75cbcbddd5c82d0e081940a7443cba529c60
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:54 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
26
e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/ 		26 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2c5e865d153eecebe29b635da42d75cbcbddd5c82d0e081940a7443cba529c60
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:54 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
26
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.2.0/ 		325 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe83bf4d90f17ac9ecb4808ffe059d64d79d5cf6752859c37a8113584e959c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Mar 2021 12:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
lTz3ZVqTbRC0XOtXa5KYcg==
age
6249922
vary
Accept-Encoding
content-length
74003
cf-request-id
08b35119420000e007621f3000000001
x-ms-lease-status
unlocked
last-modified
Fri, 26 Jun 2020 17:33:18 GMT
server
cloudflare
etag
0x8D819F70401AE6F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3061ac18-401e-00d9-1a3b-db7eca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62cbead53bb6e007-FRA
expires
Tue, 16 Mar 2021 12:02:54 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
19
date
Mon, 08 Mar 2021 12:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 08 Mar 2021 14:02:36 GMT
gtm.js
www.googletagmanager.com/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ebdca391c928c38835fe3831c49ebf0e7098cd9b4c4a2e57d50062533fb4ed39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32008
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:55 GMT
pubads_impl_2021030401.js
securepubads.g.doubleclick.net/gpt/ 		283 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 09:38:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101872
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:55 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
34933
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Mon, 08 Mar 2021 02:20:43 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ec5f7ca5219bc2c06993f1aa180b2fa1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
hhdYYaCpRMNqHE1hQF-_8dN-to1hM-OWjztERZeItfkccEYfK93CXw==
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
951b4fc87902d71b21a6f00565e73848a37c3260bd7fd3f6c92bc4d7999175fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53759
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:55 GMT
sp-gzip-2-17-3.js
storage.googleapis.com/lee-snowplow/static/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 11:40:18 GMT
content-encoding
gzip
age
1357
x-guploader-uploadid
ABg5-Uwt-m9ddYYwO8iDDndan9b7J36FZv59cyAmMUwt1QihksljHsb6HTZhBXYVhYQ4UtF9Hj6JuA5p-X_FdoAHxiU
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26950
x-goog-meta-
last-modified
Thu, 18 Feb 2021 15:16:40 GMT
server
UploadServer
etag
"d3142accd3f370a95f561f0fbfb3114b"
vary
Accept-Encoding
x-goog-hash
crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation
1613661400000346
cache-control
max-age=31536000
x-goog-stored-content-length
26950
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 08 Mar 2022 11:40:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
mx3C3EVM9a3qpGLncSnwFY4VLgeccZWDcgHzxKnk655OaEXKW6rIIM9RHOCOGqONkLpihe0yHyIM+GpWc00Zvg==
x-fb-trip-id
664085054
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 08 Mar 2021 12:02:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
i99g3gee.js
d81mfvml8p5ml.cloudfront.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f600:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5061687072466268612b907fe4386e659886c8be0b79e117755e78312e8cb42e

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 11:58:51 GMT
content-encoding
br
last-modified
Mon, 23 Nov 2020 13:17:34 GMT
server
AmazonS3
age
245
etag
W/"8d144d8e1d627185c3191bf3c6454f78"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
7tV7a1hw0Sl8Pahi8fqUbzrLpH6kF3N5X7_3ka0LpeVUh_jLPSJC0g==
ml.br.js
js.matheranalytics.com/static/ltm/ma1527/lee/3/
Redirect Chain
  • https://js.matheranalytics.com/s/ma1527/725149308/lee/ml.js?cb=1558
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.br.js
139 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.br.js
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2c77519cfdb3f918d4e3b9f39bd2f296779e6269476bfe2be98d3eaa6cc8b183

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 08:44:36 GMT
content-encoding
br
last-modified
Fri, 12 Feb 2021 02:56:54 GMT
server
nginx
age
11900
etag
"21ae5ab1f3e0505cd90d1798478d0190"
vary
Accept-Encoding
x-cache
HIT Fri, 12 Feb 2021 03:10:04 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
41322

Redirect headers

date
Mon, 08 Mar 2021 12:02:55 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
8-gc-euw1-10924
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.34.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-34-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 09 Mar 2021 12:02:55 GMT
a-0585.min.js
b-code.liadm.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-0585.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::58dd:dd0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
805733f9624bc82e620d4dbb4c14e1bbdb1b6c567520378ba5eb23cbffaf015b

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:56 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 14:48:31 GMT
etag
"97db34fb59bdb2d890744c23adf7cc68"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3584
accept-ranges
bytes
content-length
9833
analytics.min.js
cdn.resonate.com/analytics.js/v1/101118619/ 		0
204 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/101118619/analytics.min.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:55 GMT
vary
Accept-Encoding
server
cloudflare
cf-request-id
08b3511d25000023dfed87a000000001
cf-ray
62cbeadb6f0923df-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
b-9a4f7ce-9c3d90b4.js
tagan.adlightning.com/leeenterprises/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 00:59:32 GMT
content-encoding
gzip
age
5051004
x-cache
Hit from cloudfront
content-length
20759
x-amz-meta-git_commit
9a4f7ce
last-modified
Tue, 18 Aug 2020 17:44:56 GMT
server
AmazonS3
etag
"3d023ce325e9d3643a874ad0a66a5e8d"
x-amz-version-id
bIGtI3pWPJE6g_TS3N9o1I1aF28kjQzP
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
9IE6l-BHjPh0bZ8DJi4qYnuNOTrEURW3qwsWXpRdEAJyP-3Us_fowA==
bl-a7f65f8-83165a7d.js
tagan.adlightning.com/leeenterprises/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa23750104f28bca438655d5a5682e8a8ef946cd764fb06945e03459cd7ec1d1

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:43:29 GMT
content-encoding
gzip
age
231567
x-cache
Hit from cloudfront
content-length
13666
x-amz-meta-git_commit
a7f65f8
last-modified
Fri, 05 Mar 2021 18:46:36 GMT
server
AmazonS3
etag
"070fb29ffacdfde310e7ff42d6c847c5"
x-amz-version-id
JW_9aIsQko_WHU7GiDprLbrlXBlLUE5E
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Vw0gFcHmgXl651iJ_buv10gr7Cb4wLrpZBo9yLGMAcyAb8d5-mOddw==
html5_dfp-3d38031920.js
player.field59.com/release-3.16.3/js/ 		626 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.field59.com/release-3.16.3/js/html5_dfp-3d38031920.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.60.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304812126a887ad20ef1b6f29090e50b21f07817d91c927230e7845ef1a2eb7e

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:56 GMT
content-encoding
br
cf-cache-status
HIT
age
315683
cf-request-id
08b3511d910000cc4edf00e000000001
last-modified
Wed, 10 Feb 2021 14:41:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
62cbeadc1c2acc4e-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X_REQUESTED_WITH
expires
Thu, 11 Mar 2021 20:16:41 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 07:12:27 GMT
Via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
Age
17384
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/x-javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
nIgppFV_pWYBNYYMCoxxW0h5eMaLyTajzficaVu47dOy5I1wP5byyw==
Expires
Tue, 09 Mar 2021 07:12:27 GMT
commentCount.json
the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/ 		1 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/commentCount.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
commentCount.json
the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/ 		1 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/commentCount.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
webcomponents-lite.min.js
app.worldtable.co/bower_components/webcomponentsjs/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.worldtable.co/bower_components/webcomponentsjs/webcomponents-lite.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0eace03ef257488b6f1b8abd59634fe426230dcc62d33c41fa15e4fcf33079d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
etag
"e581d48680c643bf43dfd87281a035135ea4daaf3ab9a86539c03fc1adf09def-br"
x-cache
HIT
content-length
11070
x-served-by
cache-hhn4070-HHN
last-modified
Thu, 04 Feb 2021 11:40:45 GMT
x-timer
S1615204976.065345,VS0,VE0
date
Mon, 08 Mar 2021 12:02:56 GMT
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Location
x-cache-hits
2
00000172ecefa0ea_f7a6346.json
the-world-table.firebaseio.com/sitesCustom/ 		4 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sitesCustom/00000172ecefa0ea_f7a6346.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
4
ssoConfig.json
the-world-table.firebaseio.com/sites/00000172ecefa0ea_f7a6346/ 		4 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sites/00000172ecefa0ea_f7a6346/ssoConfig.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
4
global.json
the-world-table.firebaseio.com/settings/custom/ 		4 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/settings/custom/global.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
4
00000172ecefa0ea_f7a6346.json
the-world-table.firebaseio.com/sites/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sites/00000172ecefa0ea_f7a6346.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
74968acf3b4490ad18803919659da909a3c072c772d6722bcee32f3f5fdadf6e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1851
e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/ 		26 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2c5e865d153eecebe29b635da42d75cbcbddd5c82d0e081940a7443cba529c60
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
26
e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/ 		26 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2c5e865d153eecebe29b635da42d75cbcbddd5c82d0e081940a7443cba529c60
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
26
e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/ 		26 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/sitesArticleIdsPages/00000172ecefa0ea_f7a6346/e5e5f7aa-7f70-11eb-914c-1be5982e7616.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2c5e865d153eecebe29b635da42d75cbcbddd5c82d0e081940a7443cba529c60
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
26
commentCount.json
the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/ 		1 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/commentCount.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
e7983e4cbe4202a44fcee31de71e3f58
api.bntech.io/f/css/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/ 		2 KB
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.bntech.io/f/css/1y9WbPk5fHPLhStc2nrD10OT8kK7KWn0/e7983e4cbe4202a44fcee31de71e3f58
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ec393795d92641f99813a48ac27b6ea9fc99ebc656f7b8b544a0de614ed86f4d

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
telem
analytics.worldtable.co/ Frame 8FFE 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://analytics.worldtable.co/telem?data=%7B%22metric1%22%3A0%2C%22metric2%22%3A0%2C%22metric3%22%3A0%2C%22metric4%22%3A0%2C%22metric6%22%3A1%2C%22metric7%22%3A0%2C%22dimension1%22%3A%22buffalonews.com%22%2C%22dimension2%22%3A%2200000172ecefa0ea_f7a6346%22%2C%22dimension4%22%3A%22https%3A%2F%2Fapp.worldtable.co%22%2C%22dimension5%22%3Atrue%2C%22dimension7%22%3A%22the-world-table%22%2C%22wtTitle%22%3A%22Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%22%2C%22wtLocation%22%3A%22%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%22%2C%22wtSection%22%3A%22Buffalo%20News%22%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.209.99.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2bba2e3e8a07b0445431999ba60cb5783eb610e7ae8bf9b7fcdfb4530688c44b

Request headers

Host
analytics.worldtable.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://buffalonews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://buffalonews.com/

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1562
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
commentCount.json
the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/ 		1 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/commentCount.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
commentCount.json
the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/ 		1 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/commentCount.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
commentCount.json
the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/ 		1 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-world-table.firebaseio.com/pages/000001780ef89492_ea249a7/commentCount.json
Requested by
Host: app.worldtable.co
URL: https://app.worldtable.co/the-world-table.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:56 GMT
Server
nginx
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
en.json
cdn.cookielaw.org/consent/bb454db5-14f7-4f42-afaa-f3551e68451a/75787057-4552-493b-aa72-b303111d8f91/ 		36 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/bb454db5-14f7-4f42-afaa-f3551e68451a/75787057-4552-493b-aa72-b303111d8f91/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ea2c3d4fce33fc39c77e13ff8158da021497bda2641562bceddccad972e2d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Mar 2021 12:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
abObf1Ncw/q6kJG9tQsTKA==
age
731
vary
Accept-Encoding
content-length
8489
cf-request-id
08b351206400000742ca811000000001
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jul 2020 15:13:28 GMT
server
cloudflare
etag
0x8D81E9A793B5113
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
45242e58-d01e-00f5-52ef-b3fcf7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62cbeae09b740742-FRA
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 11:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
979
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:46:37 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
166
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Mon, 08 Mar 2021 13:00:10 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Mar 2021 12:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
collect
analytics.google.com/g/ 		0
338 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-G2BL49024K&gtm=2oe2o0&_p=1579598307&sr=1600x1200&_gaz=1&ul=en-us&cid=418169557.1615204977&_s=1&dl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&dt=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&sid=1615204975&sct=1&seg=0&en=page_view&_fv=2&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
74 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G2BL49024K&cid=418169557.1615204977&gtm=2oe2o0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G2BL49024K&cid=418169557.1615204977&gtm=2oe2o0&aip=1&z=761792714
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
yy2
a.leetemplates.com/lee/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.leetemplates.com/lee/yy2
Protocol
H2
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://buffalonews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://buffalonews.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.1.12
date
Mon, 08 Mar 2021 12:02:57 GMT
content-length
0
via
1.1 google
alt-svc
clear
yy2
a.leetemplates.com/lee/ 		2 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.leetemplates.com/lee/yy2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 08 Mar 2021 12:02:57 GMT
via
1.1 google
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://buffalonews.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
961211893969940
connect.facebook.net/signals/config/ 		244 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/961211893969940?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e989ab3de96e1838a481f01da6e2d7b41d25a2ed9001491306196e7d3d7b48fd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
IqA8sbRBPsrlH6NqdPmTpuSp8j45v26UhkqT2Kl+ViY1d9N5yZOhfjAFdCOutHucQm0fUcfP9I3G5AQhcuJEpg==
x-fb-trip-id
664085054
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 08 Mar 2021 12:02:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		158 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&pid=k3jSNJYiE5RNX&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8438%2Fbuffalonews.com%2Fnews%22%7D%5D&pj=%7B%22sections%22%3A%22news%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
006013c9aa1a1e59af8101222585272cf6d3385cc4e241aa28455bf2fa97db3b

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:57 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
152
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-id
E-ytOGIC2CfKYaK5dJJ_6wTyF0R3XBCASDyRXr48rO4zSA0KwywGng==
bid
c.amazon-adsystem.com/e/dtb/ 		158 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&pid=k3jSNJYiE5RNX&cb=1&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8438%2Fbuffalonews.com%2Fnews%22%7D%5D&pj=%7B%22sections%22%3A%22news%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2a6930c66a35d3b99b2983d6f8b8be448c05066063daadbccc3828c56dcc64e5

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:57 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
152
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-id
fUmhF7gE6UZJVfkCGXWKw0r8eqm2NzojUt4lsS90-ytaD54k5QFldg==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=874061643441770&vrg=2021030401&nw_id=8438&nslots=14&eid=31060360%2C21064370%2C31060218&pub_url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&start_time=1615204977218&end_time=1615204977260&num_slots_filtered=0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=874061643441770&vrg=2021030401&nw_id=8438&nslots=14&eid=31060360%2C21064370%2C31060218&pub_url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&start_time=1615204977219&end_time=1615204977260&num_slots_filtered=0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=874061643441770&vrg=2021030401&nw_id=8438&nslots=14&eid=31060360%2C21064370%2C31060218&pub_url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&start_time=1615204977253&end_time=1615204977261&num_slots_filtered=0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=buffalonews.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=buffalonews.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		447 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=874061643441770&correlator=3497012820115741&output=ldjh&impl=fifs&eid=31060360%2C21064370%2C31060218&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=8438%2Cbuffalonews.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D8%26lee_hours%3D12%26lee_day%3D1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dchuck%2520schumer%252Ccharles%2520e.%2520schumer%252Cbiden%252Camerican%2520rescue%2520plan%252Cstimulus%26page%3Dasset%252Carticle%252Capp-editorial%252Cmd_screen%26browser%3DChrome%26sub%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1615175640&dt=1615204977478&dlt=1615204972467&idt=4601&frm=20&biw=1600&bih=1200&oid=3&adxs=799&adys=0&adks=936373113&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=418169557.1615204977&ga_sid=1615204978&ga_hid=1579598307&ga_fc=false&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
440e54d6b31226c2db1e2d0ff9ad40b8d32970afa0da634327e933fc0ae2b1ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a2996485052c7313ba81abb470fb9eab.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a2996485052c7313ba81abb470fb9eab.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=874061643441770&correlator=4005440007937659&output=ldjh&impl=fifs&eid=31060360%2C21064370%2C31060218&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=8438%2Cbuffalonews.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=pos%3Dfixed-impact-bottom%2Cbtf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D3%26lee_hours%3D12%26lee_day%3D1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dchuck%2520schumer%252Ccharles%2520e.%2520schumer%252Cbiden%252Camerican%2520rescue%2520plan%252Cstimulus%26page%3Dasset%252Carticle%252Capp-editorial%252Cmd_screen%26browser%3DChrome%26sub%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1615175640&dt=1615204977538&dlt=1615204972467&idt=4601&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1&adks=4024838314&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=418169557.1615204977&ga_sid=1615204978&ga_hid=1579598307&ga_fc=false&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2fed84395dcec53cc65a1ac3104dbb39b7c52d5ac00268a3c0fac7b8fbe5e0b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2856
x-xss-protection
0
google-lineitem-id
5407603088
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315712264
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=874061643441770&correlator=1373200054028655&output=ldjh&impl=fifs&eid=31060360%2C21064370%2C31060218&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=8438%2Cbuffalonews.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D1%26lee_hours%3D12%26lee_day%3D1&eri=1&cust_params=k%3Dchuck%2520schumer%252Ccharles%2520e.%2520schumer%252Cbiden%252Camerican%2520rescue%2520plan%252Cstimulus%26page%3Dasset%252Carticle%252Capp-editorial%252Cmd_screen%26browser%3DChrome%26sub%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1615175640&dt=1615204977541&dlt=1615204972467&idt=4601&frm=20&biw=1600&bih=1200&oid=3&adxs=798&adys=9867&adks=3708699125&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=418169557.1615204977&ga_sid=1615204978&ga_hid=1579598307&ga_fc=false&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
9cd29b4eb545ab2cbd7118710d865deeaa1cb12ff0b35002f982f4c82d4db144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4636
x-xss-protection
0
google-lineitem-id
5599122162
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138338321221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1615204977573&ns_c=UTF-8&cv=3.5&c8=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headl...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1615204977573&ns_c=UTF-8&cv=3.5&c8=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Head...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1615204977573&ns_c=UTF-8&cv=3.5&c8=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&c7=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&c9=&cs_ak_ss=1
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.34.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-34-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:02:59 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1615204977573&ns_c=UTF-8&cv=3.5&c8=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&c7=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Mon, 08 Mar 2021 12:02:57 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
p.js
cdn.parsely.com/keys/buffalonews.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/buffalonews.com/p.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.189.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a8ada0306e59c89efe6d07a907e2e90db1e172d621df4fa0c1bc1cbbf3e285e8

