www.wesa.fm Open in urlscan Pro
18.64.103.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sales.asapp.com/t/106739/c/b2ccd89a-95ae-4b8b-9ae7-6f7236858726/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQ...
Effective URL:
https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Submission: On May 02 via api (May 2nd 2023, 2:44:18 pm UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 21 domains to perform 107 HTTP transactions. The main IP is 18.64.103.120, located in United States and belongs to AMAZON-02, US. The main domain is www.wesa.fm.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 20th 2023. Valid for: a year.

This is the only time www.wesa.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.221.50.8 54.221.50.8	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.29.67.120 52.29.67.120	16509 (AMAZON-02) (AMAZON-02)
1	18.64.103.120 18.64.103.120	16509 (AMAZON-02) (AMAZON-02)
18	108.156.60.96 108.156.60.96	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:212... 2600:9000:2127:3000:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	54.205.106.1 54.205.106.1	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:2800:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
21	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
1	52.203.65.114 52.203.65.114	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.112.67 18.66.112.67	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
107	27

1 54.221.50.8 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-50-8.compute-1.amazonaws.com

sales.asapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.67.120 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-67-120.eu-central-1.compute.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-120.txl50.r.cloudfront.net

www.wesa.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 108.156.60.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-96.ams1.r.cloudfront.net

npr.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:3000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.106.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-106-1.compute-1.amazonaws.com

api.composer.nprstations.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:2800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.65.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-65-114.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

59dc7390292a783406d611f657ed59ea.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-67.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 6713 api.omappapi.com — Cisco Umbrella Rank: 7080	122 KB
19	googlesyndication.com 59dc7390292a783406d611f657ed59ea.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177 pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	290 KB
18	brightspotcdn.com npr.brightspotcdn.com — Cisco Umbrella Rank: 110057	3 MB
13	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	148 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	21 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	259 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	446 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	172 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	255 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261 www.google.de — Cisco Umbrella Rank: 3425	986 B
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 2399	252 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1521	201 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 187	2 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2090	15 KB
1	nprstations.org api.composer.nprstations.org — Cisco Umbrella Rank: 58623	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
1	wesa.fm www.wesa.fm	33 KB
1	salesloft.com 1 redirects app.salesloft.com — Cisco Umbrella Rank: 199064	580 B
1	asapp.com 1 redirects sales.asapp.com	357 B
107	21

	Domain	Requested by
21	a.omappapi.com	rumcdn.geoedge.be
18	npr.brightspotcdn.com	www.wesa.fm npr.brightspotcdn.com
12	tpc.googlesyndication.com	rumcdn.geoedge.be
9	securepubads.g.doubleclick.net	rumcdn.geoedge.be www.googletagservices.com securepubads.g.doubleclick.net www.wesa.fm
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.google-analytics.com	www.googletagmanager.com www.wesa.fm
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	www.wesa.fm www.googletagmanager.com
4	connect.facebook.net	www.wesa.fm connect.facebook.net
4	www.googletagservices.com	www.wesa.fm rumcdn.geoedge.be
3	stats.g.doubleclick.net	www.google-analytics.com
2	www.facebook.com	www.wesa.fm
2	www.google.com	1 redirects rumcdn.geoedge.be
2	region1.google-analytics.com	www.googletagmanager.com
2	rumcdn.geoedge.be	www.wesa.fm rumcdn.geoedge.be
1	api.omappapi.com	a.omappapi.com
1	www.google.de	www.wesa.fm
1	googleads.g.doubleclick.net	1 redirects
1	59dc7390292a783406d611f657ed59ea.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	rumcdn.geoedge.be
1	adservice.google.de	rumcdn.geoedge.be
1	ping.chartbeat.net	www.wesa.fm
1	www.googleadservices.com	rumcdn.geoedge.be
1	static.chartbeat.com	www.wesa.fm
1	api.composer.nprstations.org	npr.brightspotcdn.com
1	fonts.googleapis.com	www.wesa.fm
1	www.wesa.fm
1	app.salesloft.com	1 redirects
1	sales.asapp.com	1 redirects
107	29

This site contains links to these domains. Also see Links.

Domain
www.alleghenyfront.org
pittsburghcommunitybroadcasting.org
wyep.secureallegiance.com
wesa.careasy.org
goo.gl
www.facebook.com
twitter.com
www.linkedin.com
www.publicmediagivingdays.org
publicfiles.fcc.gov
www.instagram.com
www.tiktok.com

Subject Issuer	Validity	Valid
*.prod.npr.psdops.com Amazon RSA 2048 M01	`2023-02-20` - `2024-03-20`	a year	crt.sh
npr.brightspotcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-08` - `2023-05-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.composer.nprstations.org Amazon RSA 2048 M01	`2023-02-22` - `2023-07-27`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a.omappapi.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Frame ID: B6253C4064D18337609F912BEFCA3945
Requests: 86 HTTP requests in this frame

Frame: https://59dc7390292a783406d611f657ed59ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA5A1D76F79F879188D6FC5C5C3168F1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK5UPjcEaTS18eM1BSD401lnSes_O9ILqBko9MHef2MPFiJ1iIz85E0wuG-pijUtI8tYfR4XyMKK--aeSxw_4FxJah5tTTqboleX0W_VztnMqHkWhfJszWEIpAblYUL8vP606HXfVmBZNYxBw90tOoPctysOW4Q0rRLIE_SEYznulMxLj4hQ9a6vz-bBqAALG8TPhL2O7hcATjv7sAbTkxAHChcY_2dpXczmEOTpA9pLgfA5v3JF6Z3THXwOx0os37ytg4LUYj23NUd9hXf17gj0jH7560G5J6_bM0m0qe5EOQRbj4wybICOJl&sai=AMfl-YSnCRqtT5n-8RFvIZAQHSAqSIF0UJQvjdG7AJWljqpDKkmKASGgq1xFrGzgfY8CSQzcjZVYhC3KtGsmMp1DFS6rtww2Xo9BfxmydXaXdom2YCPani-LhES9Tc9OhHyB2tmJ8G_RWbfJu4_1f2YN&sig=Cg0ArKJSzB6pHHV2bXmXEAE&uach_m=[UACH]&adurl=
Frame ID: 996907E9ED988E1D6BB5FFCE0DD77DE4
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEDKV7ev65I79C29g1BeCFtMw4MDEL53071W3i-5SiuB3QncUSkmE7SCknbTM2at5RJfhFn4agpKE9YaUplDxUXGVOQoZpI7tVDTHcDc5OrQSg3FoPUQAiwReFRXgrUMG7-pu9byBk0rPNQwOfiGfoqaVo94SIKHTsLgpfNGuTFygqbIc3DPbm5MgjMdGALCmbTFW1WCbSz-iPlGSQRlBahs8SYpoXG9c81Txxz1v68hNBEiiiZAfL6DFwaTBOARyFTKvL-PC3j3RAwwBNapy6dZt4DyhVzHieV31IQ-jzwMf7No90QToKdJw8Zw&sai=AMfl-YSN43pKp7EikZtYJ3rcqiABl7m_OIdtNonrB4ZpVhIlu5PRXRyMWv76jujGs77dXGdRHQyukx4TQJsnmdLdQFPz0vxBFPiW9vKA4WYYQ9CQ_H0KjjQHYwgPb1dvn_tW4_J4g63CC1nmgqu_JhLC&sig=Cg0ArKJSzJdhAntEXDYqEAE&uach_m=[UACH]&adurl=
Frame ID: 79AD0FBE1927DA3BAC710553BD2587D5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteyB0rkWI0FaHvcPKOd_3As6-8STJiCEr5AulherK8iERO73lB_h007ZuZpeDsM9onv74jfypq-V2iqLvyF5GyPkVdBpugJqnXXMQ_B41mXjRwL03RCDEEqCju_rgMfxCZdAB9iZKPWYFlzmSr1QvsCTLWt26HX0acZ3rwbGfpxnFOs_jSdsnMes9nuX5DinN3_R5T8SfF4btXS0WWmYXrlPl6EWHU9ldLOOy_J5YE07HH5ty6MTqnkw3bAefkqQTN5po9kDKCS5_355VP5jk1V3-fOYFVym808eMDczMOr04I2ZWRbqujfcv6kQ&sai=AMfl-YS2nJAozyomm2icWJoQF6Ma7Z9s21NFYy3_CvHVQ5bWQRubynfkLvvIxk5vtNw4lhWodl7rSuUuRWZu6B0gK77ETwiYytwkhpe8dUs2FNdWQSmGX3fLY7oLJwKCPZ5NXz7jtsoRFIaq0bJtTgmW&sig=Cg0ArKJSzEGDHlnXbHW1EAE&uach_m=[UACH]&adurl=
Frame ID: 00CEAFE273E9FA7D11D1A20B9E7728B6
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77B44D5D5DD3128D7FB4168A4EA2B694
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C446546AB3E43067183EBE34C9E174C
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 24AE37FC8EBB30FE1988ECF810DEF637
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medicaid renewals: Those who don't reenroll could get kicked off | 90.5 WESA

Page URL History Show full URLs

https://sales.asapp.com/t/106739/c/b2ccd89a-95ae-4b8b-9ae7-6f7236858726/NB2HI4DTHIXS653XO4XHOZLTMEXG... HTTP 302
https://app.salesloft.com/t/106739/c/b2ccd89a-95ae-4b8b-9ae7-6f7236858726/NB2HI4DTHIXS653XO4XHOZLTMEXG... HTTP 302
https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

107
Requests

99 %
HTTPS

71 %
IPv6

21
Domains

29
Subdomains

27
IPs

3
Countries

4412 kB
Transfer

9767 kB
Size

18
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alleghenyfront.org/
Title: Allegheny Front

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/dei-overview
Title: DEI Efforts

Search URL Search Domain Scan URL

URL: https://wyep.secureallegiance.com/wyep/WebModule/Donate.aspx?P=WESA&PAGETYPE=PLG&CHECK=KzZvmrKfA2CqK20krF35cqUOstgWaB20
Title: Become a Member

Search URL Search Domain Scan URL

URL: https://wesa.careasy.org/home
Title: Donate My Vehicle

Search URL Search Domain Scan URL

URL: https://wesa.careasy.org/real-estate-donation
Title: Donate My Real Estate

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/mediapartnership
Title: Media Partnership

Search URL Search Domain Scan URL

URL: https://goo.gl/3O4YS3
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=935012573999863&display=popup&href=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&text=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&mini=true&title=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off&summary=A%20federal%20rule%20that%20protected%20coverage%20for%20Medicaid%20recipients%20during%20the%20pandemic%20will%20expire%20on%20March%2031.%20When%20it%20does%2C%20tens%20of%20millions%20of%20people%20will%20need%20to%20re-enroll%20or%20lose%20benefits.&source=WESA
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://wyep.secureallegiance.com/wyep/WebModule/Donate.aspx?P=WESAPAGE&PAGETYPE=PLG&CHECK=UGXJg5DzfYabWAg%2beYyTHm3L5BYddGq6PVAl6UEf65g%3d

Search URL Search Domain Scan URL

URL: https://wyep.secureallegiance.com/wyep/WebModule/Donate.aspx?P=WESAINART&PAGETYPE=PLG&CHECK=XfOg267bEtmQUeABc7NhCq1gzMC6uhq5nDjkJobrCdg%3d
Title: Dear Reader:

Search URL Search Domain Scan URL

URL: https://www.publicmediagivingdays.org/
Title: Public Media Giving Days

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/
Title: Pittsburgh Community Broadcasting

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/board-of-directors
Title: Board of Directors

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/jobs
Title: Careers

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/reports-resources
Title: Reports & Resources

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/wesa
Title: Public Files

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/covidcare
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.facebook.com/905wesa/

Search URL Search Domain Scan URL

URL: https://twitter.com/905wesa

Search URL Search Domain Scan URL

URL: https://www.instagram.com/905wesa/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@wesanews