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 08 Mar 2021 12:02:57 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 16:53:29 GMT
server
nginx
x-amz-cf-pop
ZAG50-C1
etag
W/"602bf889-c8b9"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-id
-JiYh7cS2qt0dAIYf9EQoHDX2sXG2b365ahiqg7UxHNoeJCfHHyyGA==
expires
Tue, 09 Mar 2021 09:49:02 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Mar 2021 12:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20c1c11b35fdd1f3f57d3ff6e2d29c5c88700a4246b25040482a4420f22156e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:58 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53719
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:58 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&sec=news&pubname=The%20Buffalo%20News&ptype=article&metered=0%7C0&hier=news&cms=townnews%2Fblox&chrcnt=21313&auth=Jerry%20Zremski&artupt=1615157640&arttype=editorial&artsrc=local&artpubt=1615154400&artid=e5e5f7aa-7f70-11eb-914c-1be5982e7616&tv=js-3.0.122&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=3&tvcfg=lee&tid=bb29de70-bbbe-4a08-b005-a37f4a243a29&pid=ea7ec577-f2ce-4cab-bed7-b2d60c3af63f&dtm=1615204978547&qnm=_matherq&visible=1&tabid=d44a83bf-3207-4525-9096-d9f7f1f487b9&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&curl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html&vp=1600x1200&ds=1600x9908&tofa=1615204979&vid=1&lvidt=1615204979&duid=c36c66ea1d4c3d7c&fp=99543720&cid=ma1527&mrk=725149308&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxNTIwNDk3MTE5NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNy4xbWIiLCJoZWFwVCI6IjIzLjFtYiIsImZzdFBhaW50IjoiMjk2NiIsImZldGNoUyI6IjE4NCIsImRvbWFpblMiOiIxOTEiLCJkb21haW5FIjoiMTk5IiwiY29ublMiOiIxOTkiLCJjb25uRSI6IjQ1NCIsInNzbFMiOiIyMTkiLCJyZXF1UyI6IjQ1NCIsInJlc3BTIjoiOTU2IiwicmVzcEUiOiIxMTg0IiwiZG9tTG9hZCI6IjEyNzIiLCJkb21JbnRlciI6IjQ3ODciLCJkb21Mb2FkUyI6IjQ3OTciLCJkb21Mb2FkRSI6IjQ4MTAifSwia2V5d29yZHMiOlsiY2h1Y2sgc2NodW1lciIsImNoYXJsZXMgZS4gc2NodW1lciIsImJpZGVuIiwiYW1lcmljYW4gcmVzY3VlIHBsYW4iLCJzdGltdWx1cyJdfQ
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:02:59 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ 		0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=874061643441770&vrg=2021030401&nw_id=8438&nslots=14&eid=31060360%2C21064370%2C31060218&pub_url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&start_time=1615204978667&end_time=1615204978668&num_slots_filtered=0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=874061643441770&correlator=1242444618418729&output=ldjh&impl=fifs&eid=31060360%2C21064370%2C31060218&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=8438%2Cbuffalonews.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Darticle-big-ad%2Catf%2C70%26density%3Dstandard%26lee_group%3D10%26lee_hours%3D12%26lee_day%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3Dchuck%2520schumer%252Ccharles%2520e.%2520schumer%252Cbiden%252Camerican%2520rescue%2520plan%252Cstimulus%26page%3Dasset%252Carticle%252Capp-editorial%252Cmd_screen%26browser%3DChrome%26sub%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1615175640&dt=1615204978674&dlt=1615204972467&idt=4601&frm=20&biw=1600&bih=1200&oid=3&adxs=1025&adys=460&adks=2847312605&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=418169557.1615204977&ga_sid=1615204978&ga_hid=1579598307&ga_fc=false&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4080da65ba530171488fc4b33f7cd1c329753b111465bf529c551429aead99fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11429
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=874061643441770&vrg=2021030401&nw_id=8438&nslots=14&eid=31060360%2C21064370%2C31060218&pub_url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&start_time=1615204978692&end_time=1615204978693&num_slots_filtered=0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=874061643441770&correlator=2063444409036245&output=ldjh&impl=fifs&eid=31060360%2C21064370%2C31060218&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=8438%2Cbuffalonews.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=pos%3Dfixed-leaderboard-top%2Catf%2C50%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D6%26lee_hours%3D12%26lee_day%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3Dchuck%2520schumer%252Ccharles%2520e.%2520schumer%252Cbiden%252Camerican%2520rescue%2520plan%252Cstimulus%26page%3Dasset%252Carticle%252Capp-editorial%252Cmd_screen%26browser%3DChrome%26sub%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1615175640&dt=1615204978705&dlt=1615204972467&idt=4601&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=79&adks=2728806332&ucis=5&ifi=5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&ga_vid=418169557.1615204977&ga_sid=1615204978&ga_hid=1579598307&ga_fc=false&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c53d1e9a124aa7b6fd5b572bd6b11553d05ccbb38af3e696d98be56ce963d218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11393
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-a7f65f8-83165a7d.js
tagan.adlightning.com/leeenterprises/ Frame 7780 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa23750104f28bca438655d5a5682e8a8ef946cd764fb06945e03459cd7ec1d1

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:43:29 GMT
content-encoding
gzip
age
231570
x-cache
Hit from cloudfront
content-length
13666
x-amz-meta-git_commit
a7f65f8
last-modified
Fri, 05 Mar 2021 18:46:36 GMT
server
AmazonS3
etag
"070fb29ffacdfde310e7ff42d6c847c5"
x-amz-version-id
JW_9aIsQko_WHU7GiDprLbrlXBlLUE5E
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
BpV5SuUQRrfIDRrFllDrb5DK-gorFB2xgZlT408j4FOTauST6SHhXw==
b-9a4f7ce-9c3d90b4.js
tagan.adlightning.com/leeenterprises/ Frame 7780 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 00:59:32 GMT
content-encoding
gzip
age
5051007
x-cache
Hit from cloudfront
content-length
20759
x-amz-meta-git_commit
9a4f7ce
last-modified
Tue, 18 Aug 2020 17:44:56 GMT
server
AmazonS3
etag
"3d023ce325e9d3643a874ad0a66a5e8d"
x-amz-version-id
bIGtI3pWPJE6g_TS3N9o1I1aF28kjQzP
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
9Dyq1N1jAB---cHNr417j-8WbOsX3g0IsPbJcBgmQcsZUgAK9bhhRw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7780 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:58 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:58 GMT
bl-a7f65f8-83165a7d.js
tagan.adlightning.com/leeenterprises/ Frame 1F22 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa23750104f28bca438655d5a5682e8a8ef946cd764fb06945e03459cd7ec1d1

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:43:29 GMT
content-encoding
gzip
age
231571
x-cache
Hit from cloudfront
content-length
13666
x-amz-meta-git_commit
a7f65f8
last-modified
Fri, 05 Mar 2021 18:46:36 GMT
server
AmazonS3
etag
"070fb29ffacdfde310e7ff42d6c847c5"
x-amz-version-id
JW_9aIsQko_WHU7GiDprLbrlXBlLUE5E
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
4hhmq9R9_tHTMJzyOqlj-7u6mJOvm56q89gMCvWVJbwpQPgWgwf_xg==
b-9a4f7ce-9c3d90b4.js
tagan.adlightning.com/leeenterprises/ Frame 1F22 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 00:59:32 GMT
content-encoding
gzip
age
5051008
x-cache
Hit from cloudfront
content-length
20759
x-amz-meta-git_commit
9a4f7ce
last-modified
Tue, 18 Aug 2020 17:44:56 GMT
server
AmazonS3
etag
"3d023ce325e9d3643a874ad0a66a5e8d"
x-amz-version-id
bIGtI3pWPJE6g_TS3N9o1I1aF28kjQzP
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
jt8hhhwaFKH11eFCwsf1r3wcrK19Z_o4ysIa6pKzx5mIYf0oufxySQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F22 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:59 GMT
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::58dd:dd0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:59 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 09:48:23 GMT
etag
"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-amz-meta-version
0.2.0
content-type
application/javascript
cache-control
max-age=459
accept-ranges
bytes
content-length
2374
7ccc1eb6-3cb3-4aa7-aeca-38a60c1ea448
https://buffalonews.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://buffalonews.com/7ccc1eb6-3cb3-4aa7-aeca-38a60c1ea448
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
b4489dc1-0b22-4836-af74-8fd0dd157205
https://buffalonews.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://buffalonews.com/b4489dc1-0b22-4836-af74-8fd0dd157205
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
655d2288-4712-4027-ab4b-844f93be55df
https://buffalonews.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://buffalonews.com/655d2288-4712-4027-ab4b-844f93be55df
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame A70D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
280 B
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
54ab33bf7927f92752e316b76a8976c658f90cb87860bcc209846562f2e133fa

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://buffalonews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A4E7VCKOv0iastt8hyiNNAQ|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://buffalonews.com/

Response headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:01 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
219
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A4E7VCKOv0iastt8hyiNNAQ; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 12:03:01 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 12:03:01 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:00 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Set-Cookie
ad-id=A4E7VCKOv0iastt8hyiNNAQ|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 12:03:00 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
/
dn1i8v75r669j.cloudfront.net/v/ 		47 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dn1i8v75r669j.cloudfront.net/v/?w=i99g3gee
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b26ba6878ca7429d5fc284f9a15753c98dddda891406044ecd58847f0664e518

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:00:17 GMT
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
age
163
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
KbAtOcYkSikDW6oOs5oOyBOiHhe4xP1iT5xdahvIiiEpJ8hYMT84Kg==
bl-a7f65f8-83165a7d.js
tagan.adlightning.com/leeenterprises/ Frame 9C08 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa23750104f28bca438655d5a5682e8a8ef946cd764fb06945e03459cd7ec1d1

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:43:29 GMT
content-encoding
gzip
age
231571
x-cache
Hit from cloudfront
content-length
13666
x-amz-meta-git_commit
a7f65f8
last-modified
Fri, 05 Mar 2021 18:46:36 GMT
server
AmazonS3
etag
"070fb29ffacdfde310e7ff42d6c847c5"
x-amz-version-id
JW_9aIsQko_WHU7GiDprLbrlXBlLUE5E
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Y3RPnAesOoowsjY3QJFQdhevAmvkrk2ejNdj8vIAchoNJj4UFQzs5Q==
b-9a4f7ce-9c3d90b4.js
tagan.adlightning.com/leeenterprises/ Frame 9C08 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 00:59:32 GMT
content-encoding
gzip
age
5051008
x-cache
Hit from cloudfront
content-length
20759
x-amz-meta-git_commit
9a4f7ce
last-modified
Tue, 18 Aug 2020 17:44:56 GMT
server
AmazonS3
etag
"3d023ce325e9d3643a874ad0a66a5e8d"
x-amz-version-id
bIGtI3pWPJE6g_TS3N9o1I1aF28kjQzP
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
mNDrNKvGDVTR5ZSgo4iQ0ozeC5xKKoQpgsVRsa9NxOp4bcZ4J99UrQ==
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-0585&wpn=lc-bundle&pu=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7...
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-0585&wpn=lc-bundle&pu=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-...
48 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-0585&wpn=lc-bundle&pu=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&duid=fb73f250d350--01f08vg4yjdv83b8zh6myzss46&se=e30&dtstmp=1615204979685&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.196.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
261854a2664913c58d1956c532ba529898e252a789cfd45e02ca4691bba086d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:03 GMT
x-pixel-event-id
e1a10d7a-26bf-4266-b77f-df74e27e9b80
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
1
vary
Origin
content-length
48
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
4d378a205a47c100

Redirect headers

date
Mon, 08 Mar 2021 12:03:00 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-0585&wpn=lc-bundle&pu=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&duid=fb73f250d350--01f08vg4yjdv83b8zh6myzss46&se=e30&dtstmp=1615204979685&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://buffalonews.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
c1da3fc7b910e899
request-time
0
content-length
0
x-content-type-options
nosniff
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.2.0/assets/ 		18 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.2.0/assets/otFloatingFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8b76cb673b3af30f99448de96d4bfa03546c4e7808ce9c6ccaa9777efc90ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Mar 2021 12:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LROBGyipCAjpSiLc19tFcQ==
age
6247396
vary
Accept-Encoding
content-length
2966
cf-request-id
08b3512c11000007428e980000000001
x-ms-lease-status
unlocked
last-modified
Fri, 26 Jun 2020 17:33:09 GMT
server
cloudflare
etag
0x8D819F6FE6057CE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d926c310-d01e-00d7-5b41-db92c1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62cbeaf3486c0742-FRA
expires
Tue, 16 Mar 2021 12:02:59 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.2.0/assets/ 		100 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.2.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Mar 2021 12:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uHciMKc/pvNFERq4hQBWgw==
age
6247396
vary
Accept-Encoding
content-length
20976
cf-request-id
08b3512c120000074293a20000000001
x-ms-lease-status
unlocked
last-modified
Fri, 26 Jun 2020 17:33:09 GMT
server
cloudflare
etag
0x8D819F6FE54BCDE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
16c39d5b-701e-0095-2141-dbb9d5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62cbeaf348710742-FRA
expires
Tue, 16 Mar 2021 12:02:59 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-54716522-7&cid=418169557.1615204977&jid=1583634782&gjid=1109224366&_gid=806199738.1615204979&_u=aChAgUArQAQCAE~&z=194813744
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Mar 2021 12:02:59 GMT
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=1579598307&t=pageview&_s=1&dl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&ul=en-us&de=UTF-8&dt=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUArQAQC~&jid=1583634782&gjid=1109224366&cid=418169557.1615204977&tid=UA-54716522-7&_gid=806199738.1615204979&gtm=2wg2o0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html&cd16=No&cd17=Page%20View&cd20=e5e5f7aa-7f70-11eb-914c-1be5982e7616&cm1=309&z=1219863837
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 07:19:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-54716522-2&cid=418169557.1615204977&jid=551508873&gjid=658809040&_gid=806199738.1615204979&_u=aCjAgUArQAQCAE~&z=1364459949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Mar 2021 12:02:59 GMT
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1579598307&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&ul=en-us&de=UTF-8&dt=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=free%20view&el=not%20metered&ev=1&_u=aCjACUArRAQCAG~&jid=933362331&gjid=264547879&cid=418169557.1615204977&tid=UA-54716522-2&_gid=806199738.1615204979&_r=1&gtm=2wg2o0TDWDC2&cd1=desktop&cd2=buffalonews.com&cd3=editorial&cd4=asset&cd5=article&cd6=news&cd12=e5e5f7aa-7f70-11eb-914c-1be5982e7616&cd13=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill&cd14=By%20Jerry%20Zremski%0ANews%20Washington%20Bureau%20Chief&cd15=03%2F07%2F2021&cd17=null&cd20=anonymous&cd23=news&cg1=news&cd21=Buffalo&cd22=flex-editorial&cd24=local&cd25=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html&cd30=21&cd54=chuck%20schumer&cd55=charles%20e.%20schumer&cd56=biden&cd57=american%20rescue%20plan&cd64=featured&cd75=chuck%20schumer%2Ccharles%20e.%20schumer%2Cbiden%2Camerican%20rescue%20plan%2Cstimulus&cd76=featured%20%20%20%20%20%20%20%20%20&cd77=21313&cd78=1&cd79=&cd80=&cd82=&cd85=no&cd86=no&cd108=1&cd109=not%20metered&cd110=subscription&cd111=3&cd89=418169557.1615204977&z=1952346615
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:02:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		89 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TQ9PK73&t=gtm263&cid=418169557.1615204977
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb59bbc9cc51b4bfeec9f8082ac485fc8e290e98364e4827f5607e27f095c083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:02:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35087
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:02:59 GMT
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1579598307&t=pageview&_s=1&dl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&ul=en-us&de=UTF-8&dt=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAgUArQAQCAE~&jid=551508873&gjid=658809040&cid=418169557.1615204977&tid=UA-54716522-2&_gid=806199738.1615204979&gtm=2wg2o0TDWDC2&cd1=desktop&cd2=buffalonews.com&cd3=editorial&cd4=asset&cd5=article&cd6=news&cd12=e5e5f7aa-7f70-11eb-914c-1be5982e7616&cd13=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill&cd14=By%20Jerry%20Zremski%0ANews%20Washington%20Bureau%20Chief&cd15=03%2F07%2F2021&cd16=5%3A00%20pm&cd17=null&cd23=news&cg1=news&cd21=Buffalo&cd22=flex-editorial&cd24=local&cd25=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html&cd30=21&cd31=Partly%20Cloudy&cd54=chuck%20schumer&cd55=charles%20e.%20schumer&cd56=biden&cd57=american%20rescue%20plan&cd58=stimulus&cd64=featured&cd75=chuck%20schumer%2Ccharles%20e.%20schumer%2Cbiden%2Camerican%20rescue%20plan%2Cstimulus&cd76=featured%20%20%20%20%20%20%20%20%20&cd77=21313&cd78=1&cd79=&cd80=&cd82=&cd85=no&cd86=no&cd102=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&cd103=Jerry%20Zremski&cd104=By%20Jerry%20Zremski%0ANews%20Washington%20Bureau%20Chief%2C%20Jerry%20Zremski&cd105=0&cd106=Page%20View&cd111=3&cd115=no&cd118=e5e5f7aa-7f70-11eb-914c-1be5982e7616&cd89=418169557.1615204977&z=1285418597
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 13:55:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79673
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bl-a7f65f8-83165a7d.js
tagan.adlightning.com/leeenterprises/ Frame 2DF2 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-a7f65f8-83165a7d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa23750104f28bca438655d5a5682e8a8ef946cd764fb06945e03459cd7ec1d1