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sales.asapp.com/t/106739/c/b2ccd89a-95ae-4b8b-9ae7-6f7236858726/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQF5WWKZDJMNQWSZBNOJSW4ZLXMFWHGLLUNBXXGZJNO5UG6LLEN5XHILLSMVSW44TPNRWC2Y3POVWGILLHMV2C223JMNVWKZBNN5TGM===/www-wesa-fm-2023-03-30-medicaid-renewals-those-who-dont-reenroll-could-get- HTTP 302
https://app.salesloft.com/t/106739/c/b2ccd89a-95ae-4b8b-9ae7-6f7236858726/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQF5WWKZDJMNQWSZBNOJSW4ZLXMFWHGLLUNBXXGZJNO5UG6LLEN5XHILLSMVSW44TPNRWC2Y3POVWGILLHMV2C223JMNVWKZBNN5TGM===/www-wesa-fm-2023-03-30-medicaid-renewals-those-who-dont-reenroll-could-get- HTTP 302
https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853565918/?random=1490623212&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=319877943.1683038653&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vCFRZMroLrnG7_UPjaSCuAQ&sscte=1&crd=&eitems=ChAI8OnCogYQtdTdjMrkodE3Eh0AWCjc0MibwYVndslxjphUfGC1MOC4-PYprpPQow&pscrd=EkxDaEFJOE9uQ29nWVFwTFhIak9TSTBZdHpFaVVBckZIb3pqMHFNd2pvWUlqaFdVbDRkOTk2QjFsc2taX0o2VkIwZ20wNXVMX0Z0d05vGldDaEFJOE9uQ29nWVF0ZjMzLThfcmhaSlBFaTBBMEVZdjNndGV5Z1psYUtvdnBobXdFdkxhTnZCV24xSzRPc2xFYlBndVVub3RXcWNyUHZjZklheHNfN3M HTTP 302
https://www.google.com/pagead/1p-conversion/853565918/?random=1490623212&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=319877943.1683038653&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE9uQ29nWVFwTFhIak9TSTBZdHpFaVVBckZIb3pqMHFNd2pvWUlqaFdVbDRkOTk2QjFsc2taX0o2VkIwZ20wNXVMX0Z0d05vGldDaEFJOE9uQ29nWVF0ZjMzLThfcmhaSlBFaTBBMEVZdjNndGV5Z1psYUtvdnBobXdFdkxhTnZCV24xSzRPc2xFYlBndVVub3RXcWNyUHZjZklheHNfN3M&is_vtc=1&ocp_id=vCFRZMroLrnG7_UPjaSCuAQ&eitems=ChAI8OnCogYQtdTdjMrkodE3Eh0AWCjc0Huz7nKOPyCB03-kOrvBMPlc9wPhq9lgRQ&random=4282147358 HTTP 302
https://www.google.de/pagead/1p-conversion/853565918/?random=1490623212&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=319877943.1683038653&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE9uQ29nWVFwTFhIak9TSTBZdHpFaVVBckZIb3pqMHFNd2pvWUlqaFdVbDRkOTk2QjFsc2taX0o2VkIwZ20wNXVMX0Z0d05vGldDaEFJOE9uQ29nWVF0ZjMzLThfcmhaSlBFaTBBMEVZdjNndGV5Z1psYUtvdnBobXdFdkxhTnZCV24xSzRPc2xFYlBndVVub3RXcWNyUHZjZklheHNfN3M&is_vtc=1&ocp_id=vCFRZMroLrnG7_UPjaSCuAQ&eitems=ChAI8OnCogYQtdTdjMrkodE3Eh0AWCjc0Huz7nKOPyCB03-kOrvBMPlc9wPhq9lgRQ&random=4282147358&ipr=y&prhg=0

107 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off Show response
www.wesa.fm/2023-03-30/
Redirect Chain

https://sales.asapp.com/t/106739/c/b2ccd89a-95ae-4b8b-9ae7-6f7236858726/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQF5WWKZDJMNQWSZBNOJSW4ZLXMFWHGLLUNBXXGZJNO5UG6LLEN5XHILLSMVSW44TPNRWC2Y3POVWGI...
https://app.salesloft.com/t/106739/c/b2ccd89a-95ae-4b8b-9ae7-6f7236858726/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQF5WWKZDJMNQWSZBNOJSW4ZLXMFWHGLLUNBXXGZJNO5UG6LLEN5XHILLSMVSW44TPNRWC2Y3POVW...
https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

177 KB
33 KB

879ms
563ms

Document
text/html

18.64.103.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-120.txl50.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: 8d3c306f5ca64343668f3453010b70575404ff9841f3b750d4a49be845150aa3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-length: 33144
content-type: text/html;charset=UTF-8
date: Tue, 02 May 2023 14:44:11 GMT
server: N/A
vary: Accept-Encoding
via: 1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
x-amz-cf-id: l6TqyBieaeM4PwoSmCYM4gUU0I_n25t_ZFlrbLrLicU4ZUelX47GDQ==
x-amz-cf-pop: TXL50-P3
x-cache: Miss from cloudfront
x-powered-by: Brightspot

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Tue, 02 May 2023 14:44:10 GMT
Location: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: a9f85aa91363eabfcf59883f84720b13
X-Runtime: 0.073278
X-XSS-Protection: 1; mode=block

GET
H2 200 All.min.086114e00ee3dde43dcba72928b69f18.gz.css
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/ 440 KB
63 KB 310ms
44ms Stylesheet
text/css 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 336393bf159b310e02225b1ed60db2d1ff58ef9cf06ed39219af887b441c0d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:10:34 GMT
content-encoding: gzip
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 14:10:26 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 520419
etag: "cae9f2d12e1ba542dbaf9396389719fd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 64327
x-amz-cf-id: _3mruspg9uE3HtPD-FpFau49jEWfiL2CrBpMNLuBFvLGLst3HOYK7w==

GET
H2 200 All.min.b0c9cfa194e2c73976e55dfcff6a1851.gz.js Show response
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/ 876 KB
239 KB 357ms
92ms Script
text/javascript 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.b0c9cfa194e2c73976e55dfcff6a1851.gz.js
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42575c8a290570887732909eb3517bb81b937b747d22d1225071418201c9dea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 01:40:27 GMT
content-encoding: gzip
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 12:53:46 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 3330226
etag: "faa250a7fb9f2b9b3e6e88034ad7e40c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 243787
x-amz-cf-id: 15q5OHLhIjdhgTEM9m3RwhEN1iE4NLOD2z7ABMDf5443SiTv9IvZfg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
25 KB 191ms
87ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14b978c807a1075a294295bbfd033e8b0122498f3bf87539afb302fd5d698aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24864
x-xss-protection: 0
server: cafe
etag: 830 / 19479 / 44790927 / config-hash: 6125404096776407943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/ 14 KB
6 KB 173ms
43ms Script
application/javascript 2600:9000:2127:3000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:08:55 GMT
x-amz-version-id: DuJR1hVAvVhDHML78yIw9xWnN.jnHD8G
content-encoding: br
last-modified: Mon, 27 Mar 2023 06:19:38 GMT
server: AmazonS3
via: 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 2118
x-amz-cf-id: r0TCeEfCYPUmAJaCh6z2luUKSj9fmd06HHp-k9NsFeyuE3Q6QR64ig==

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/e0fc062/2147483647/strip/true/crop/2262x3016+0+0/resize/150x200!/quality/90/ 10 KB
10 KB 63ms
62ms Image
image/jpeg 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/e0fc062/2147483647/strip/true/crop/2262x3016+0+0/resize/150x200!/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2018%2F08%2F21%2Fnpr_98035461_vert-337bb7c237daa59d7887866c20cbe430671f71d6.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: cef6897f68627573e9aff6e4d7933b02dbe93a903b4d104605027f5084066709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:51:20 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 255172
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 9890
x-amz-cf-id: WTz3KfJBAzDP_SUeZ3IZkpmqn_jXwWtVJrOrMOMx2DAgMldYmH3__Q==
expires: Sun, 28 Apr 2024 15:51:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 125ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc128812f4255d4a15488d187cf8e1f7a5107fec92b406fae0c08be29eb1e341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 14:44:12 GMT
content-md5: lL5WwVtEMOiqn77T7AMIuQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: xRUrxpgjSjaxj3Vr1lgq+ofS/4yIvMNTCt+axRQEh15N7f0AQ2s3J/tptcsIVZIG7W1ZMV8HigQfdzr+GEpEiQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 75b9bad74a40c0e2fb1655ebb70d41a9
cross-origin-opener-policy: same-origin-allow-popups
etag: "288e76bbc45bd8474a5e377a8028c137"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 02 May 2023 14:55:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
63 KB 166ms
75ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9782b54fd271b7132d41aed92168312f7bdb6788b335b33a6a4bc6168a7629d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64445
x-xss-protection: 0
last-modified: Tue, 02 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 141ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

389c998807e57385f82ca5ab541f5e364a6eaed10ff47ad172fe0ec3d901efa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.wesa.fm/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:44:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 14:44:12 GMT

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0898143e806ca37ecc076f3238f59a570bd15f7634af330d3b5cb59523f3b2db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3664ae33c7ad3585435cb97bceb0e161a491040182f6f6e7e267308552241dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8864ed59810e3eced3290075250f9a51259e7c5b3fe47426da48b63529429748

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9042f806140fb25319c61c61abe8cc7ebb3ef3da2ce543bdd89403159017e0b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fee96f54bac4a3dd9075904bcbb46b79f5f470f0946b6cacddfe0fd8329a1a70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 87 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d45fba801a95857977c779c662c7041cc99d9abb8a5f96ddc866b4c66c674f04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Roboto-Regular.bcb27e846d65db81e599d1bada682c2e.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 64 KB
65 KB 125ms
45ms Font
application/octet-stream 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/Roboto-Regular.bcb27e846d65db81e599d1bada682c2e.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 31 May 2022 03:52:55 GMT
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 29069478
x-cache: Hit from cloudfront
content-length: 65916
last-modified: Tue, 19 Jan 2021 18:22:30 GMT
server: AmazonS3
etag: "9feb0110b6dff9ee2b9ebd17f7a1aee6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: qG7BZ6Hsr9ATo3VbQ3CMFrgl962XloXZYF_JOzCJbN-JwER6lXVlmg==

GET
H2 200 now Show response
api.composer.nprstations.org/v1/widget/5187f152e1c837e16b69e482/ 2 KB
1 KB 389ms
117ms Fetch
application/json 54.205.106.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.composer.nprstations.org/v1/widget/5187f152e1c837e16b69e482/now?format=json&style=v2&show_song=true
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.b0c9cfa194e2c73976e55dfcff6a1851.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.106.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-106-1.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 6c912d1a7022b5b05685b7c32e8fdedb7ef62686ad99b38bfb5910eec7b726ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: gzip
server: nginx
x-powered-by: Express
vary: Accept-Encoding, X-HTTP-Method-Override, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, api_key

GET
H2 200 Oswald-Regular.4324699069756c7680a6e7fffeff0857.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 37 KB
37 KB 68ms
67ms Font
application/octet-stream 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/Oswald-Regular.4324699069756c7680a6e7fffeff0857.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f253fa17446bb4f97d687e514e47ad8d90f53ec2db5a27078c2e48a19153d3ff

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:48:52 GMT
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 30822921
x-cache: Hit from cloudfront
content-length: 37812
last-modified: Tue, 19 Jan 2021 18:22:28 GMT
server: AmazonS3
etag: "edaa7375a6aa70847d9ac82c5a1aaf1d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 7ssxDrolTy0DjGWbuQEaGI9q8pGOt63E2Rlv2lsuV9nZnS7kbplIHA==

GET
H2 200 RobotoCondensed-Regular.85ad50e76a8a1549510da5e301f292d1.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 65 KB
65 KB 98ms
96ms Font
application/octet-stream 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/RobotoCondensed-Regular.85ad50e76a8a1549510da5e301f292d1.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71347fb3ea7e3f722eb29972cfe86ca18ca8326a490f4a789334b4dbbc4fbc3c

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 02:01:15 GMT
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 21818578
x-cache: Hit from cloudfront
content-length: 66296
last-modified: Tue, 19 Jan 2021 18:22:29 GMT
server: AmazonS3
etag: "c8bde939f4823cf1d13619290782e58b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 0K31Wr7_qW_f2y6iF21aBlJzkI1jTQQzLgNbGM9scQ1PJXLCm8QJaQ==

GET
H2 200 Tinos-Regular.c34f0550299e7b1df8097deca3f3e423.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 151 KB
152 KB 131ms
130ms Font
application/octet-stream 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/Tinos-Regular.c34f0550299e7b1df8097deca3f3e423.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de129dc339ad6d1ef70979fbb767a093b58f7074295ce5023220880aebdfeea

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:06:52 GMT
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 12224241
x-cache: Hit from cloudfront
content-length: 154784
last-modified: Tue, 19 Jan 2021 18:22:31 GMT
server: AmazonS3
etag: "651186a8d354527d1d1109c8494c1330"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: E0S5K3c3q6W0vhtVLSuhuAj-DsZNlX0VcK7HoqC_RZfINqMP6kDqyQ==

GET
H2 200 Lora-Regular.6a829d3b47948aff3773d4ef7c692b54.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 62 KB
62 KB 114ms
114ms Font
application/octet-stream 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/Lora-Regular.6a829d3b47948aff3773d4ef7c692b54.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e98838f5615ef1b770afa611ee8e16049049748d057d5610899de9cd93f85e1e

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.086114e00ee3dde43dcba72928b69f18.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:19:06 GMT
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 25946707
x-cache: Hit from cloudfront
content-length: 63208
last-modified: Tue, 19 Jan 2021 18:22:32 GMT
server: AmazonS3
etag: "45333152d84c5b68301514bb6689f0e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: XRV-Yx9MsNXunmFpGsUIoN3VL0Pi4Tdy_7auYmkAZ3GvHojr4p5Iwg==