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:43:29 GMT
content-encoding
gzip
age
231572
x-cache
Hit from cloudfront
content-length
13666
x-amz-meta-git_commit
a7f65f8
last-modified
Fri, 05 Mar 2021 18:46:36 GMT
server
AmazonS3
etag
"070fb29ffacdfde310e7ff42d6c847c5"
x-amz-version-id
JW_9aIsQko_WHU7GiDprLbrlXBlLUE5E
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Ay7Yp6_2YsESl49vjVnkAYllLywyk55cwPYAWqZwNGenZP1yqFGjWQ==
b-9a4f7ce-9c3d90b4.js
tagan.adlightning.com/leeenterprises/ Frame 2DF2 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 00:59:32 GMT
content-encoding
gzip
age
5051009
x-cache
Hit from cloudfront
content-length
20759
x-amz-meta-git_commit
9a4f7ce
last-modified
Tue, 18 Aug 2020 17:44:56 GMT
server
AmazonS3
etag
"3d023ce325e9d3643a874ad0a66a5e8d"
x-amz-version-id
bIGtI3pWPJE6g_TS3N9o1I1aF28kjQzP
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
xcr8oC5nDgnBsda6oTvn3JU3tZ4xi0YmBvu4skVpHS7KkbUExLFDUQ==
/
www.facebook.com/tr/ 		0
78 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryR0K0TPJ9b29RWMlL

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 08 Mar 2021 12:03:00 GMT
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&rl=&if=false&ts=1615204980333&cd[custom_param]=buffalonews.com&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1615204980307.555554963&it=1615204977055&coo=false&rqm=GET
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 08 Mar 2021 12:03:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7780 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLqmya-tXSD_YWpcZ4Npn9R1ndG6XepjXRs8vEXWy-FtiX99X786Ko9xI0Q1mJ0pU0c1Hp4Wxi8rav8nHxSmLXvYY76X8Czb4iY5w74DRqBOUBCt8mGKleW0ockMAk9vRRi6t5JD-iZLX_idp9wqbL-e71kmAChb8edfvjLfezzsU9UHTSGvMSIkb0EFUcVuWPEc00PqAUs2Y2fWlre0ZjGojXHlwA9tWv4AdXAWJmemyuFP47JrqH05E5TcVsnG2sZmodXJ61zYNMEIbBaT-J-ZHExDdb9S_mf8mTDoQKyDCew4dprgwB6ZeIb_30f5cZp5MCDg&sai=AMfl-YSExeeEOw2FvkDi2XkXti-lxN9QuUbHUatQ1OD32DVSj3RZnGtZaNaZwa6U6s8fy67h6P97CGF_FfypwfqUwk7e3Icw6-4k6YhB_gao9zhOUtY55UEX4_0aoodFthqy&sig=Cg0ArKJSzMTG2rbrAAQKEAE&urlfix=1&adurl=
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rciv.js
cdn.tynt.com/ Frame 7780 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 18:27:52 GMT
server
cloudflare
age
47227
etag
W/"5f401228-3dbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
62cbeafa7d8123f7-ZRH
cf-request-id
08b3513090000023f78026c000000001
expires
Thu, 11 Mar 2021 12:03:00 GMT
truncated
/ Frame 7780 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d923da11830d49142090dfe01166b72b1048e0967b4dc49aeb71100e03c54fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1F22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk7KyHIw5l8UpOdz3K8A-2FZjME4Wj3i8KSGjXRT3o-QoFbuoJ9ItQGT2Yc_wSElqax8WLnIGUoSgm5BcExUld36wuePrNjZSKhyLOz3phZizd1bH6lGmmmuWtV6nSBIn3XSMtHpVOd7-NJACPaxqFBpaD8zeKvakPryy5oEFkt-M7oYkBM01p2R76ZUfa5alrxzIpwCo2w9PFQU6IZCITTSejNH05t9J3rx1BjU6h31sdXMzVXF5JCR-0flQp9sgnyxi-DM18egamknyROMaMBDZqxxoP1T-RL0TW4WIYONJDjhmBWcPnc1KNILR9GMRHxgkeUw&sai=AMfl-YS0EZaa63bfwKg2o1h1gmH7mISJFhF6HiqBLAl7sn_uzIIVHh3EuSO7eclWG4WyhIJt47SQGUxNR897nJ0w3plZY4sNn-YtqW2WEhAC9G_96cmBp8NLazyf_CCLoF6I&sig=Cg0ArKJSzP8grajWTNxBEAE&urlfix=1&adurl=
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 1F22 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23d66bfd85b203b713fa742858f524bb3b7a097f73c6b96d643434a7d3bbe661

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1F22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9spm7GvoOjWjMLM0HxAv0MbvjQFdvvhmzdjDDs88SENQLmnKiM-TLQR98EZi7YVFggS9T0xIIVgepPXTGipaJB88V6Bn9v2QOQ1XoopQnJv6QOOOT5klqL7hazJBVVGcwdMBBsMZfFo6eKPM2mbsSZt1NIpovxH9ox7DiFmR7qi7tqWqcSsNWsK2DaQ5_WNA6bAhctCA61HUKT13yS1GzNhZoCcp3lpEOSrndQ3j5a5khF-zYZlce1rTPg_8vthd6I12K7npuuGmpJ2IhOGTa0bLiWr40IRGLxAo8r6BiIkWQgcX_ZtJhuQ&sai=AMfl-YRLVMCQIpZwMDbv-ENmw1ThNRQ8ok5GVmTM67gxrk1UB6gpr1mSi-VnDgoT_Ea-Hm74guQkl7HfT5P4kW3Da2x_6sZqu7BXeyeONenp1X62gaPLG4z4YyruR5gCm42T&sig=Cg0ArKJSzHwJvj9WjduREAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:03:01 GMT
analytics.js
www.google-analytics.com/ Frame 8FFE 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: analytics.worldtable.co
URL: https://analytics.worldtable.co/telem?data=%7B%22metric1%22%3A0%2C%22metric2%22%3A0%2C%22metric3%22%3A0%2C%22metric4%22%3A0%2C%22metric6%22%3A1%2C%22metric7%22%3A0%2C%22dimension1%22%3A%22buffalonews.com%22%2C%22dimension2%22%3A%2200000172ecefa0ea_f7a6346%22%2C%22dimension4%22%3A%22https%3A%2F%2Fapp.worldtable.co%22%2C%22dimension5%22%3Atrue%2C%22dimension7%22%3A%22the-world-table%22%2C%22wtTitle%22%3A%22Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%22%2C%22wtLocation%22%3A%22%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%22%2C%22wtSection%22%3A%22Buffalo%20News%22%7D
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://analytics.worldtable.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
25
date
Mon, 08 Mar 2021 12:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 08 Mar 2021 14:02:36 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1615204981925&plid=23914567&idsite=buffalonews.com&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&sref=&sts=1615204981535&slts=0&title=Buffalo+to+get+%24350+million+in+federal+pandemic+stimulus+bill+%7C+Latest+Headlines+%7C+buffalonews.com&date=Mon+Mar+08+2021+13%3A03%3A01+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=44981596&u=pid%3Db07cb380a42e4a4d57f0503dea38ab89
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:03 GMT
Cache-Control
no-cache
Last-Modified
Monday, 08-Mar-2021 12:03:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/ 		0
63 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8q42QyiuLWvI5DBa

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 08 Mar 2021 12:03:02 GMT
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
buffalonews.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/buffalonews.com.png?_dc=1
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e60092679e16296caf55a2416579d53012e25d166e20b7c36daf9b31bcf2282
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:02 GMT
cf-cache-status
HIT
age
1109565
last-modified
Thu, 18 Jun 2020 19:45:13 GMT
strict-transport-security
max-age=604800
content-length
2413
cf-request-id
08b35135fe000023f7c3b6a000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5eebc449-96d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62cbeb032da323f7-ZRH
expires
Fri, 05 Nov 2021 10:29:01 GMT
10021800501015277314
tpc.googlesyndication.com/simgad/ 		474 KB
474 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10021800501015277314?
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
901f6f683cfd0a098d95cab6136cf448445be1264652e581ed1ee6756edcfd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:47:33 GMT
x-content-type-options
nosniff
age
479729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
485106
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:04:59 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 22:47:33 GMT
collect
www.google-analytics.com/g/ 		0
149 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe2o0&_p=1579598307&sr=1600x1200&ul=en-us&cid=418169557.1615204977&_s=1&dl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&dt=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&sid=1615204978&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.asset_id=e5e5f7aa-7f70-11eb-914c-1be5982e7616&ep.skin_name=flex-editorial&ep.subscription_required=No&epn.blox_render_time=309&up.logged_in=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-54716522-2&cid=418169557.1615204977&jid=551508873&_u=aCjAgUArQAQCAE~&z=721569466
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-54716522-2&cid=418169557.1615204977&jid=551508873&_u=aCjAgUArQAQCAE~&z=721569466
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-54716522-2&cid=418169557.1615204977&jid=933362331&gjid=264547879&_gid=806199738.1615204979&_u=aCjACUArRAQCAG~&z=1777828514
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Mar 2021 12:03:02 GMT
content-type
text/plain
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
d6p0I2JKir6OkyaKlId8sQ.js
sc.tynt.com/script/sc/ Frame 7780 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/d6p0I2JKir6OkyaKlId8sQ.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a4de7a844fc0f5703af1499a0b68bc682f17ae009db714f04d6e3debce73a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
577980
status
200 OK
x-xss-protection
1; mode=block
x-request-id
4851da18-36ab-4505-87d2-8c828e346fba
x-runtime
0.002542
x-content-digest
710bf49b10b2cd213df073567767b8906feaf6eb
last-modified
Mon, 01 Mar 2021 15:11:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-request-id
08b3513801000023f79837f000000001
cf-ray
62cbeb066eed23f7-ZRH
x-rack-cache
fresh
expires
Mon, 01 Mar 2021 20:26:18 GMT
p
ic.tynt.com/b/ 		35 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=d6p0I2JKir6OkyaKlId8sQ&lm=6&ts=1615204982755&dn=RCIV&iso=0&img=https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fbuffalonews.com%2Fcontent%2Ftncms%2Fassets%2Fv3%2Feditorial%2Ff%2F3e%2Ff3ec8a26-b994-5243-a0ec-fb7dd7771c94%2F60441ba29aff8.image.jpg%3Fcrop%3D1763%252C992%252C0%252C91%26resize%3D1120%252C630%26order%3Dcrop%252Cresize&ct=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill&t=Buffalo%20to%20get%20%24350%20million%20in%20federal%20pandemic%20stimulus%20bill%20%7C%20Latest%20Headlines%20%7C%20buffalonews.com&cu=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html&ah=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.amp.html
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:03 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 9C08 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340788
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9C08 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340788
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9C08 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340788
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9C08 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340788
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9C08 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340789
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
9376906660101899672
tpc.googlesyndication.com/simgad/ Frame 9C08 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9376906660101899672?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk4bpeo8IqsiBBfyCcW2XHYB582wQ
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb9b82f7c28a53fa5dd62011098a08184d347101bfd23ab117dccd02deb742ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:48:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 11:42:06 GMT
server
sffe
age
504867
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58752
x-xss-protection
0
expires
Wed, 02 Mar 2022 15:48:35 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9C08 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
13205
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 09 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9C08 		295 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
45491
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 08 Mar 2021 23:24:51 GMT
l
www.google.com/ads/measurement/ Frame 9C08 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUoo_jWSN1hHxKmQe5Ry9JpICZdClecDt-ZZ1J32DGRm7UViqcOgacqRGLHnryO8a4nOK3p4SHycCI7XV6bV7pDQKjGQ
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 9C08 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5AfjchJGYLzMLPGgrATzmoWYB_TP56BhndTBk_AM29keEAEgjeDLIWD1lc6B4ASgAaiV99ADyAECqQJfzxmwC8R9PuACAKgDAcgDCKoE5ANP0DRmeEs2aW8RDse7L7FndUg5zwvUkTkQ3yIB_7rZBn4Sd5XBf3IvQnxb_8Rh78NLmpRbRePYCCxUpIdaeWbC5eaSde4dVaJA3sa5lnHzZHrEOi_XbzT0bB02w3G48xiuaauDVE8TFrookuGrSS3dm4JVy2HbJ5BRgO1pJCXPf1_HRqPFekokxEdRz-nG3EktzexvA7fK6xldH9F6Gl0gx2IUfeMqab3EA8HX83t-FdG4UTzLC69FaYCdNlFmhTWJvoMFA8Ku_QyErLmXLV_DuIDfGteEnIRZjpMvvZ6RJPQDH3-bf_ZoxpG1BJrKyasNBz1kWOW1Zp3gatmseNnEFUnJCy2mP03F8Fez4KCc83zvExiw5rdTjWWmnEsEOq-ADWC5YfqfunvIsLnDtlnfFz4md8rRMsMx_NlndJz5nY1it9V8bhO92tzF4r2upCPAAJS9PwAE-fnP663sWzCtNGlO-jNcaz-MLRK69oW-X6RzmjJjqga-7d44wLV7Fr_mm0M-x3fxpCZwZ-sb6wqmdomwXEKrTyhBB3EjYn7i05VJHw0KuqHMKUevJYs1KKgj8SasU7K5JgpMifAmNFefPGgU5Glw2G2TMTGWf3vbSrXeIiIf79hPqVzQhHwXfHhE59TcwAS6yv7VjwLgBAGSBQQIBBgBkgUECAUYBKAGAoAHwOqIL6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDfqirSCAcIgGEQARgdgAoDyAsB2BMMshcaChgIABIUcHViLTc0Mzg5OTAyMzQxNDE4OTg&sigh=iO78Hw9ezFE&tpd=AGWhJmtLaa9vYsgX57sm2-gDNch3DflnWLB6AV2wuP595r8U_g
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 9C08 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88953d407030bfea3303da17541d2ea79529bd79fba686ec3517b0459a9ec1a4