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/a68f09d/2147483647/strip/true/crop/300x60+0+0/resize/534x106!/format/webp/quality/90/ 8 KB
9 KB 43ms
41ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/a68f09d/2147483647/strip/true/crop/300x60+0+0/resize/534x106!/format/webp/quality/90/?url=https%3A%2F%2Fnpr.brightspotcdn.com%2Fdims4%2Fdefault%2F593f326%2F2147483647%2Fresize%2Fx60%2Fquality%2F90%2F%3Furl%3Dhttp%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2F84%2Fc6%2F8555649c4ab293247c66ba6a7c27%2Fgrove-header-logo-150x750-1.png
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: 5e5e69fbb7610ba9a61c4dacc4c025ab17f4c0541c648f8c83c5e47b6bb0cd91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 13:27:59 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 21863773
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 8580
x-amz-cf-id: j-WwwDNwVPBI_Cx8Cz2tMzLk0LvcjSrohUAziiE5Q1SQMaBuccqB4A==
expires: Tue, 22 Aug 2023 13:27:59 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/a995b9b/2147483647/strip/true/crop/138x46+0+0/resize/1760x586!/format/webp/quality/90/ 16 KB
16 KB 48ms
45ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/a995b9b/2147483647/strip/true/crop/138x46+0+0/resize/1760x586!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fimages%2Fstations%2Flogos%2Fnpr.gif
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: a1812aee105946804c1f904efd8830f09a7c16d0fd5a227e1f6ab2f64f1c5289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:47:58 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 23673374
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 16148
x-amz-cf-id: A-b-EXcHnATALxUGM2YMLlDVXMUQnlnq8SE_dk7v_fn8WELTzoYgKA==
expires: Tue, 01 Aug 2023 14:47:58 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/288f711/2147483647/strip/true/crop/747x494+0+0/resize/260x172!/format/webp/quality/90/ 21 KB
21 KB 44ms
42ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/288f711/2147483647/strip/true/crop/747x494+0+0/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Fe5%2F5d%2F247ca4dd4df0a3d05b493c98372a%2Fepa-soil-east-palestine.PNG
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: 8b5c1ccd723beecec8e1022f57d2decdfc3733b002223fb2320affe12d1fc43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:34:22 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 18590
etag: 1cff052a9aec8cd0ab35ced11a026992
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 21398
x-amz-cf-id: hpXyEpOdiQKGXc46IPU3aFNNGgJsAfxVGqfCTomEdqvLRLoLZOWrrQ==
expires: Wed, 01 May 2024 09:34:22 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/af79c5d/2147483647/strip/true/crop/1730x1144+0+0/resize/260x172!/format/webp/quality/90/ 10 KB
10 KB 46ms
44ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/af79c5d/2147483647/strip/true/crop/1730x1144+0+0/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Fd5%2F0a%2Fcd4d8f554ba78ee96810bf286b0c%2Fap23061663578972.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: 0c3a7371b7228b5057ddf12a2b2d8552114e737bcab441d58d7a94e680a09c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:35:04 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 18548
etag: b01cc5b677dae651128655a3d6045749
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 9942
x-amz-cf-id: NvvmGtWzFfMPEHfSqPmM-qf_EJBPSOXyfxAVYYJ00leK0zWolLsTbQ==
expires: Wed, 01 May 2024 09:35:04 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/83f5bc2/2147483647/strip/true/crop/4059x2685+0+0/resize/260x172!/format/webp/quality/90/ 9 KB
10 KB 46ms
44ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/83f5bc2/2147483647/strip/true/crop/4059x2685+0+0/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Fac%2Fb5%2F3df8fc6b4d829c95a41862569005%2Fi-am-not-done-with-this-body-horiz.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: 576845b180f730697436f002c73c5caf6f8767a95da650bfd3ff760c54206427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:32:02 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 18730
etag: 2131599c62895e9da79a08d7b57a6c79
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 9714
x-amz-cf-id: yt5SMvVHe1vAReDI8AcwzCCJQ6a2fQ3Tg13L44IjbDL3VFEBOcesOw==
expires: Wed, 01 May 2024 09:32:02 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/3ada6e1/2147483647/strip/true/crop/3000x1985+0+0/resize/260x172!/format/webp/quality/90/ 12 KB
13 KB 48ms
46ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/3ada6e1/2147483647/strip/true/crop/3000x1985+0+0/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2F8c%2Fc6%2Fd4c39ebb4260b5bcc5822a906e56%2Fpennsylvania-state-capitol-spotlight-pa-phily-inquirer.jpeg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: 38298617ccd6ef095daf4bb1d78d368826ed5a28e15d2a205fddc03fb8230861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:38:42 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 18330
etag: e355e9df864f93b7852a1c1e05b431af
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 12660
x-amz-cf-id: fytSS6PtPAbx2MwNhPhrEd7f4fyXcVERd-WSsZroWm5KDfS9oZ0RwQ==
expires: Wed, 01 May 2024 09:38:42 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/5743308/2147483647/strip/true/crop/5189x3433+0+26/resize/260x172!/format/webp/quality/90/ 11 KB
11 KB 49ms
47ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/5743308/2147483647/strip/true/crop/5189x3433+0+26/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Fb2%2F0d%2Fb8e97b504b36a52c4adcbd227205%2Fap21012616214698.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: 60e81346814df0c5ef3121ada4f158b8f0a07ec791ada0572971aa67766dacc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 22:37:47 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 57984
etag: c2f334a2f0431ef75a68e7abb7035398
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 11050
x-amz-cf-id: bUPfnumsvv_1lhkWmITnVsC5hODx6fv8gVOJb7buZEFG-avhg4T8KQ==
expires: Tue, 30 Apr 2024 22:37:48 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/87263a1/2147483647/strip/true/crop/1080x1080+0+0/resize/1760x1760!/format/webp/quality/90/ 2 MB
2 MB 57ms
56ms Image
image/gif 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/87263a1/2147483647/strip/true/crop/1080x1080+0+0/resize/1760x1760!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2F85%2F95%2Fdaac873b4d6dab70127e893dfe18%2Fpmgd-tile.gif
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: b8734da7533c8b09e0927c5fdcb72f2df574eb554d6cd941a8eb5d91f3a63ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:16:04 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 325688
etag: 4da93fa3d9a923a8e203f1a47b81c69e
x-cache: Hit from cloudfront
content-type: image/gif
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 1752784
x-amz-cf-id: 8ix3cYaPpQt7Xk3yG98xRwd687i1EiP_geQSyBDPBYjbpWMJZQEJnA==
expires: Sat, 27 Apr 2024 20:16:04 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/302990e/2147483647/strip/true/crop/2664x1484+0+257/resize/560x312!/format/webp/quality/90/ 34 KB
34 KB 145ms
143ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/302990e/2147483647/strip/true/crop/2664x1484+0+257/resize/560x312!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2023%2F05%2F01%2Ffinazzos-78ccae187bc810dc65aac0ce6f26ec68ac17935e.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: 9f0b2277a37d948697c91f9d33aaffc11d1f7baed1c1926384ff175adc2e1530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:18:26 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 1546
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 34568
x-amz-cf-id: ZKZhNWGNrcYl65asjwjmnnAo58fhGACVKbZAvp-gwEzC4KKE7j5Qww==
expires: Wed, 01 May 2024 14:18:26 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/05e3ad5/2147483647/strip/true/crop/3942x2196+0+202/resize/560x312!/format/webp/quality/90/ 54 KB
54 KB 50ms
49ms Image
image/webp 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/05e3ad5/2147483647/strip/true/crop/3942x2196+0+202/resize/560x312!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2023%2F05%2F01%2F2_some_like_it_hot_production_photos_october_2022_hr_credit_marc_j_franklin_custom-871b914db0884fa07fc1d279781654eec53ecb48.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: e18af82900584bddfef0eb9847a0c441987281cb9d967c685addc4a0dc5a8026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:07:21 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-P2
age: 5811
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 55112
x-amz-cf-id: lG1qw0QzxDvB2RMqSrD8711FtCR7NX2XzsRpkJC1bPtej0yr2TMf2g==
expires: Wed, 01 May 2024 13:07:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 129ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 250797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 17:04:15 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 85ms
44ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=036f8cae06cd24e39ea3a976a8323cfb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c19035a8fd390ff0aaceba2c9cc470674ff129a3d92e7c9e19bf0e5e6b957d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wesa.fm/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 14:44:12 GMT
content-md5: 9Wnq95ts/cI8czYZYS2OpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88640
x-fb-rlafr: 0
x-fb-debug: xgRYKchAhPEZESjqEmktCt5GIWGIdrO+hjajG3bsWDlqyhbghG/I/sFwtSazRkUTlR5Mot2A8LVL+8u4Wx/gSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 8077a443d83ef4fbe6fc1f88b9b3e831
cross-origin-opener-policy: same-origin-allow-popups
etag: "dce63430af41b248b88e6d88d35970d2"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 May 2024 12:39:29 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/ 815 KB
246 KB 50ms
50ms Script
text/javascript 2600:9000:2127:3000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28f9362a3d350b604eeb257588899eaca36904688ce31bc0012678c117fe68a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:08:56 GMT
x-amz-version-id: jw7ojGczbBSTvlJie7ePnkvea92F4fIn
content-encoding: br
last-modified: Tue, 02 May 2023 13:45:14 GMT
server: AmazonS3
via: 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"006c6dc35fc56cca97b1d10a65b02032"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 2117
x-amz-cf-id: KhwlPIi1KL0hBmqn6b_bD4IuPlhu5GZbOWia5vZXtHiToksrNMcG8g==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ 399 KB
124 KB 137ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=44790927

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18470
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126484
x-xss-protection: 0
server: cafe
etag: 2690975471868618065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 01 May 2024 09:36:22 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 38 B
578 B 170ms
74ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wesa.fm

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55ee721ee3d3dbc852ac307e77605441a3351ed170b96014f6ac4b5b909cd60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
x-xss-protection: 0
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 13:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5948
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 02 May 2023 15:05:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
56 KB 114ms
109ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC27BPG&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39bd19e657c8254765f6cdf2bbb97134ed5d05f3d06e9ca0fca21867963dba03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57343
x-xss-protection: 0
last-modified: Tue, 02 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 160ms
46ms Script
application/x-javascript 2600:9000:2127:2800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 48830
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: lhWZv7lPlCnSA-YfznrPSGLXu9I5P3l3XCCTozF_AQC4WIYFHW_ADw==
expires: Wed, 03 May 2023 01:10:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 51ms
48ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XGZ99F1SED&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

411a932e1dabaaa20258fa6a47ebc6d88770f34e177a13aa518f9a3be3d5be44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 81ms
77ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KF0HV4V4FK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

880bbd9c06b97b57f898332f63fae1952bd4ed630b73a404acc6dd49400010ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69862
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 236436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 21:03:36 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 51ms
51ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:01:51 GMT
x-content-type-options: nosniff
age: 229341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 23:01:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 65ms
64ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 391075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 02:06:17 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 147ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XGZ99F1SED&gtm=45je34q0&_p=1220206986&cid=343777494.1683038653&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683038652&sct=1&seg=0&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&en=page_view&_fv=1&_nsi=1&_ss=1&ep.station=90.5%20WESA&ep.page_type=news-story&ep.nid=00000187-31cc-d817-adcf-3bfe0ef70000&ep.article_category=&ep.article_author=Maria%20Godoy&ep.article_keywords=&ep.story_org_id=s1&ep.site_name=90.5%20WESA&epn.inline_audio=1&ep.program=Morning%20Edition&ep.article_published_date=2023-03-30T05%3A08%3A15Z&epn.article_word_count=0&ep.npr_story_id=1166970026&ep.station_org_id=360&ep.npr_cms_site=true&ep.article_series=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XGZ99F1SED&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 14:44:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 79ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KF0HV4V4FK&gtm=45je34q0&_p=1220206986&cid=343777494.1683038653&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683038652&sct=1&seg=0&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&en=page_view&_fv=1&_ss=1&ep.station=90.5%20WESA&ep.page_type=news-story&ep.nid=00000187-31cc-d817-adcf-3bfe0ef70000&ep.article_category=&ep.article_author=Maria%20Godoy&ep.article_keywords=&ep.story_org_id=s1&ep.site_name=90.5%20WESA&epn.inline_audio=1&ep.program=Morning%20Edition&ep.article_published_date=2023-03-30T05%3A08%3A15Z&epn.article_word_count=0&ep.npr_story_id=1166970026&ep.station_org_id=360&ep.npr_cms_site=true&ep.article_series=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KF0HV4V4FK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 14:44:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 151ms
52ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-25070716-1&cid=343777494.1683038653&jid=1202172836&gjid=1316442561&_gid=1661732859.1683038653&_u=YCDAgEABAAAAAEAAI~&z=172215559

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wesa.fm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 02 May 2023 14:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 149ms
52ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-9999999-98&cid=343777494.1683038653&jid=689872762&gjid=1040742674&_gid=1661732859.1683038653&_u=YCDAgEABAAAAAEAAI~&z=657546336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wesa.fm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 02 May 2023 14:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 144ms
53ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18188937-11&cid=343777494.1683038653&jid=1788346072&gjid=2147438696&_gid=1661732859.1683038653&_u=YCDAgEABAAAAAEAAI~&z=1012720210