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 2DF2 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340789
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 2DF2 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340789
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 2DF2 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340789
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 2DF2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340789
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 2DF2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
340789
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2DF2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
13206
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 09 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2DF2 		295 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
45492
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 08 Mar 2021 23:24:51 GMT
11552835161013832836
tpc.googlesyndication.com/simgad/ Frame 2DF2 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11552835161013832836?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qktjxSgGBfuiMWCT7MB8rR3kR1WbA
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bfd8178dc873988372e42f9637ef615906a823413fdf8dd1896c61f1dfdba94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 00:18:32 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 13:33:43 GMT
server
sffe
age
128671
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138008
x-xss-protection
0
expires
Mon, 07 Mar 2022 00:18:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2DF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWUepchJGYOTOLo6H3wPt3I_QA-vggKth87qsjrYNl4Kd-6EdEAEg5cX6HWD1lc6B4ASgAcmP5bkDyAECqQL7tjVzOA6yPuACAKgDAcgDCKoE2wNP0N8XD4X3DekxOqBPJHAgVTqIG2tMHIdlPj5QuRFhljM4SU1q8a16fVJUsCU_81QEkyrnBlk7Xbow58pIQ2I1bdbCu1FA8kRJjSoEbg7PVl6TJf90N4pLCZFudgWXTjxX1hBsGSIDRwsJSVjdsRCZZ_qVGgCvrvbEpAnEbXw2tqfvi95LQnX1n_p9zDHMVHU0X8ehKO65oiBufQsCgAHuiTilOL94LoT4mzWAllC18K1EvCCZSecGuddI36iUVbl8NU5RCk25aFWr39_KE-bfX6UJmsb_sPVu9AnGsw8xoDTIkxUCbYGZOPYcVjeza_OuYMX7xXC_kUM6L6vjYeODbNeop_OcZYyRVUUD3qy583ov4a4_hLyW2uGQHU3TTrYoiyammmIU3ZzvDLwPfEVMHylXye9SfS0fYGDzFKKwPEE9ICEDCPPoMlnomJWIPqV-jzUHemplJz7FRRDcb7jy8Bpzs0zCHqxPo5mZKWGns0ZymuK_CEVHfOi1zlav-jVx0y_C_CXFIZkpz1Yz5HSS6uzC6v-qUd8JSlCQUl6i8JrOfzhtPrKTMKd7zQGiAJ79khLi-HFdbGY440eakh1WEQdnZF1BD1-S4HE0fXDE3fr6ch5fvhFIOavcwATisdayuwPgBAGSBQQIBBgBkgUECAUYBKAGAoAHn_CaRqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDk9wzSCAcIgGEQARgdgAoByAsB2BMNshcaChgIABIUcHViLTk1MTc4Mzg5NTM5Njg5OTA&sigh=Tizlj3pkP_k&tpd=AGWhJmtmo45c3e5hEsHHNS8w2SYQtfUa43h9wY3ChhnTZ__h4A
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 2DF2 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d605439e03bb15af53416ac8dc05cb9fbacf9881a804a8287a2d456f9b49d59

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
v2
de.tynt.com/deb/ 		601 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=d6p0I2JKir6OkyaKlId8sQ&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
634bb0212cde8036b2b67c7d8999b52a8a035b9f797aac5cf6b7f78444fc2207

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:04 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
601
expires
Sat, 26 Jul 1997 05:00:00 GMT
i99g3gee_1606137453919.js
dkpklk99llpj0.cloudfront.net/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:aa00:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 13:22:12 GMT
content-encoding
br
last-modified
Mon, 23 Nov 2020 13:17:46 GMT
server
AmazonS3
age
9067253
etag
W/"c1157a2d0ff0aa862fb2fbffb06ab4d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
OZGCVTzlrHfTB93sQfNIts9OZckh4mtBL6x7BqljiqmejKAKQtT83A==
Cookie set a-0585
i.liadm.com/s/c/ Frame F71F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-0585?s=&cim=&ps=true&ls=false&duid=fb73f250d350--01f08vg4yjdv83b8zh6myzss46&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.157.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
9807b4c475c5a564d0a0084dd0e559fd80adb2a18b94a62602cacb26b65e02eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
i.liadm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://buffalonews.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lidid=777388e8-5b73-4777-8079-74db9a19542d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://buffalonews.com/

Response headers

Cache-Control
private, no-cache, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Mar 2021 12:03:06 GMT
ETag
1.61803398874
Set-Cookie
_li_ss=MgUIBhD0DjIFCAoQ9A4yBQh6EPMOMgYIiwEQ9A4yBQgLEPQOMgUICxD0DjIFCHkQ8w4; Max-Age=2592000; Expires=Wed, 07 Apr 2021 12:03:06 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Content-Length
640
Connection
keep-alive
baker
sli.buffalonews.com/ 		19 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.buffalonews.com/baker?dtstmp=1615204983928
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.36.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Expires
Mon, 08 Mar 2021 12:03:04 GMT
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-54716522-2&cid=418169557.1615204977&jid=933362331&_u=aCjACUArRAQCAG~&z=1980659744
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-54716522-2&cid=418169557.1615204977&jid=933362331&_u=aCjACUArRAQCAG~&z=1980659744
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ Frame 7780 		439 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
9a38ed42fd72929c1cdebc651707cad6af2f236e309a77ccba91b25e5a2eef05

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 22:08:41 GMT
server
cloudflare
age
407964
x-powered-by
Love
etag
W/"603eb769-6ddca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
62cbeb138e9bcc42-ZRH
cf-request-id
08b35140360000cc424a2d0000000001
expires
Mon, 08 Mar 2021 13:03:04 GMT
v2
de.tynt.com/deb/ 		4 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=d6p0I2JKir6OkyaKlId8sQ&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:04 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2DF2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 08 Mar 2021 12:03:04 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
11552835161013832836
tpc.googlesyndication.com/simgad/ Frame 2DF2 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11552835161013832836?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qktjxSgGBfuiMWCT7MB8rR3kR1WbA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bfd8178dc873988372e42f9637ef615906a823413fdf8dd1896c61f1dfdba94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 00:18:32 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 13:33:43 GMT
server
sffe
age
128672
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138008
x-xss-protection
0
expires
Mon, 07 Mar 2022 00:18:32 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2DF2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
13207
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 09 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2DF2 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
45493
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 08 Mar 2021 23:24:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9C08
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 08 Mar 2021 12:03:04 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
9376906660101899672
tpc.googlesyndication.com/simgad/ Frame 9C08 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9376906660101899672?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk4bpeo8IqsiBBfyCcW2XHYB582wQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb9b82f7c28a53fa5dd62011098a08184d347101bfd23ab117dccd02deb742ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:48:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 11:42:06 GMT
server
sffe
age
504869
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58752
x-xss-protection
0
expires
Wed, 02 Mar 2022 15:48:35 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9C08 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
13207
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 09 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9C08 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
45493
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 08 Mar 2021 23:24:51 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 56F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
fc8cbf5a35532137fd68de77a639b965065c14026147fd1be69b47e124726ab6

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:06 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
690
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
2000765467304499041
map.go.affec.tv/map/an/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CmUMKmBGEnchLHIaA8t%2FAg%3D%3D&us_privacy=&ts=1615204984941.1
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6046127a76b79e00013919cd%26chc%3Dtt%26redirect_url%3D
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6046127a76b79e00013919cd%2526chc%253Dtt%2526redirect_url%253D
  • https://map.go.affec.tv/map/an/2000765467304499041?ch=6046127a76b79e00013919cd&chc=tt&redirect_url=
0
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/an/2000765467304499041?ch=6046127a76b79e00013919cd&chc=tt&redirect_url=
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.206.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:11 GMT
Content-Encoding
gzip
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html

Redirect headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:10 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.50:80
AN-X-Request-Uuid
44483993-0d20-42f5-82a2-5f279ed9870b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://map.go.affec.tv/map/an/2000765467304499041?ch=6046127a76b79e00013919cd&chc=tt&redirect_url=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
am.freshrelevance.com/tpc/ Frame DFB5 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/tpc/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.214.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
659e26afd851b282697fa087c97ed0943dcbf3511689ef5b717c1e61f9ff1dd4

Request headers

:method
GET
:authority
am.freshrelevance.com
:scheme
https
:path
/tpc/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://buffalonews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://buffalonews.com/

Response headers

date
Mon, 08 Mar 2021 12:03:06 GMT
content-length
4662
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
view
securepubads.g.doubleclick.net/pcs/ Frame 7780 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpvXJCeSJ6BZvS1qfgMQrAdqMmmKmMAxEo72kzZt9daeZ_3YQLBA_d5rO3wxh8R3UsMWRa_oStljyIXSsKZYt713UN_xxMJuuVrKdmP7HMRXRxGTW1w2CtxhJibiVqphUtUbAM4IVTlM89_HEGswItRURLsI9yxGQcm54Uic_01xKTRTMgWuKENK4YQYYa2oOeh9tFczDIsijSB0FNS3Y11zTzVtOnt7faRc2JKb1d4M96HmRYAKJP8Lirh0hCGekAYcuNtPnS9742LmWe-CCRKprVVtLzjlD4V2MOfq8haUeOXQg20USvFA&sai=AMfl-YRsV_t1NziXlSBQoDDF3ESFpFEwlNpFWNaKCMPv64vqXthmPq7tV3Zo7ZXVieWQrADI-HWCZsjlk32mbdas5d7ev2VGeJLjBR3xAaDAP_pGc6cIbkmNMbDW4cgGE2yy&sig=Cg0ArKJSzJv08LbekfjWEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:05 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:03:05 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 22:08:41 GMT
server
cloudflare
age
407969
x-powered-by
Love
etag
W/"603eb769-1c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
62cbeb178f30cc42-ZRH
cf-request-id
08b35142b50000cc4251aec000000001
expires
Mon, 08 Mar 2021 13:03:05 GMT
ast.js
acdn.adnxs.com/ast/ Frame E9E7 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-185.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 14:55:39 GMT
Server
nginx/1.13.10
ETag
"6022a26b-15c8c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
30966
Expires
Tue, 09 Mar 2021 12:03:08 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5314 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
content-encoding
gzip
server
Server
age
761
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Mon, 08 Mar 2021 11:50:23 GMT
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
-7krzUu9m-jy-m4JDT1rVYetYmivKCSz_GL-3KGx6bvxU7bsWq2_2g==
authorize
sic.33across.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=&version=3.14.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&product=inview&userId=&sessionId=&publisherURL=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&referrerURL=&publisherId=d6p0I2JKir6OkyaKlId8sQ&publisher=lee_buffalonews.com&maxTouchPoints=0&navigatorPropsCount=56&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=10067&_=1615204985524&callback=_tynt_jp.a5llh4l5c
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/ Love
Resource Hash
69681f203aa6991d124b957f5923b4f332a77bcd4ee796cb728eb9eb1cae9760
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-powered-by
Love
etag
W/"748-ksvbxcWMn1ml74EK1dalxt4CkWI"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With, Authorization
activeview
pagead2.googlesyndication.com/pcs/ Frame 2DF2 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAZU5RiIG1NTCTWGQPTexvwkTl-zjWZvaqKSnzsnnG1ystBfqQ2PNDUQVs85KNyc_KbtZgxwLGYPIxrdjBPazNVe_oJOfYw7HBIDhuGoY5Gpn5j8hpnWEImx4TCq7l_wgU41WaBzkXX7hxNgeIZw&sai=AMfl-YQ3I9PkCUgzeqJluHl0e5NNM99eYg2Ty04HrxvZxm147VjtjQ45GO4O3TmfHK4z2WlGF3cjlcQQ7e_nloR2BmL1B0lUzQT2F_MVAGMZl7vWscfQkntn1kiVN-U&sig=Cg0ArKJSzPATnzBqNGHSEAE&cid=CAASFeRoy7zEwVps7XRoqBZ5YM2G2qFIQQ&id=ampim&o=315,78&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,0,1003,1003&tos=0,0,0,1003,0&tfs=995&tls=1998&g=100&h=100&tt=1998&r=v&avms=ampa&adk=2728806332
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9C08 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKuCLJ3FNjwSUg8l2ic4fBY84hm3-YSJW2T5lj81weNPIGLlqlyvmJqEy9KQftSTxB6eyiBY35kOFnepJyNfHumcd-BdaDVaE-2EcQ5jMI2xmo4jbB-Z1XHdw&sai=AMfl-YSBDiq0Guxrbyv9B_CtMx0iuUjaSRwvvuK9n4iyOfx8TdCyW7IrsBH6qAm7_ivVYn5_6FkwuFr2SGev1bXD6JXMPHyne4FdXAVV7yXE0pQOiuZwfi-tIvyGqI8&sig=Cg0ArKJSzDSrRZ4nlfE6EAE&cid=CAASFeRo1Mx-iJep_fgbX-yZWb5CYxbKMA&id=ampim&o=1025,619&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1018&mtos=0,0,1018,1018,1018&tos=0,0,1018,0,0&tfs=903&tls=1921&g=96.83333039283752&h=96.83333039283752&tt=1921&r=v&avms=ampa&adk=2847312605
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5314 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
34944
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Mon, 08 Mar 2021 02:20:43 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ec5f7ca5219bc2c06993f1aa180b2fa1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
69goY-OXupAXwmv7__i25MsDk1d6mAjy_VFJH9LUOL1Gx_YlFN0YsA==
usersync
rtb.gumgum.com/ Frame 56F4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962846714
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=962846714
  • https://sync.1rx.io/usersync/tradedesk/d6e871c4-b233-4c97-a282-22cade79053e
  • https://sync.targeting.unrulymedia.com/csync/RX-64302105-53bb-416a-86b9-862dd4b48e1a-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-64302105-53bb-416a-86b9-862dd4b48e1a-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-64302105-53bb-416a-86b9-862dd4b48e1a-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-64302105-53bb-416a-86b9-862dd4b48e1a-003
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Mon, 08 Mar 2021 12:03:11 GMT
Server
Tengine
ETag
RX6430210553bb416a86b9862dd4b48e1a003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-64302105-53bb-416a-86b9-862dd4b48e1a-003
Connection
keep-alive
Content-Type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame 109B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
87eab7c89934f3d02f9276c98852c1980097291c85ab71017d086cf5db3e814c

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:06 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_5b301359-9a79-4eb0-92a2-474c6ae74c04; Domain=.gumgum.com; Expires=Tue, 08-Mar-2022 12:03:06 GMT; Path=/; Secure; SameSite=None
etag
W/"0fe4c5893ce8348eb5c5a899b0f15784e"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC10 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=94927
Expires
Tue, 09 Mar 2021 14:25:14 GMT
Date
Mon, 08 Mar 2021 12:03:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FD2A 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Mar 2021 12:03:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F4F9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-OOz65tF1l2O6MZyZGEBjmrchfmtb2nw-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-OOz65tF1l2O6MZyZGEBjmrchfmtb2nw-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:07 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Mon, 08 Mar 2021 12:03:07 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1wvo;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Wed, 09-Mar-2022 12:03:07 GMT;Secure;SameSite=None A3=d=AQABBHsSRmACEO65zK0PYnEwfIeOxUD52hUFEgEBAQFjR2BPYAAAAAAA_SMAAA&S=AQAAAt7zvS8whluT1h2JfYMRCkk; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=1bmnp81g4c4jr&b=3&s=f2; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-OOz65tF1l2O6MZyZGEBjmrchfmtb2nw-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
cm
u.openx.net/w/1.0/ Frame C331
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
628 B
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
9ce4711de2399476a322fdf12ad0ea792f866282f33f919fc0cd329c0ce56717

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7c1b5923-f0f8-0fc8-1b8c-5b68ce781668|1615204987
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7c1b5923-f0f8-0fc8-1b8c-5b68ce781668|1615204987; Version=1; Expires=Tue, 08-Mar-2022 12:03:07 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1615204987|gen0vNiygu; Version=1; Expires=Tue, 23-Mar-2021 12:03:07 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 08 Mar 2021 12:03:07 GMT
content-type
text/html
content-length
392
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=7c1b5923-f0f8-0fc8-1b8c-5b68ce781668|1615204987; Version=1; Expires=Tue, 08-Mar-2022 12:03:07 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Mon, 08 Mar 2021 12:03:07 GMT
content-length
0
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5411
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=districtm
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:09 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Mon, 08 Mar 2021 12:03:08 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=districtm
AN-X-Request-Uuid
65dce624-ef4a-479b-b512-11cb3f0ccf5c
Set-Cookie
uuid2=6662429354289246574; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 06-Jun-2021 12:03:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 47A8
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3045499457929008087
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3045499457929008087
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:07 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Mon, 08 Mar 2021 12:03:06 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=3045499457929008087
set-cookie
pid=3045499457929008087; expires=Fri, 08 Apr 2022 12:02:07 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 42D1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:09 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Mon, 08 Mar 2021 12:03:08 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6662429354289246574&ex=appnexus.com
AN-X-Request-Uuid
33e841ba-00cd-4335-8bd2-197a437fb5dd
Set-Cookie
uuid2=6662429354289246574; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 06-Jun-2021 12:03:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.7:80
Cookie set amazon
ap.lijit.com/beacon/ Frame 4896
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
deaa8393485376e02f65c7c46f1d7ff2ca83fb384b4339e50a00686d2a43c8ed

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=1968a1f05710a5b116077782
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 08 Mar 2021 12:03:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjI0U7IyNDM0MzE0MbWw0FGyMEDlG6FyjVG5Jij8WgB5%2BA%2F2;Path=/;Domain=.lijit.com;Expires=Tue, 08-Mar-2022 12:03:08 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=1968a1f05710a5b116077782;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ewr1

Redirect headers

Server
nginx
Date
Mon, 08 Mar 2021 12:03:07 GMT
Content-Length
0
Set-Cookie
ljt_reader=1968a1f05710a5b116077782;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ewr1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 878C
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10359810293852434939
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10359810293852434939
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:07 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Mon, 08 Mar 2021 12:03:07 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=10359810293852434939
set-cookie
tluid=10359810293852434939; Max-Age=7776000; Expires=Sun, 06 Jun 2021 12:03:07 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 7780 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstL309-eT5ENv5Wxqh3egBMoXOg8ZmgAJ9r4D2kVp5pE-HBamw3uwz0sCXdnQr-tWEneNzO_hUtPdwczlZmiDyGHE5zY0Hgeh0p2H6CL30&sig=Cg0ArKJSzCx1e48G4bpHEAE&id=osdim&mcvt=1178&p=0,800,1,801&mtos=1178,1178,1178,1178,1178&tos=1178,0,0,0,0&v=20210303&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4024838314&rs=4&met=ce&la=0&cr=0&osd=0&vs=4&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4BF1 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
08a6dc318332eea605b4b83b0bffd06c3512071f676895f252c97ab84c04b62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"805 / 755 of 1000 / last-modified: 1615200068"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19790
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:03:06 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E9E7 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:08 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid
d14dc4f0-5c79-465c-ace5-3e166c835581
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E9E7 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:08 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid
83ed3176-ddaf-47ec-ac46-46eeefc37d34
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E9E7 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:09 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid
3573ff6c-45c2-4135-b5a7-80ed47c1acb7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://buffalonews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
exchange
ssc.33across.com/api/ 		88 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
87a40f6207a611dbce5fdf30d66a557ef6cd70e7dc990c39d90a628a3b72a5a9

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Mar 2021 12:03:09 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://buffalonews.com
access-control-allow-credentials
true
52d73466035f4e368018fad901a51e8a
i.liadm.com/s/e/a-0585/0/ Frame F71F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0585%2F0%2F52d73466035f4e368018fad901a51e8a%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&777388e8-5b73-4777-8079-74d...
  • https://i.liadm.com/s/e/a-0585/0/52d73466035f4e368018fad901a51e8a?mpid=7156&muid=b5a26046-127c-4d00-b219-dcaa64e75cac
0
0
generic
match.adsrvr.org/track/cmb/ Frame F71F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
0
0
52d73466035f4e368018fad901a51e8a
i.liadm.com/s/e/a-0585/0/ Frame F71F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=777388e8-5b73-4777-8079-74db9a19542d&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0585%2F0%2F52d73466035f4e368018fad901a51e8a%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=777388e8-5b73-4777-8079-74db9a19542d&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0585%2F0%2F52d73466035f4e368018fad901a51e8a%3Fmp...
  • https://i.liadm.com/s/e/a-0585/0/52d73466035f4e368018fad901a51e8a?mpid=82775&muid=05715401747461771571284338554917751885
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-0585/0/52d73466035f4e368018fad901a51e8a?mpid=82775&muid=05715401747461771571284338554917751885
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0585?s=&cim=&ps=true&ls=false&duid=fb73f250d350--01f08vg4yjdv83b8zh6myzss46&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.157.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:09 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BcWk5BIaRdc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-0585/0/52d73466035f4e368018fad901a51e8a?mpid=82775&muid=05715401747461771571284338554917751885
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame F71F
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=777388e8-5b73-4777-8079-74db9a19542d
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=777388e8-5b73-4777-8079-74db9a19542d&rd=Y
0
0
syncd
x.bidswitch.net/ul_cb/ Frame F71F
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=777388e8-5b73-4777-8079-74db9a19542d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=777388e8-5b73-4777-8079-74db9a19542d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
0
0
sync
x.bidswitch.net/ul_cb/ Frame F71F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=777388e8-5b73-4777-8079-74db9a19542d
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=777388e8-5b73-4777-8079-74db9a19542d
0
0
/
trc.taboola.com/sg/liveintent/1/cm/ Frame F71F 		43 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0585?s=&cim=&ps=true&ls=false&duid=fb73f250d350--01f08vg4yjdv83b8zh6myzss46&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
63
pragma
no-cache
date
Mon, 08 Mar 2021 12:03:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1615204988.684887,VS0,VE63
x-served-by
cache-hhn11563-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
pubads_impl_2021030401.js
securepubads.g.doubleclick.net/gpt/ Frame 4BF1 		283 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 09:38:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101872
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:03:08 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.122&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=3&tvcfg=lee&f_privb=0&tid=e336c975-fbf5-4be4-9152-d1cc81a956bd&pid=ea7ec577-f2ce-4cab-bed7-b2d60c3af63f&dtm=1615204988689&qnm=_matherq&visible=1&tabid=d44a83bf-3207-4525-9096-d9f7f1f487b9&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&curl=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html&vp=1600x1200&ds=1600x10067&tofa=1615204989&vid=1&lvidt=1615204989&duid=7da7445562a23761&fp=99543720&cid=ma1527&mrk=725149308&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxNTIwNDk3MTE5NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNy4xbWIiLCJoZWFwVCI6IjIzLjFtYiIsImZzdFBhaW50IjoiMjk2NiIsImZldGNoUyI6IjE4NCIsImRvbWFpblMiOiIxOTEiLCJkb21haW5FIjoiMTk5IiwiY29ublMiOiIxOTkiLCJjb25uRSI6IjQ1NCIsInNzbFMiOiIyMTkiLCJyZXF1UyI6IjQ1NCIsInJlc3BTIjoiOTU2IiwicmVzcEUiOiIxMTg0IiwiZG9tTG9hZCI6IjEyNzIiLCJkb21JbnRlciI6IjQ3ODciLCJkb21Mb2FkUyI6IjQ3OTciLCJkb21Mb2FkRSI6IjQ4MTAifX0
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:09 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=6662429354289246574
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=6662429354289246574
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:09 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid
3ef02ee8-49b9-4f4c-aaf6-35f1eb7ee43c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=6662429354289246574
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5b301359-9a79-4eb0-92a2-474c6ae74c04&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_5b301359-9a79-4eb0-92a2-474c6ae74c04&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3Dac00d7b6-f429-4340-9447-c7bbfc217b0d
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=94b86046-127c-4500-9afb-74df214b7fd2&expires=30&ssp=gumgum2&bsw_param=ac00d7b6-f429-4340-9447-c7bbfc217b0d
  • https://rtb.gumgum.com/usersync?b=bsw&i=ac00d7b6-f429-4340-9447-c7bbfc217b0d
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=ac00d7b6-f429-4340-9447-c7bbfc217b0d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=ac00d7b6-f429-4340-9447-c7bbfc217b0d
date
Mon, 08 Mar 2021 12:03:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28_5caf6jygLEuxXNOSquSmEzF-miR_oekdow24rTlCA2IajzzQvHmuh_T6EjeRF--%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28_5caf6jygLEuxXNOSquSmEzF-miR_oekdow24rTlCA2IajzzQvHmuh_T6EjeRF--%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28_5caf6jygLEuxXNOSquSmEzF-miR_oekdow24rTlCA2IajzzQvHmuh_T6EjeRF--%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28_5caf6jygLEuxXNOSquSmEzF-miR_oekdow24rTlCA2IajzzQvHmuh_T6EjeRF--%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28_5caf6jygLEuxXNOSquSmEzF-miR_oekdow24rTlCA2IajzzQvHmuh_T6EjeRF--%29
Date
Mon, 08 Mar 2021 12:03:09 GMT
Connection
close
X-TraceId
a5a8a918fd086c02ab1ec5367c5ce814
Content-Length
0
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=588ac20a-716a-0869-2621-836d620f24d3
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=588ac20a-716a-0869-2621-836d620f24d3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 08 Mar 2021 12:03:08 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=588ac20a-716a-0869-2621-836d620f24d3
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-ebb44b4a-b667-463c-53c0-2d2ddddb6caf$ip$185.156.175.107
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-ebb44b4a-b667-463c-53c0-2d2ddddb6caf$ip$185.156.175.107
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-ebb44b4a-b667-463c-53c0-2d2ddddb6caf$ip$185.156.175.107
Date
Mon, 08 Mar 2021 12:03:09 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-p3Je8_51lxABQY.5I0IR332C8KodsQc6rDJj
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-p3Je8_51lxABQY.5I0IR332C8KodsQc6rDJj
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 08 Mar 2021 12:03:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-p3Je8_51lxABQY.5I0IR332C8KodsQc6rDJj
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=400413a7-8006-11eb-adba-45ecbc5c04f7
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=400413a7-8006-11eb-adba-45ecbc5c04f7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=400413a7-8006-11eb-adba-45ecbc5c04f7
Date
Mon, 08 Mar 2021 12:03:09 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
400413a8-8006-11eb-adba-45ecbc5c04f7
services
sync.technoratimedia.com/ Frame 109B 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:09 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
546464211
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5b301359-9a79-4eb0-92a2-474c6ae74c04&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8460029133
  • https://sync.1rx.io/usersync/tradedesk/a816842f-8d77-4d25-9a9b-60af248bb530
  • https://sync.targeting.unrulymedia.com/csync/RX-64302105-53bb-416a-86b9-862dd4b48e1a-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-64302105-53bb-416a-86b9-862dd4b48e1a-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-64302105-53bb-416a-86b9-862dd4b48e1a-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-64302105-53bb-416a-86b9-862dd4b48e1a-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Mon, 08 Mar 2021 12:03:11 GMT
Server
Tengine
ETag
RX6430210553bb416a86b9862dd4b48e1a003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-64302105-53bb-416a-86b9-862dd4b48e1a-003
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame 109B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=HPnUrEl5KWVW&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=HPnUrEl5KWVW&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:11 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=HPnUrEl5KWVW&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-568ff9c7d-7j8r6
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 109B 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_5b301359-9a79-4eb0-92a2-474c6ae74c04
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:10 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 93C4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=&gdpr_consent=
35 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 08 Mar 2021 12:03:09 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Cache-Control
no-cache
set-cookie
uuid=94b86046-127c-4500-9afb-74df214b7fd2; domain=.mathtag.com; path=/; expires=Tue, 05-Apr-2022 12:03:08 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 3518 2f03077 master zrh-pixel-x24
Expires
Mon, 08 Mar 2021 12:03:08 GMT
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 9FA3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YEYSfQAAAJVIPjoG
85 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YEYSfQAAAJVIPjoG
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method
GET
:authority
sync-tm.everesttech.net
:scheme
https
:path
/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YEYSfQAAAJVIPjoG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
everest_g_v2=g_surferid~YEYSfQAAAJVIQDoG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
server
Jetty(9.3.8.v20160314)
accept-ranges
bytes
date
Mon, 08 Mar 2021 12:03:10 GMT
via
1.1 varnish
age
539
x-served-by
cache-fra19158-FRA
x-cache
HIT
x-cache-hits
2287
x-timer
S1615204990.128521,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
set-cookie
everest_g_v2=g_surferid~YEYSfQAAAJVIPjoG;Path=/;Domain=.everesttech.net;Expires=Tue, 08-Mar-2022 12:03:09 GMT;SameSite=None;Secure
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YEYSfQAAAJVIPjoG
server
Jetty(9.3.8.v20160314)
accept-ranges
bytes
date
Mon, 08 Mar 2021 12:03:09 GMT
via
1.1 varnish
x-served-by
cache-fra19158-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1615204990.592386,VS0,VE96
cache-control
no-cache
pragma
no-cache
pixel
cm.g.doubleclick.net/ Frame C949 		170 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YjMwMTM1OS05YTc5LTRlYjAtOTJhMi00NzRjNmFlNzRjMDQ=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV81YjMwMTM1OS05YTc5LTRlYjAtOTJhMi00NzRjNmFlNzRjMDQ=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 08 Mar 2021 12:03:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B3DA 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=94925
Expires
Tue, 09 Mar 2021 14:25:14 GMT
Date
Mon, 08 Mar 2021 12:03:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 026A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=d6e871c4-b233-4c97-a282-22cade79053e&t=1617796990
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=d6e871c4-b233-4c97-a282-22cade79053e&t=1617796990
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=d6e871c4-b233-4c97-a282-22cade79053e&t=1617796990
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=d6e871c4-b233-4c97-a282-22cade79053e&t=1617796990
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=d6e871c4-b233-4c97-a282-22cade79053e; domain=.adsrvr.org; expires=Tue, 08-Mar-2022 12:03:10 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwi6mab0m42xORAFOAE.; domain=.adsrvr.org; expires=Tue, 08-Mar-2022 12:03:10 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame E431 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Mon, 08 Mar 2021 12:03:09 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame A8FD
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YEYSfsCo8YwAACQwhGwAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YEYSfsCo8YwAACQwhGwAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YEYSfsCo8YwAACQwhGwAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 08 Mar 2021 12:03:10 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YEYSfsCo8YwAACQwhGwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YEYSfsCo8YwAACQwhGwAAAAA; path=/; expires=Wed, 8-Mar-23 12:03:10 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
1
X-SO-HostName
a-ad40294.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":24,"gdpr":false,"ipv4":"185.156.175.107","key":"YEYSfsCo8YwAACQwhGwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40294"}
X-SO-Key
YEYSfsCo8YwAACQwhGwAAAAA
X-SO-IP
185.156.175.107
X-SO-Cluster-ID
24
X-SO-Upstream-ID
a-ad40294
usersync
rtb.gumgum.com/ Frame 1B8A
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316018137507092
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871316018137507092
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871316018137507092
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDA0Njc1MDewNBLiM9TVTQowiMyKNy0rT_WW4jU0MzQ1MjCxtLA0NzcFADNvgts0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 2 Apr 2022 12:03:09 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDA0Njc1MDewNBLiM9TVTQowiMyKNy0rT_UGAMkF8NYlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhqZGBiaWFpbm4KAJuZ3MUQAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 2 Apr 2022 12:03:09 GMT; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871316018137507092
Content-Length
0
Server
Jetty(9.0.6.v20130930)
usersync
rtb.gumgum.com/ Frame 9A44
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=nywOzJCYIN05R5OHRRJx&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=nywOzJCYIN05R5OHRRJx&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=nywOzJCYIN05R5OHRRJx&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 08 Mar 2021 12:03:10 GMT Mon, 08 Mar 2021 12:03:10 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=nywOzJCYIN05R5OHRRJx&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame FD2A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
df809d2953e51984a24a2c0f9e15ce8c6845fd227016389f1b20f2fe9fa317fc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43543
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Tue, 09 Mar 2021 00:08:52 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4816 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89957
Expires
Tue, 09 Mar 2021 13:02:26 GMT
Date
Mon, 08 Mar 2021 12:03:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C331 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=f7611a07-45d5-8bc5-8154-1117c26cee75
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:09 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C331
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=aQ58I24Mf3FyW3gnZlhlJWlffCNyW3Akb1tD_Mcs
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=aQ58I24Mf3FyW3gnZlhlJWlffCNyW3Akb1tD_Mcs
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=aQ58I24Mf3FyW3gnZlhlJWlffCNyW3Akb1tD_Mcs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C331
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2686957056971588346
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2686957056971588346
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:11 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:11 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2686957056971588346
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame C331 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=afb7667a-597f-303f-415a-9380aa5f2595&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.253.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-253-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C331 		170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODNkOGI1YjAtOTAwOC02ZTliLTU0YmEtYzkzOTYwYmRlYmY1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C331
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO6XDOB44vyEHnnowsZ0HSk&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO6XDOB44vyEHnnowsZ0HSk&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO6XDOB44vyEHnnowsZ0HSk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
am.freshrelevance.com/ 		1 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%2269r29jcewg%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22w%22%3A%22i99g3gee%22%7D%7D
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.214.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 08 Mar 2021 12:03:10 GMT
content-type
text/plain; charset=utf-8
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4896 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=1968a1f05710a5b116077782&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:10 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 4896
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4be2c4...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:12 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 08 Mar 2021 12:03:13 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://ce.lijit.com/merge?pid=16&3pid=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&gdpr=0&gdpr_consent=
alt-svc
clear
content-length
0
merge
ce.lijit.com/ Frame 4896
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=HSBOOxoiTWkGdUo_EnZXPR1xTjsGdUI8G3VNCz1m
43 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=HSBOOxoiTWkGdUo_EnZXPR1xTjsGdUI8G3VNCz1m
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:11 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=HSBOOxoiTWkGdUo_EnZXPR1xTjsGdUI8G3VNCz1m
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 4896
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=KM0JCJM9-28-9KJM&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=KM0JCJM9-28-9KJM&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:10 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=KM0JCJM9-28-9KJM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
merge
ce.lijit.com/ Frame 4896
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1615204988607&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=EFB09C652EB745829FBC772A8E722CAD
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=EFB09C652EB745829FBC772A8E722CAD
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:11 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 08 Mar 2021 12:03:10 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=EFB09C652EB745829FBC772A8E722CAD
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 07 Mar 2021 12:03:10 GMT
merge
ce.lijit.com/ Frame 4896
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=1968a1f05710a5b116077782&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:10 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 08 Mar 2021 12:03:10 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=94b86046-127c-4500-9afb-74df214b7fd2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Mar 2021 12:03:09 GMT
khaos.jpg
token.rubiconproject.com/ Frame FD2A 		284 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
integrator.js
adservice.google.ch/adsid/ Frame 4BF1 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=buffalonews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4BF1 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=buffalonews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4BF1 		439 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=487874065571060&correlator=777420442444374&output=ldjh&impl=fif&eid=31060360%2C21068607&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=32867010%2CA_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=c%3D10%26r%3D110%26d%3Dlee_buffalonews.com%26g%3Dd6p0I2JKir6OkyaKlId8sQ%26gd%3Dd6p0I2JKir6OkyaKlId8sQ%253Adesktop%26cc%3D0%26pf%3D50%26gm%3D59%26gf%3D39%26ag1%3D13%26ag2%3D19%26ag3%3D65%26ivt%3D26%26iva%3D86%26ivb%3D76%26ivc%3D69%26ivd%3D33%26ive%3D5%26ivp%3D97%26osr%3D98%26pre%3Dapnx%253Ae102%2Cttx%253At%26pre_sz%3Dapnx%253A0x0%2Cttx%253A0x0%26tier%3Dapnx%253A0%2Cttx%253A0%26hb%3D0&cookie_enabled=1&cdm=buffalonews.com&bc=31&abxe=1&lmt=1615204991&dt=1615204991306&dlt=1615204986779&idt=3481&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=8&adys=62&adks=657788913&ucis=3j6smsulsqf2&ifi=1&ifk=2166387384&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&top=https%3A%2F%2Fbuffalonews.com%2Fnews%2Fbuffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill%2Farticle_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw&vis=1&dmc=8&scr_x=0&scr_y=0&psz=284x134&msz=284x90&ga_vid=596475193.1615204991&ga_sid=1615204991&ga_hid=610634466&ga_fc=false&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
47dcc84c9ae16e65a6e185be18d946563e3485a0d68032d94577694ee5d9591d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://buffalonews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c1a55b195c3f5a2e07e1e5cb882c16d3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4BF1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c1a55b195c3f5a2e07e1e5cb882c16d3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4BF1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
showad.js
ads.pubmatic.com/AdServer/js/ Frame F5C8 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89955
Expires
Tue, 09 Mar 2021 13:02:26 GMT
Date
Mon, 08 Mar 2021 12:03:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 4816 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21229555&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
87eef777950723fdf632637445e410e19dcb02531fac8faf8be941da0c3ad105