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wesa.fm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 02 May 2023 14:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1220206986&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&ul=en-us&de=UTF-8&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=1202172836&gjid=1316442561&cid=343777494.1683038653&tid=UA-25070716-1&_gid=1661732859.1683038653&gtm=45He34q0h1n81N39QFDR&cd6=90.5%20WESA&cd7=news-story&cd8=00000187-31cc-d817-adcf-3bfe0ef70000&cd10=&cd11=Maria%20Godoy&cd12=&cd13=s1&cd14=90.5%20WESA&cd15=1&cd16=Morning%20Edition&cd17=2023-03-30T05%3A08%3A15Z&cd18=0&cd19=1166970026&cd21=360&cd22=1&cd23=&z=141324517

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 12:05:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9500
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 40ms
39ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1220206986&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&ul=en-us&de=UTF-8&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAEAAI~&jid=689872762&gjid=1040742674&cid=343777494.1683038653&tid=UA-9999999-98&_gid=1661732859.1683038653&gtm=45He34q0h1n81N39QFDR&cd6=90.5%20WESA&cd7=news-story&cd8=00000187-31cc-d817-adcf-3bfe0ef70000&cd10=&cd11=Maria%20Godoy&cd12=&cd13=s1&cd14=90.5%20WESA&cd15=1&cd16=Morning%20Edition&cd17=2023-03-30T05%3A08%3A15Z&cd18=0&cd19=1166970026&cd21=360&cd22=1&cd23=&z=2021709000

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 12:05:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9500
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 41ms
40ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1220206986&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&ul=en-us&de=UTF-8&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAEAAI~&jid=1788346072&gjid=2147438696&cid=343777494.1683038653&tid=UA-18188937-11&_gid=1661732859.1683038653&gtm=45He34q0h1n81N39QFDR&cd6=90.5%20WESA&cd7=news-story&cd8=00000187-31cc-d817-adcf-3bfe0ef70000&cd10=&cd11=Maria%20Godoy&cd12=&cd13=s1&cd14=90.5%20WESA&cd15=1&cd16=Morning%20Edition&cd17=2023-03-30T05%3A08%3A15Z&cd18=0&cd19=1166970026&cd21=360&cd22=1&cd23=&z=1988027953

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 12:05:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9500
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/853565918/ 3 KB
2 KB 161ms
52ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/853565918/?random=1683038652622&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&bttype=purchase&auid=319877943.1683038653&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e14e8b8a688aec81ddcded0bec6cd12b26686af4582b407c6854f4f0e3733c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1672
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 50 KB
19 KB 155ms
39ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: b240f6825e701e2e5dd89198a9153002cb17bd3c6ca617acab792a681bb0a8f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-570
cdn-cachedat: 05/01/2023 15:12:18
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:01 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 572
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850a9-c83e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8999e1033ab2ca7596c972518ae8d8a8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 May 2023 14:44:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xl3yMlE5pihfTYkatMS1Z+5GsA5Lhr2XK8HEHDgtS68aWFwuowJrxvKfD/i7GzjpFIVmGxoCtVb/tuzhyKu8GA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 387ms
117ms Image
image/gif 52.203.65.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=wesa.fm&p=%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&u=CE6UsIBDOQgfQZzZm&d=wesa.fm&g=33583&g0=No%20Section&g1=Maria%20Godoy&n=1&f=00001&c=0&x=0&m=0&y=4509&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&b=3099&t=Ctu_QdBTT5dMDpTc-ZBTaTszyHg7S&V=139&i=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&tz=0&sn=1&sv=dKYE-COxGDfDJUjHfBu_-iif6ydy&sd=1&im=067b0fff&_
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.65.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-65-114.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 02 May 2023 14:44:12 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 194ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wesa.fm

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 145ms
51ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wesa.fm

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 139 KB
22 KB 114ms
113ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=944833960118753&correlator=2615781681576398&eid=44790927%2C31070232&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fifs&iu_parts=12382905%2CTop_Banner_WESA%2CWESA_medium_1%2CWESA_medium_2%2CWESA_medium_3&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3%2C0%2F4&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=1&adks=2736006922%2C638188953%2C3352771416%2C1026991714&sfv=1-0-40&prev_scp=id%3D00000187-31cc-d817-adcf-3bfe0ef70000%26type%3Dnews-story%26programs%3DMorning%2520Edition%7Cid%3D00000187-31cc-d817-adcf-3bfe0ef70000%26type%3Dnews-story%26programs%3DMorning%2520Edition%7Cid%3D00000187-31cc-d817-adcf-3bfe0ef70000%26type%3Dnews-story%26programs%3DMorning%2520Edition%7Cid%3D00000187-31cc-d817-adcf-3bfe0ef70000%26type%3Dnews-story%26programs%3DMorning%2520Edition&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683038652713&lmt=1683038652&dlt=1683038651749&idt=912&adxs=436%2C1100%2C1100%2C1100&adys=251%2C311%2C1624%2C1664&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&frm=20&vis=1&psz=1600x0%7C300x0%7C300x0%7C300x0&msz=1600x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=343777494.1683038653&ga_sid=1683038653&ga_hid=1220206986&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=44790927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86bc046608c42adef19dc2c1794b75805f6a63f12b5b586e1d57dfb76fe02e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21833
x-xss-protection: 0
google-lineitem-id: 6239419409,6284053629,6274034383,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424805001,138431334949,138429360903,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
59dc7390292a783406d611f657ed59ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA5A 6 KB
3 KB 201ms
53ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://59dc7390292a783406d611f657ed59ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=44790927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wesa.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 14:44:12 GMT
expires: Wed, 01 May 2024 14:44:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 343377981100718 Show response
connect.facebook.net/signals/config/ 2 MB
329 KB 403ms
402ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/343377981100718?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bff841b941387a0d5e10a6c4921d6e0bd149a7e21f0ae8cb654c1fb5deba8b5b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 May 2023 14:44:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Q6bZWHKzGDAZY1pUHnK0zx/vCSYCYpKH2lus7LiZBpF2fzOoPU2Q8qBVUyPK0xYYUJSY9usC7XLgoFj6hLwDvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/853565918/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853565918/?random=1490623212&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/853565918/?random=1490623212&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%...
https://www.google.de/pagead/1p-conversion/853565918/?random=1490623212&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2...