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:11 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FD2A
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KM0JCJM9-28-9KJM&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KM0JCJM9-28-9KJM&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:12 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KM0JCJM9-28-9KJM&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4BF1 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1868c048383529f67ff56be1f4e345d846a381eeb93649e883273ded31885321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6534
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame FD2A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=94b86046-127c-4500-9afb-74df214b7fd2
42 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=94b86046-127c-4500-9afb-74df214b7fd2
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Mon, 08 Mar 2021 12:03:12 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=94b86046-127c-4500-9afb-74df214b7fd2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Mar 2021 12:03:11 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame FD2A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.253.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-253-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
709414.gif
id.rlcdn.com/ Frame FD2A 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:12 GMT
via
1.1 google
alt-svc
clear
content-length
0
v1
ads.yahoo.com/cms/ Frame FD2A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KM0JCJM9-28-9KJM&sigv=1&esig=2~c3fca04414cf137d2fa1dce6f6a613ca14f7f2c0
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KM0JCJM9-28-9KJM&sigv=1&esig=2~c3fca04414cf137d2fa1dce6f6a613ca14f7f2c0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:12 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KM0JCJM9-28-9KJM&sigv=1&esig=2~c3fca04414cf137d2fa1dce6f6a613ca14f7f2c0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame FD2A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=KM0JCJM9-28-9KJM&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KM0JCJM9-28-9KJM&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:13 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KM0JCJM9-28-9KJM&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame FD2A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S00wSkNKTTktMjgtOUtKTQ==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S00wSkNKTTktMjgtOUtKTQ==
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S00wSkNKTTktMjgtOUtKTQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FD2A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBhMWY3OTI5YzU2MmQ0MDI2NWRmYWE1NGU3OWJjZGQ1MWY5YjQ2Mg
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBhMWY3OTI5YzU2MmQ0MDI2NWRmYWE1NGU3OWJjZGQ1MWY5YjQ2Mg
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBhMWY3OTI5YzU2MmQ0MDI2NWRmYWE1NGU3OWJjZGQ1MWY5YjQ2Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FD2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH-kjhgZtY6tGMGdLItMB7U&google_cver=1
42 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH-kjhgZtY6tGMGdLItMB7U&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH-kjhgZtY6tGMGdLItMB7U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame A5F5
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2671732945416036899
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2671732945416036899
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21229555&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=C3917F33-A129-4FF8-BAD0-7A89FE18C046; chkChromeAb67Sec=1; DPSync3=1616371200%3A201_227_226_221; SyncRTB3=1616371200%3A54_56_3_8_88_161_55_13_166_71_21_7_22_81%7C1616025600%3A63%7C1615766400%3A2_15_223%7C1617753600%3A203%7C1616457600%3A35; KRTBCOOKIE_1101=23040-6937252616993568915; PugT=1615204992; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 08 Mar 2021 12:03:12 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-2671732945416036899; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Apr-2021 12:03:12 GMT; path=/ PugT=1615204992; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Apr-2021 12:03:12 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 06-Jun-2021 12:03:12 GMT; path=/
X-lat
amspug005:0:391
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2671732945416036899
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 0055 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21229555&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 08 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1158
date
Mon, 08 Mar 2021 12:03:11 GMT
content-length
43
redir
rtb-csync.smartadserver.com/ Frame B5BE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdTZrN0FqQ1VBQUVYTGs2S3Iwdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21229555&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pid=3045499457929008087
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 08 Mar 2021 12:03:13 GMT

Redirect headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
location
https://rtb-csync.smartadserver.com/redir
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 67A3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252616993568915
42 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252616993568915
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21229555&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=C3917F33-A129-4FF8-BAD0-7A89FE18C046; chkChromeAb67Sec=1; DPSync3=1616371200%3A201_227_226_221; SyncRTB3=1616371200%3A54_56_3_8_88_161_55_13_166_71_21_7_22_81%7C1616025600%3A63%7C1615766400%3A2_15_223%7C1617753600%3A203%7C1616457600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 08 Mar 2021 12:03:12 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_1101=23040-6937252616993568915; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Apr-2021 12:03:12 GMT; path=/ PugT=1615204992; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Apr-2021 12:03:12 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 06-Jun-2021 12:03:12 GMT; path=/
X-lat
Pug23031:0:332
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
nginx
Date
Mon, 08 Mar 2021 12:03:12 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6937252616993568915; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252616993568915
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 8350
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=arhbr8T1Dj3fX4ssrottWb9T
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=arhbr8T1Dj3fX4ssrottWb9T
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21229555&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=C3917F33-A129-4FF8-BAD0-7A89FE18C046; chkChromeAb67Sec=1; DPSync3=1616371200%3A201_227_226_221; SyncRTB3=1616371200%3A54_56_3_8_88_161_55_13_166_71_21_7_22_81%7C1616025600%3A63%7C1615766400%3A2_15_223%7C1617753600%3A203%7C1616457600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 08 Mar 2021 12:03:13 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-arhbr8T1Dj3fX4ssrottWb9T&KRTB&23212-arhbr8T1Dj3fX4ssrottWb9T; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Apr-2021 12:03:13 GMT; path=/ PugT=1615204993; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Apr-2021 12:03:13 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 06-Jun-2021 12:03:13 GMT; path=/
X-lat
amspug007:0:492
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 08 Mar 2021 12:03:12 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=arhbr8T1Dj3fX4ssrottWb9T; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=arhbr8T1Dj3fX4ssrottWb9T
strict-transport-security
max-age=0; includeSubDomains;
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6770 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=C3917F33-A129-4FF8-BAD0-7A89FE18C046&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 08 Mar 2021 12:03:12 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4816
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w5F_M6EpT_i60HqJ_hjARg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=94922
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Tue, 09 Mar 2021 14:25:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4816 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C3917F33-A129-4FF8-BAD0-7A89FE18C046
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62cbeb45085a062d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08b3515f230000062da4ac8000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 4816
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C3917F33-A129-4FF8-BAD0-7A89FE18C046&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C3917F33-A129-4FF8-BAD0-7A89FE18C046&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C3917F33-A129-4FF8-BAD0-7A89FE18C046&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:11 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:11 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C3917F33-A129-4FF8-BAD0-7A89FE18C046&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Mon, 08 Mar 2021 12:03:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a816842f-8d77-4d25-9a9b-60af248bb530
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a816842f-8d77-4d25-9a9b-60af248bb530
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
X-lat
lhrpug003:0:490
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a816842f-8d77-4d25-9a9b-60af248bb530
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBNrrJRA2VyrURPT0uUJxlc&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBNrrJRA2VyrURPT0uUJxlc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:11 GMT
X-lat
amspug013:0:477
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBNrrJRA2VyrURPT0uUJxlc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2686957056971588346
42 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2686957056971588346
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:12 GMT
X-lat
Pug23035:0:327
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2686957056971588346
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:94b86046-127c-4500-9afb-74df214b7fd2&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:94b86046-127c-4500-9afb-74df214b7fd2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
X-lat
lhrpug016:0:670
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Mon, 08 Mar 2021 12:03:12 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:94b86046-127c-4500-9afb-74df214b7fd2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Mar 2021 12:03:11 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2000765467304499041&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2000765467304499041&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
X-lat
amspug012:0:353
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:12 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.4:80
AN-X-Request-Uuid
c4d0f849-61f8-40cf-864b-3a859ad2b785
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2000765467304499041&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NWvdvSN1l2KP1J5LgHPqEEVaqe742tk-&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NWvdvSN1l2KP1J5LgHPqEEVaqe742tk-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NWvdvSN1l2KP1J5LgHPqEEVaqe742tk-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
C3917F33-A129-4FF8-BAD0-7A89FE18C046
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4816 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C3917F33-A129-4FF8-BAD0-7A89FE18C046?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3502989270376122679&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3502989270376122679&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
X-lat
lhrpug011:0:381
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3502989270376122679&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=09-sQdTdrxPIiqhF3Im1R9OOrEHIiqBG1YqFoydO
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=09-sQdTdrxPIiqhF3Im1R9OOrEHIiqBG1YqFoydO
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:12 GMT
X-lat
amspug011:0:343
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=09-sQdTdrxPIiqhF3Im1R9OOrEHIiqBG1YqFoydO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ac00d7b6-f429-4340-9447-c7bbfc217b0d
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ac00d7b6-f429-4340-9447-c7bbfc217b0d
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=0c9cedd0-dfca-4be8-8ce3-8c5fd7762341&ssp=pubmatic&expires=30&user_group=5&bsw_param=ac00d7b6-f429-4340-9447-c7bbfc217b0d
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac00d7b6-f429-4340-9447-c7bbfc217b0d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac00d7b6-f429-4340-9447-c7bbfc217b0d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:15 GMT
X-lat
Pug23022:0:501
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac00d7b6-f429-4340-9447-c7bbfc217b0d&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 08 Mar 2021 12:03:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEYSfQAAAJVIQDoG&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEYSfQAAAJVIQDoG&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
X-lat
lhrpug004:0:530
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615204993.793001,VS0,VE0
x-served-by
cache-fra19158-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEYSfQAAAJVIQDoG&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:11 GMT
X-lat
amspug019:0:370
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 4816 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3917F33-A129-4FF8-BAD0-7A89FE18C046&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4816
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acf60116-affa-40a9-98d8-0bc4287e0934&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acf60116-affa-40a9-98d8-0bc4287e0934&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:17 GMT
X-lat
lhrpug005:0:551
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acf60116-affa-40a9-98d8-0bc4287e0934&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 08 Mar 2021 12:03:17 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pubmatic
um.simpli.fi/ Frame 4816 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 07 Mar 2021 12:03:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4BF1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:03:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 2637 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://buffalonews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://buffalonews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 08 Mar 2021 10:54:50 GMT
expires
Tue, 08 Mar 2022 10:54:50 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4103
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 2637 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 07:40:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
15736
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 08 Mar 2022 07:40:57 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4816 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Mon, 08 Mar 2021 12:03:13 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame F5C8 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1101=23040-6937252616993568915; KRTBCOOKIE_27=16735-uid:94b86046-127c-4500-9afb-74df214b7fd2&KRTB&16736-uid:94b86046-127c-4500-9afb-74df214b7fd2&KRTB&23019-uid:94b86046-127c-4500-9afb-74df214b7fd2&KRTB&23114-uid:94b86046-127c-4500-9afb-74df214b7fd2; KRTBCOOKIE_409=22966-arhbr8T1Dj3fX4ssrottWb9T&KRTB&23212-arhbr8T1Dj3fX4ssrottWb9T; KRTBCOOKIE_218=22978-YEYSfQAAAJVIQDoG&KRTB&23194-YEYSfQAAAJVIQDoG&KRTB&23209-YEYSfQAAAJVIQDoG&KRTB&23244-YEYSfQAAAJVIQDoG; KRTBCOOKIE_336=5844-2671732945416036899; KRTBCOOKIE_391=22924-2686957056971588346; SPugT=1615204993; KRTBCOOKIE_80=16514-CAESEBNrrJRA2VyrURPT0uUJxlc&KRTB&22987-CAESEBNrrJRA2VyrURPT0uUJxlc&KRTB&23025-CAESEBNrrJRA2VyrURPT0uUJxlc; KRTBCOOKIE_377=6810-a816842f-8d77-4d25-9a9b-60af248bb530&KRTB&22918-a816842f-8d77-4d25-9a9b-60af248bb530&KRTB&23031-a816842f-8d77-4d25-9a9b-60af248bb530; KRTBCOOKIE_153=19420-09-sQdTdrxPIiqhF3Im1R9OOrEHIiqBG1YqFoydO&KRTB&22979-09-sQdTdrxPIiqhF3Im1R9OOrEHIiqBG1YqFoydO; KRTBCOOKIE_22=14911-3502989270376122679; KRTBCOOKIE_57=22776-2000765467304499041; KRTBCOOKIE_188=3189-4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348; KADUSERCOOKIE=CF8B3BE6-6DAF-4C54-B763-68C50A99293D; chkChromeAb67Sec=1; DPSync3=1616371200%3A221_201_227_226; SyncRTB3=1616371200%3A21_161_54_3_220_56_7_13%7C1616457600%3A35%7C1615766400%3A223; KRTBCOOKIE_1235=23226-8c5ba37e-361e-40b4-9614-3aa266562c04-tuct73f97fd:$UID; repi=1; KRTBCOOKIE_466=16530-ac00d7b6-f429-4340-9447-c7bbfc217b0d; PugT=1615204995; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89951
Expires
Tue, 09 Mar 2021 13:02:26 GMT
Date
Mon, 08 Mar 2021 12:03:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame F5C8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=81360586&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7608868523d2071cda4bef756811cb3de3324a3633ab7eb02d8b8864ea4f640c

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:13 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1624
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 90E2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
35 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=81360586&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Mar 2021 12:03:16 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2997377657061750428; expires=Fri, 07 May 2021 12:03:16 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 08 Mar 2021 12:03:15 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 08 Apr 2021 12:03:15 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame F5C8
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PEGqnDtDppknFKmYa0aznG4QrcwnRvjLbhMiAGTp
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PEGqnDtDppknFKmYa0aznG4QrcwnRvjLbhMiAGTp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 12:03:16 GMT
X-lat
amspug006:0:383
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PEGqnDtDppknFKmYa0aznG4QrcwnRvjLbhMiAGTp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 9D56
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEcG9rN0FqQ1VBQUVhelNIeVZDQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADpok7AjCUAAEazSHyVCA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADpok7AjCUAAEazSHyVCA&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=81360586&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pid=7335153071930004415; TestIfCookieP=ok; csync=107:8c5ba37e-361e-40b4-9614-3aa266562c04-tuct73f97fd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 08 Mar 2021 12:03:17 GMT

Redirect headers

Date
Mon, 08 Mar 2021 12:03:17 GMT
location
https://rtb-csync.smartadserver.com/redir
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame CBFC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252634159151251
42 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252634159151251
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=81360586&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1101=23040-6937252616993568915; KRTBCOOKIE_27=16735-uid:94b86046-127c-4500-9afb-74df214b7fd2&KRTB&16736-uid:94b86046-127c-4500-9afb-74df214b7fd2&KRTB&23019-uid:94b86046-127c-4500-9afb-74df214b7fd2&KRTB&23114-uid:94b86046-127c-4500-9afb-74df214b7fd2; KRTBCOOKIE_409=22966-arhbr8T1Dj3fX4ssrottWb9T&KRTB&23212-arhbr8T1Dj3fX4ssrottWb9T; KRTBCOOKIE_218=22978-YEYSfQAAAJVIQDoG&KRTB&23194-YEYSfQAAAJVIQDoG&KRTB&23209-YEYSfQAAAJVIQDoG&KRTB&23244-YEYSfQAAAJVIQDoG; KRTBCOOKIE_336=5844-2671732945416036899; KRTBCOOKIE_391=22924-2686957056971588346; SPugT=1615204993; KRTBCOOKIE_80=16514-CAESEBNrrJRA2VyrURPT0uUJxlc&KRTB&22987-CAESEBNrrJRA2VyrURPT0uUJxlc&KRTB&23025-CAESEBNrrJRA2VyrURPT0uUJxlc; KRTBCOOKIE_377=6810-a816842f-8d77-4d25-9a9b-60af248bb530&KRTB&22918-a816842f-8d77-4d25-9a9b-60af248bb530&KRTB&23031-a816842f-8d77-4d25-9a9b-60af248bb530; KRTBCOOKIE_153=19420-09-sQdTdrxPIiqhF3Im1R9OOrEHIiqBG1YqFoydO&KRTB&22979-09-sQdTdrxPIiqhF3Im1R9OOrEHIiqBG1YqFoydO; KRTBCOOKIE_22=14911-3502989270376122679; KRTBCOOKIE_57=22776-2000765467304499041; KRTBCOOKIE_188=3189-4be2c402-a0ee-421d-a14f-a03733dc9934-6046127e-4348; KADUSERCOOKIE=CF8B3BE6-6DAF-4C54-B763-68C50A99293D; KRTBCOOKIE_1235=23226-8c5ba37e-361e-40b4-9614-3aa266562c04-tuct73f97fd:$UID; KRTBCOOKIE_466=16530-ac00d7b6-f429-4340-9447-c7bbfc217b0d; PugT=1615204995; PUBMDCID=3; KTPCACOOKIE=YES; pi=2:4; chkChromeAb67Sec=2; DPSync3=1616371200%3A221_201_227_226_219_197%7C1615248000%3A174; SyncRTB3=1616371200%3A220_13_8_166_161_56_7_21_3_71_54%7C1617753600%3A203%7C1616457600%3A35%7C1615766400%3A223_2%7C1616025600%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 08 Mar 2021 12:03:16 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie
KRTBCOOKIE_1101=23040-6937252634159151251; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Apr-2021 12:03:16 GMT; path=/ PugT=1615204996; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 07-Apr-2021 12:03:16 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 06-Jun-2021 12:03:16 GMT; path=/
X-lat
Pug23037:0:320
Content-Length
42
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Pragma
no-cache
X-Cnection
close
Content-Type
image/gif; charset=utf-8

Redirect headers

Server
nginx
Date
Mon, 08 Mar 2021 12:03:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6937252634159151251; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6937252634159151251
usersync
rtb.gumgum.com/ Frame 7358 		35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=pbm&i=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 08 Mar 2021 12:03:16 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
mw
mwzeom.zeotap.com/ Frame F5C8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CF8B3BE6-6DAF-4C54-B763-68C50A99293D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=514256d1-f23f-4c88-8df7-fb161e47cb2a&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=452f97fe81737571
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3577360-4431-4bef-5eb6-bae9033c0250&reqId=2b383616-a60f-4cb5-6c8a-79029bf750d8&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3577360-4431-4bef-5eb6-bae9033c0250&reqId=2b383616-a60f-4cb5-6c8a-79029bf750d8&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMVV6tX1cqeWHAIhiC-l9ns&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3577360-4431-4bef-5eb6-bae9033c0250&reqId=2b383616-a60f-4cb5-6c8a-790...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEMVV6tX1cqeWHAIhiC-l9ns&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3577360-4431-4bef-5eb6-bae9033c0250&reqId=2b383616-a60f-4cb5-6c8a-79029bf750d8&zcluid=452f97fe81737571&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62cbeb74dcbd062d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08b3517d070000062d9b96b000000001

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEMVV6tX1cqeWHAIhiC-l9ns&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3577360-4431-4bef-5eb6-bae9033c0250&reqId=2b383616-a60f-4cb5-6c8a-79029bf750d8&zcluid=452f97fe81737571&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F5C8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cdc16046-1283-4000-b5be-35cfc8bec463
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cdc16046-1283-4000-b5be-35cfc8bec463
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Mon, 08 Mar 2021 12:03:16 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Mon, 08 Mar 2021 12:03:16 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cdc16046-1283-4000-b5be-35cfc8bec463
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Mar 2021 12:03:15 GMT
CF8B3BE6-6DAF-4C54-B763-68C50A99293D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F5C8 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CF8B3BE6-6DAF-4C54-B763-68C50A99293D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F5C8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6975812139869407543&gdpr=0&gdpr_consent=&us_privacy=
1 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6975812139869407543&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:14 GMT
X-lat
Pug23044:0:431
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6975812139869407543&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 08 Mar 2021 12:03:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F5C8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=69c43e81-caf8-40da-95fc-9e6f593d2266&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b64c5cb8-27dc-49f4-8a16-0b9c9a730b97&expires=1&user_group=5&ssp=pubmatic&bsw_param=69c43e81-caf8-40da-95fc-9e6f593d2266
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=283&user_id=b64c5cb8-27dc-49f4-8a16-0b9c9a730b97&expires=1&user_group=5&ssp=pubmatic&bsw_param=69c43e81-caf8-40da-95fc-9e6f593d2266
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e06b7da8-4df6-464d-bb3f-2c2395102d22&gdpr=&gdpr_consent=&gdpr_pd=
1 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e06b7da8-4df6-464d-bb3f-2c2395102d22&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:17 GMT
X-lat
Pug23035:0:508
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e06b7da8-4df6-464d-bb3f-2c2395102d22&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 08 Mar 2021 12:03:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BF1 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030401&jk=487874065571060&bg=!HB-lH1zNAAWsVXnBrDsAKQB2-Dxa8jrHNax0i-TvOjUPbxvT4s0ourYuJzCUPt1mC7ZD9h-uMki8AgAADEJSAAAAUGgBB5kCIX_91kxCMYR_Z40Tt6I6BN7h79r5EbtA4BXR6IHTx3biGxA0vuMPmz6Uc_k312nLgCpSsekj8MOA20gdRG2WbbvWPw5ossZe8AzGUhkPNYLX4t1SMrGk-ZAgLoaRSAQROOthj8xXt8qnS8IX-2We0__Ykoh0ogSrjRTq5Hpr-IlAx1urV9jdRvhQsWGQzPIPSeb7koEIqnOMEDUpWJuYyPUylNNrAfZb1vJxmnu5dNJ6m5Pw4BonxDpIR0lN8y_Gb8rsU7r5e3Pm6mw37qSJ1z98G5F6TqyZqVgG_0Cb0cnRFVJmeCdsmenud0SO3Hhbp3vMj8c_oIcprAbYR9IflMlp6SYmi-rCsQKgd2M2WaMi58ygR9xNQec3T4kh1Fc3q993807NQl3YAJ6a_G7cPrPR0iU8l9Dzro5pRn9fyFfiT5muyQcB4E8GrcfwIQbF3vQIfP2z1NNusB98tmdS9qjyheQa6jzY1uyAJs7YhgLOxDC35AjROTJ9OAhhRpTNuncUQdB277bcqQCTd_JFHOXBriaZZF7glTXOawgdibYQu-cwkeSF1ctMwcCPagGeiYFiGAxaPBfBn-qUOhphfNXUJcWt6zzoGHCcLLA4kP1k-KMbWzTwF6oA-otvnp2x8RPngBsDvd9g4qINlHlSmseF3aS-XKNEH6DSFOCOyggmXF4bLKpyg2JAr6ODg3AKiqZ-W532infia73kIjrsYT6Z
Requested by
Host: buffalonews.com
URL: https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%... Frame BDC7
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20pl...
  • https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue...
979 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
405dcc0d8e08d231ca63d8f27f589238256e72dcf25100e1ccde919efff88e34

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://buffalonews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://buffalonews.com/

Response headers

date
Mon, 08 Mar 2021 12:03:21 GMT
content-type
text/html;charset=UTF-8
content-length
979
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.8.188
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 03-Dec-2021 12:12:00 GMT;SameSite=None;Secure _cc_id=491e0e7d7acadc1e8718f3d4c3d0a05d;Path=/;Domain=crwdcntrl.net;Expires=Fri, 03-Dec-2021 12:12:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQMLE0TDVINU8xT0xOTEk2TLUwN7RIM04xSTZOMUg0ME1hAIIEN6HOb%2F%2F%2F%2F%2BdngAGxk80bpBjfmTL8Z2RkmPi8URXGbtxwhh%2FGvt5ziBvGfn7ighqMfX7JHrj4k3VvZGHs00hqFn2bIAdjn5o2Ec7%2B%2B9kSxvx44pQGjH32pDqMee7oIWYYe%2Fe%2BywIw9pz1T%2BG2Hl48hwXGXv6nEMa8dOoRG4z9bglCyYeG%2B3Bj%2Fm6cAhcHAO59b64%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 03-Dec-2021 12:12:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGBIcBPqZIABFgbGdbNADGaNXSCKcYM4mFo3H0gCAHOSBYo%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 03-Dec-2021 12:12:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Mon, 08 Mar 2021 12:03:21 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.17.129
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd301bf2042c71f8d57288ac6a882972de1615e9a4e0d5f62dc80d4420fd9dd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6448
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 12:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Mon, 08 Mar 2021 12:03:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6E88 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://buffalonews.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://buffalonews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 08 Mar 2021 10:54:50 GMT
expires
Tue, 08 Mar 2022 10:54:50 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4111
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 6E88 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 07:40:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
15745
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 08 Mar 2022 07:40:57 GMT
insync
thrtle.com/ Frame BDC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=491e0e7d7acadc1e8718f3d4c3d0a05d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.182.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
utsync.ashx
ml314.com/ Frame BDC7 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=491e0e7d7acadc1e8718f3d4c3d0a05d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.170.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 12:03:21 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Tue, 09 Mar 2021 07:03:22 GMT
tpid=b78dcfca-160c-493b-a08e-512779e84dc6-6046128a-4348
sync.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/ Frame BDC7
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b78dcfca-160c-493b-a08e-512779e84dc6-6046128a-4348
  • https://sync.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b78dcfca-160c-493b-a08e-512779e84dc6-6046128a-4348
49 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b78dcfca-160c-493b-a08e-512779e84dc6-6046128a-4348
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:22 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.76
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:22 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=b78dcfca-160c-493b-a08e-512779e84dc6-6046128a-4348
cache-control
no-cache
x-server
10.45.17.55
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame BDC7 		170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NDkxZTBlN2Q3YWNhZGMxZTg3MThmM2Q0YzNkMGEwNWQ
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
382416.gif
idsync.rlcdn.com/ Frame BDC7 		42 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=491e0e7d7acadc1e8718f3d4c3d0a05d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 12:03:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
tpid=e8264fb0-3700-478c-9f73-9bd5c973822a
bcp.crwdcntrl.net/map/c=10620/tp=TRAD/ Frame BDC7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e8264fb0-3700-478c-9f73-9bd5c973822a
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e8264fb0-3700-478c-9f73-9bd5c973822a
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=977656505/pv=y/med=flag%3A%20featured/med=%23OpR%2372333%23Keyword%20%3A%20chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20buffalonews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/rb=%7B%22meta_tag%22%3A%22chuck%20schumer%2C%20charles%20e.%20schumer%2C%20biden%2C%20american%20rescue%20plan%2C%20stimulus%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:22 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.68
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=e8264fb0-3700-478c-9f73-9bd5c973822a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030401&jk=874061643441770&bg=!ZGelZyTNAAWsVXnBrDsAKQB2-DxaTGqFAUydjQkqKXW_oE3HMB-sftNZ_0cNug-1-rh6L4SRgqMaAgAABNVSAAAAGGgBBwoBdXxBhdpq69iM3vohDpv6V0BW7ZQNoLaICUGV4MPS1VPoWfdIqE-Bqa91RO8zrNvFejD-VsMkvceiY3I2tr3jgKNystKyiw3FY_Tyks50ap05Jlz8cbOm6VLdAv1X-yG3c4T-e590aoK4ethukUgEkWFMO5gX34mZ1jAJYmUO_XGGqseTdLySS1nFBiIkJWI1uCUG_QMP51hXhZdP2flJlzNRBToPztbdfOfuCqPIrPyiEtImKvAFntWAq7SyGzC3pOKLI4B3gaw-wgXgmlbuT5yGRL5UrXM7zAcEqkhBsCpZbbQLcA2mcVzOK1DKlBNMh9UDPsMX2U4z9XoZ7Qm97-FFWulY1_ytR0OT2fnQpxfGpnmjW7G7SG3o6NTWBgQu7AzurXM03tpdTqwUqWbTVn_tDno3hZ36C-lNIcVptX0rsp1C5d-hLFQyv-583pPp3UnapH7S2ssYNk531I94ygoOJXnAF4y6ggsOYBv2r7G33nopOuiZAf1tdzfhOKx5yUNU3pRpXN6v9Spe3QKgnzibYcv-QClbKQMVv3zP2x5DV-EP0MEXg8H9oyG4rg1z8CD1DeQAPxRNKerRxFXJST7tiZwWBQ7vDFm1lXejvXKYBJ5bszjbUvRONGFkm88Px-C4Z84e1IZjn6zUeX_yZGpHkgD84OLIFtnkjWxUsUk-qT0utw8wAdmNIkPARvE3w8IpeHvaQhpIP7ZQ5623d5KrMq8DqRZLe2cMIHMYLawEZq9sv2DFYtudjWXUWgE9qeaNMokgMUcHHvqvpk4aqIiHuYpDqfYY6BhhlZW4Rm6XqkTirnl7KtpLZXGzH4_YCt-F9AOKubLHSYjID3x8BqW8G0Pbgxxxgavma0Esya5Pfj10pPlpfY4wOvq_HKKmSic6zif7-aw0LVy1CrPNJM6c3BVrKlzrRqtrgM53trgi0yAAhQ6-KUP2eoqbohONuzwGNpJ-Gdr0VUHw57UoCOEOtQcnpoDvstv1ptD890GwYTcxJz7fYbVNSapml0uMBJkjqIY8VmlcNjnZlvcYIDn24GHZrMGbZ228sNaoH3niQ9b5DppRd1ZFSU0lylRgYLENsdSdrToo95pxVEJ6kLheS_0piYHEhbm9WZAXEAkBgBoLyVg0zVGjAdg7IqGsrqVxLM0xdiatqsFcoBWoekKGtP69SA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buffalonews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 12:03:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.liadm.com
URL
https://i.liadm.com/s/e/a-0585/0/52d73466035f4e368018fad901a51e8a?mpid=7156&muid=b5a26046-127c-4d00-b219-dcaa64e75cac
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
Domain
x.dlx.addthis.com
URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=777388e8-5b73-4777-8079-74db9a19542d&rd=Y
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=777388e8-5b73-4777-8079-74db9a19542d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=777388e8-5b73-4777-8079-74db9a19542d

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| _cc6894 object| LOTCC object| TNCMS object| tncms_siteaud function| $ function| jQuery function| originalLeave function| objectFitImages function| Cookies object| SelectorQueries object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| _BNTech object| BNTech object| googletag object| APS_dfp_ads object| apstag object| vttjs function| WebVTT function| videojs object| $jscomp object| canAutoplay function| videojsContribAds object| videoReady object| videoEnded object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| TNStats_Tracker object| TNTracker undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 undefined| lee_glus undefined| lee_glusIE undefined| sub_last_login_iso8601 function| jsonFeed function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| field59 string| url object| google_tag_manager boolean| BNTy6k0ejvVfq object| aCallbacks function| _typeof object| TheWorldTable function| twtAsyncAPI object| otStubData object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| __otccpaooLocation boolean| doNotTrack boolean| adblockEnabled boolean| loggedIn object| userData string| subscriberName string| subscriberEmail object| _snowplow_trackers object| GlobalSnowplowNamespace function| snowplow function| fbq function| _fbq object| _comscore object| resonateAnalytics object| NsyqHa function| NsyqHb object| xop function| articleShareSticky object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| videojsIma function| callback function| messagingCallback object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| Lee_WC_Data function| wrap object| Polymer boolean| $sNavScroll object| gaplugins object| gaGlobal object| Snowplow function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| google_image_requests object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| udm_ object| ns_p object| COMSCORE object| IQtO6a function| IQtO6b function| xblocker object| XulSRa function| XulSRb function| xblacklist object| WebComponents function| JsMutationObserver object| HTMLImports object| CustomElements function| unwrap object| PARSELY function| flowplayer function| Hls object| ns_ object| f59 object| _mather object| _matherq object| tid object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| $FR_LAB object| LI object| __li__evt_bus object| gaData object| liQ object| Optanon object| OneTrust function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| _typeof2 function| __liSync object| _33Across object| google_optimize undefined| hashSet undefined| urlHash undefined| data undefined| param undefined| dmpData function| $TM_VR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| $TB function| nrlskOnEvent object| _tynt_jp number| wc number| _tynt_gpt_iframe_id object| GoogleGcLKhOms

2 Cookies

Domain/Path Name / Value
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmXT2YjzDPlAMswuhL9m4dQbQzoumlh7p-vIaB0z3REdICfZtt9eo5Iq9WNjL0

15 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VVQY4j2VbgbnW9jttVR1k2MW3W5r_q0D4nWYwpN3tskDm4Zc_rV3Zsc37CgPsbN38Hg8nddMXJW3TwjS_985h1zW1fQKq385b00xW1J-VW08rJ1pGVShqKM5N64c6N6VHkbTvq3DcV4c__T6GfQNcW7jc0Y_8634MCW9chC8R82PWG7W232qGZ34nW28W58pJ6v1xgDt8W7L79n88HQ2RjW1SKfMR4XPxzgW2CFFv21SpMblW8Jfx3N14p8BdW7xPvjH62PsjSW8LVRvz1X9DG2V2lWGN6bHl6VN2FHPynxG1vsW33cWqh4YxmL6W4bhzcP7ZhhzXN7hlC_-xv8sSW1Vqg0r20gDY5VNMFn14tl42kW1n_Kcz53zw03W2PVFmL42Jts1W2MFM4w7dvK23W8LYGmr6vtbkpW7lDPYm6XLrZmN14CKsbz3fljW7_CwFy8ZZMSSW6Bhgdn9hMZjqW3350-C5VGWccW28zfhM8MPqq533xg1(Line 13)
Message:
toS
console-api debug URL: https://buffalonews.com/shared-content/art/tncms/api/access.js(Line 147)
Message:
TNCMS.Access: Setting audiences
console-api error (Line 7)
Message:
catch: TypeError: Cannot read property '1' of null
console-api error (Line 7)
Message:
catch: TypeError: Cannot read property '1' of null
console-api error (Line 7)
Message:
catch: TypeError: Cannot read property '1' of null
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://buffalonews.com/news/buffalo-and-the-region-to-get-350-million-in-federal-pandemic-stimulus-bill/article_e5e5f7aa-7f70-11eb-914c-1be5982e7616.html?_hsmi=88974744&_hsenc=p2ANqtz-8XMMB46H5AgVQ4BLSD9w28QS-pQ0pRorRUvgPBpKcRaFSmmrrxMtM0wk7CJnJQ5FA98T_C72edrAhF3Ck-ifst7NTUn1u5nbR3cq6lbBxZ_pVg5Rw
console-api info URL: https://acdn.adnxs.com/ast/ast.js(Line 1)
Message:
AST library loaded: 0.36.0
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.leetemplates.com
a2996485052c7313ba81abb470fb9eab.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.crwdcntrl.net
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
am.freshrelevance.com
ampcid.google.com
ampcid.google.de
ams.creativecdn.com
analytics.google.com
analytics.worldtable.co
ap.lijit.com
api.bntech.io
app.worldtable.co
aud.pubmatic.com
b-code.liadm.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bloximages.chicago2.vip.townnews.com
buffalonews.com
c.amazon-adsystem.com
c1.adform.net
c1a55b195c3f5a2e07e1e5cb882c16d3.safeframe.googlesyndication.com
cdn-sic.33across.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.parsely.com
cdn.resonate.com
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
d81mfvml8p5ml.cloudfront.net
de.tynt.com
dis.criteo.com
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
geolocation.onetrust.com
googleads.g.doubleclick.net
green.erne.co
i.liadm.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
info.silobreaker.com
js.matheranalytics.com
loadm.exelator.com
map.go.affec.tv
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
ml314.com
mwzeom.zeotap.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.field59.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sc.tynt.com
secure.adnxs.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
simage4.pubmatic.com
sli.buffalonews.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc.33across.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tagan.adlightning.com
tags.crwdcntrl.net
tg.socdm.com
the-world-table.firebaseio.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
x.bidswitch.net
x.dlx.addthis.com
i.liadm.com
match.adsrvr.org
x.bidswitch.net
x.dlx.addthis.com
104.126.36.152
104.16.39.14
104.16.60.230
104.16.88.26
104.18.12.242
104.18.130.43
107.178.250.234
124.146.215.52
13.226.156.128
13.226.159.22
13.226.159.63
142.250.185.226
142.250.186.162
142.250.186.34
146.59.148.16
150.136.25.38
151.101.1.195
151.101.14.49
159.253.128.188
159.65.196.12
178.250.0.163
18.185.180.173
18.193.31.194
18.195.155.181
18.198.126.47
184.30.24.185
184.30.24.198
185.184.8.30
185.29.132.144
185.33.221.11
185.33.221.91
185.64.189.110
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.137.107
185.86.138.144
188.165.4.142
192.104.182.109
193.0.160.129
198.148.27.140
199.232.137.44
199.60.103.254
2.19.34.195
2001:678:cb4:bbbb::11
208.100.17.185
213.155.156.181
213.19.147.151
23.37.42.132
2600:1901:0:94b6::
2600:1f18:410b:aea2:a394:b2c4:1fb4:bfb1
2600:1f18:730:b110:b216:4622:d058:b1a9
2600:9000:206f:aa00:e:98bf:5f00:21
2600:9000:206f:f600:2:36a1:2f40:21
2600:9000:2182:ba00:7:5031:dc0:21
2606:4700:10::6814:b844
2606:4700:10::6816:1957
2606:4700::6810:9440
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2010
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9b
2a00:1450:400c:c0c::9c
2a02:26f0:12d::58dd:dd0b
2a02:fa8:8806:12::1400
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
3.126.56.137
3.225.15.51
3.231.119.144
34.102.205.239
34.200.78.134
34.245.253.34
34.252.253.152
34.98.64.218
35.201.96.126
35.209.99.174
35.227.248.159
35.244.174.68
37.157.6.245
51.255.68.171
52.46.130.13
52.48.170.220
52.48.248.240
52.49.193.31
52.49.59.93
52.86.196.188
52.95.123.41
54.144.144.142
54.198.41.31
54.208.157.219
54.228.206.35
54.73.214.170
54.87.182.193
54.93.43.1
63.251.114.182
63.33.123.138
64.202.112.191
64.202.112.63
65.9.189.60
65.9.24.128
66.155.71.25
67.202.110.24
67.202.110.31
69.173.144.139
69.173.144.165
69.173.151.80
72.251.249.9
77.243.60.138
85.114.159.93
006013c9aa1a1e59af8101222585272cf6d3385cc4e241aa28455bf2fa97db3b
00b7704636a2c65a933e653fe446845ed0bea2510e1efac98b320444f918482e
0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4
046d14f3385c3caeac15821297b11ecd1c9551bbb9792a4e401095111d1b2eb7
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
059bc42513157b8af9033f063157dffd7a9a1c6bbc9e4f2b3bc75d52be38863d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
08a6dc318332eea605b4b83b0bffd06c3512071f676895f252c97ab84c04b62c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d262fec5a2e1fad9c43acfd1bbde63054560a3332d9fb4e87abb2e81ab19b37
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
173a1d325590ba0dba29e1aa784fe064646134fadafc34ea41e8d6f84e7c85fd
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1868c048383529f67ff56be1f4e345d846a381eeb93649e883273ded31885321
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d1f8289d7da4a3140226d8166094062e5312348fc06b0e09404bb0ee9135aca
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1d923da11830d49142090dfe01166b72b1048e0967b4dc49aeb71100e03c54fa
1e60092679e16296caf55a2416579d53012e25d166e20b7c36daf9b31bcf2282
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f53ccc2d3e1fb7bb0c211b32b7f8e7bb93f77b994660ac9628e5e0ebe3fc00d
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6
20c1c11b35fdd1f3f57d3ff6e2d29c5c88700a4246b25040482a4420f22156e2
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23d66bfd85b203b713fa742858f524bb3b7a097f73c6b96d643434a7d3bbe661
261854a2664913c58d1956c532ba529898e252a789cfd45e02ca4691bba086d9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a6930c66a35d3b99b2983d6f8b8be448c05066063daadbccc3828c56dcc64e5
2bba2e3e8a07b0445431999ba60cb5783eb610e7ae8bf9b7fcdfb4530688c44b
2c3d0da252cf0822f28f4a5a781302a94872bc599eeb66f2d2bea194649593d0
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
2c5e865d153eecebe29b635da42d75cbcbddd5c82d0e081940a7443cba529c60
2c77519cfdb3f918d4e3b9f39bd2f296779e6269476bfe2be98d3eaa6cc8b183
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fed84395dcec53cc65a1ac3104dbb39b7c52d5ac00268a3c0fac7b8fbe5e0b6
304812126a887ad20ef1b6f29090e50b21f07817d91c927230e7845ef1a2eb7e
3049db4be872564809e26eea512e437046645835cc6a34783d24d5d104271c82
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3bfd8178dc873988372e42f9637ef615906a823413fdf8dd1896c61f1dfdba94
3d605439e03bb15af53416ac8dc05cb9fbacf9881a804a8287a2d456f9b49d59
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
405dcc0d8e08d231ca63d8f27f589238256e72dcf25100e1ccde919efff88e34
4080da65ba530171488fc4b33f7cd1c329753b111465bf529c551429aead99fd
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
440e54d6b31226c2db1e2d0ff9ad40b8d32970afa0da634327e933fc0ae2b1ba
47dcc84c9ae16e65a6e185be18d946563e3485a0d68032d94577694ee5d9591d
48602e537a47130c63187cb4259765bf3a17bae7f391f7a0b650d8dbfb18087f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
5061687072466268612b907fe4386e659886c8be0b79e117755e78312e8cb42e
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
54ab33bf7927f92752e316b76a8976c658f90cb87860bcc209846562f2e133fa
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
57e946c38368c51a1500ed211ca45ec434d80035d7934b3f0649df7ba54d3d70
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59d94c51aec510721e7ee56de516af7e48880d327f7fea8b480f67e955a15adb
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5ea2100a3e4b5115ac915d6f176a5dbeb4599941e66d809e7f0af4f82966b372
5eae4e0ad8125be62df236e4c1d5718c5e4673ff6339cc389265185699cc3501
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
634bb0212cde8036b2b67c7d8999b52a8a035b9f797aac5cf6b7f78444fc2207
659e26afd851b282697fa087c97ed0943dcbf3511689ef5b717c1e61f9ff1dd4
67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118
67d40cca6a2dd641c853bc995b45aada61fc0857c63dd668abf0937082b561c4
68d022befcc9197da1e8fba69f61e22389c84085cc699de5c89b4a694d1ca4d2
69681f203aa6991d124b957f5923b4f332a77bcd4ee796cb728eb9eb1cae9760
6a2b37628207d196780c1e4ce3f27adc580a0f9e67e91f85bbf75991c3f0741b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
6d8b76cb673b3af30f99448de96d4bfa03546c4e7808ce9c6ccaa9777efc90ac
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
738465a35668cea4cf13644bbaf6eeb18dfe494d6941a242d138ee87280c8a9c
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
74968acf3b4490ad18803919659da909a3c072c772d6722bcee32f3f5fdadf6e
758b62cab63c4bae4f662cf7e6096948060c0c46a6bec28539d0875ed9ade529
7608868523d2071cda4bef756811cb3de3324a3633ab7eb02d8b8864ea4f640c
7697d635aedaa4ef158c2bb64e3accf0cc41fa763261508c25fef0006d662abb
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78db01167fe726a5986416c3144750a9b9945beb8058561ec0797ee329b2aa1d
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
7d6bc5ccc0d04e6ccfbecd2bd5775b3604995e5196b4e08c179d0885e7e94925
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
805733f9624bc82e620d4dbb4c14e1bbdb1b6c567520378ba5eb23cbffaf015b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
87a40f6207a611dbce5fdf30d66a557ef6cd70e7dc990c39d90a628a3b72a5a9
87eab7c89934f3d02f9276c98852c1980097291c85ab71017d086cf5db3e814c
87eef777950723fdf632637445e410e19dcb02531fac8faf8be941da0c3ad105
88953d407030bfea3303da17541d2ea79529bd79fba686ec3517b0459a9ec1a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8edb526b1fb165f5216a8ce3715f023767e74e7cbc2db016194bd5d30d549e9a
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
901f6f683cfd0a098d95cab6136cf448445be1264652e581ed1ee6756edcfd37
9180a94ecd3d5f93f0fb9fcd95a68ec3a9e1decce55694bfb9e5ce6281bdd672
92ea2c3d4fce33fc39c77e13ff8158da021497bda2641562bceddccad972e2d3
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f
94c90feec6b804cbc3ab16ee80fad6d1029534e8df646b919d4ed2812c49cc7a
951b4fc87902d71b21a6f00565e73848a37c3260bd7fd3f6c92bc4d7999175fb
969008e9123da9c1e989cffc16067096b417fc97428f509e67d209b83ff600c6
9807b4c475c5a564d0a0084dd0e559fd80adb2a18b94a62602cacb26b65e02eb
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a38ed42fd72929c1cdebc651707cad6af2f236e309a77ccba91b25e5a2eef05
9cd29b4eb545ab2cbd7118710d865deeaa1cb12ff0b35002f982f4c82d4db144
9ce4711de2399476a322fdf12ad0ea792f866282f33f919fc0cd329c0ce56717
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54054f50b4fce868194e8b8b336d38a90610119e630d53549c38f584d2da187
a8ada0306e59c89efe6d07a907e2e90db1e172d621df4fa0c1bc1cbbf3e285e8
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26ba6878ca7429d5fc284f9a15753c98dddda891406044ecd58847f0664e518
b370b2f1b45465d3e34a13d89ec896089f77a3dd03c7a612ea87d0b0a6547ac6
b69c04056c122357b419e9b0c7eaa95fa1654c35e1b5f84d686add64f17ff94b
b6ebe287af2e73150d18385835247ae96531af4aa3f041f29ab5030ef194c18e
bafd639d549f06a8dc21014dd142575090fa5625d731412cf594f4a6f52ff4c1
bb9b82f7c28a53fa5dd62011098a08184d347101bfd23ab117dccd02deb742ce
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c53d1e9a124aa7b6fd5b572bd6b11553d05ccbb38af3e696d98be56ce963d218
c79456b94ef17205d2e7ce09158c3c97e909feb47209e69b0590d7951759849c
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2a4de7a844fc0f5703af1499a0b68bc682f17ae009db714f04d6e3debce73a5
d2c7e8a5926cac8dfd90f415e07c099b78908d0cee59fca1f8b95e813aac2ec1
d3f6463ab665b143ea05f888b01d363f3d65e32b45f106d3557f8b814bcb149a
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deaa8393485376e02f65c7c46f1d7ff2ca83fb384b4339e50a00686d2a43c8ed
df809d2953e51984a24a2c0f9e15ce8c6845fd227016389f1b20f2fe9fa317fc
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e989ab3de96e1838a481f01da6e2d7b41d25a2ed9001491306196e7d3d7b48fd
eb59bbc9cc51b4bfeec9f8082ac485fc8e290e98364e4827f5607e27f095c083
ebdca391c928c38835fe3831c49ebf0e7098cd9b4c4a2e57d50062533fb4ed39
ec393795d92641f99813a48ac27b6ea9fc99ebc656f7b8b544a0de614ed86f4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0eace03ef257488b6f1b8abd59634fe426230dcc62d33c41fa15e4fcf33079d
f276448c97288b46635f8ab2ef74b7afa3575bcce00d87f0a408c6406453a1ef
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fa23750104f28bca438655d5a5682e8a8ef946cd764fb06945e03459cd7ec1d1
fc8cbf5a35532137fd68de77a639b965065c14026147fd1be69b47e124726ab6
fd301bf2042c71f8d57288ac6a882972de1615e9a4e0d5f62dc80d4420fd9dd5
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f
fe83bf4d90f17ac9ecb4808ffe059d64d79d5cf6752859c37a8113584e959c2a
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da