42 B
455 B

445ms
53ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/853565918/?random=1490623212&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=319877943.1683038653&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE9uQ29nWVFwTFhIak9TSTBZdHpFaVVBckZIb3pqMHFNd2pvWUlqaFdVbDRkOTk2QjFsc2taX0o2VkIwZ20wNXVMX0Z0d05vGldDaEFJOE9uQ29nWVF0ZjMzLThfcmhaSlBFaTBBMEVZdjNndGV5Z1psYUtvdnBobXdFdkxhTnZCV24xSzRPc2xFYlBndVVub3RXcWNyUHZjZklheHNfN3M&is_vtc=1&ocp_id=vCFRZMroLrnG7_UPjaSCuAQ&eitems=ChAI8OnCogYQtdTdjMrkodE3Eh0AWCjc0Huz7nKOPyCB03-kOrvBMPlc9wPhq9lgRQ&random=4282147358&ipr=y&prhg=0

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 14:44:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 May 2023 14:44:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/853565918/?random=1490623212&cv=11&fst=1683038652622&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=319877943.1683038653&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE9uQ29nWVFwTFhIak9TSTBZdHpFaVVBckZIb3pqMHFNd2pvWUlqaFdVbDRkOTk2QjFsc2taX0o2VkIwZ20wNXVMX0Z0d05vGldDaEFJOE9uQ29nWVF0ZjMzLThfcmhaSlBFaTBBMEVZdjNndGV5Z1psYUtvdnBobXdFdkxhTnZCV24xSzRPc2xFYlBndVVub3RXcWNyUHZjZklheHNfN3M&is_vtc=1&ocp_id=vCFRZMroLrnG7_UPjaSCuAQ&eitems=ChAI8OnCogYQtdTdjMrkodE3Eh0AWCjc0Huz7nKOPyCB03-kOrvBMPlc9wPhq9lgRQ&random=4282147358&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 42ms
42ms Stylesheet
text/css 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: br
cdn-edgestorageid: 863
perma-cache: HIT
cdn-storageserver: DE-569
cdn-cachedat: 04/25/2023 22:14:04
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:03 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 590
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ab-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 79e700a1829f75050f5feba269827a97
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 147286 Show response
api.omappapi.com/v2/embed/ 15 KB
4 KB 234ms
130ms XHR
application/json 18.66.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/147286?d=wesa.fm
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: c10e39695ca2f1e254b1ac885db9a8ae968d3ef2580ec6a514abe241f2f61d69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-account: 160723
x-user-agent: standard--
last-modified: Mon, 01 May 2023 11:58:34 GMT
server: Pagely Gateway/1.5.1
etag: W/"d6a39fa0da540713830d5211341c9780"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: y84gGfs3e-VYc8xm8YUlw04yDXfhA2l46SUBe6F8emNHQZC864OftQ==
expires: Tue, 02 May 2023 14:14:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9969 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK5UPjcEaTS18eM1BSD401lnSes_O9ILqBko9MHef2MPFiJ1iIz85E0wuG-pijUtI8tYfR4XyMKK--aeSxw_4FxJah5tTTqboleX0W_VztnMqHkWhfJszWEIpAblYUL8vP606HXfVmBZNYxBw90tOoPctysOW4Q0rRLIE_SEYznulMxLj4hQ9a6vz-bBqAALG8TPhL2O7hcATjv7sAbTkxAHChcY_2dpXczmEOTpA9pLgfA5v3JF6Z3THXwOx0os37ytg4LUYj23NUd9hXf17gj0jH7560G5J6_bM0m0qe5EOQRbj4wybICOJl&sai=AMfl-YSnCRqtT5n-8RFvIZAQHSAqSIF0UJQvjdG7AJWljqpDKkmKASGgq1xFrGzgfY8CSQzcjZVYhC3KtGsmMp1DFS6rtww2Xo9BfxmydXaXdom2YCPani-LhES9Tc9OhHyB2tmJ8G_RWbfJu4_1f2YN&sig=Cg0ArKJSzB6pHHV2bXmXEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 9969 22 KB
9 KB 143ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 9969 3 KB
1 KB 184ms
82ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 13:37:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9969 160 KB
49 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 17381289691475166606
tpc.googlesyndication.com/simgad/ Frame 9969 81 KB
82 KB 184ms
84ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17381289691475166606

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffb95ffc2408091d57960c9e8b225dbd92667b05211db0897d14e5d9a88475c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:16:09 GMT
x-content-type-options: nosniff
age: 156484
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83245
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 21:42:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Apr 2024 19:16:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79AD 0
0 80ms
79ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEDKV7ev65I79C29g1BeCFtMw4MDEL53071W3i-5SiuB3QncUSkmE7SCknbTM2at5RJfhFn4agpKE9YaUplDxUXGVOQoZpI7tVDTHcDc5OrQSg3FoPUQAiwReFRXgrUMG7-pu9byBk0rPNQwOfiGfoqaVo94SIKHTsLgpfNGuTFygqbIc3DPbm5MgjMdGALCmbTFW1WCbSz-iPlGSQRlBahs8SYpoXG9c81Txxz1v68hNBEiiiZAfL6DFwaTBOARyFTKvL-PC3j3RAwwBNapy6dZt4DyhVzHieV31IQ-jzwMf7No90QToKdJw8Zw&sai=AMfl-YSN43pKp7EikZtYJ3rcqiABl7m_OIdtNonrB4ZpVhIlu5PRXRyMWv76jujGs77dXGdRHQyukx4TQJsnmdLdQFPz0vxBFPiW9vKA4WYYQ9CQ_H0KjjQHYwgPb1dvn_tW4_J4g63CC1nmgqu_JhLC&sig=Cg0ArKJSzJdhAntEXDYqEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 79AD 22 KB
9 KB 129ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 79AD 3 KB
1 KB 163ms
81ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 13:37:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79AD 160 KB
49 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 8682450285046788149
tpc.googlesyndication.com/simgad/ Frame 79AD 36 KB
36 KB 211ms
131ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8682450285046788149

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec9c15035109487dcf563322b20d47db38bf26634b1691c5e7d2fc04dac054c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 17:59:35 GMT
x-content-type-options: nosniff
age: 593078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36872
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 17:47:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 17:59:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00CE 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteyB0rkWI0FaHvcPKOd_3As6-8STJiCEr5AulherK8iERO73lB_h007ZuZpeDsM9onv74jfypq-V2iqLvyF5GyPkVdBpugJqnXXMQ_B41mXjRwL03RCDEEqCju_rgMfxCZdAB9iZKPWYFlzmSr1QvsCTLWt26HX0acZ3rwbGfpxnFOs_jSdsnMes9nuX5DinN3_R5T8SfF4btXS0WWmYXrlPl6EWHU9ldLOOy_J5YE07HH5ty6MTqnkw3bAefkqQTN5po9kDKCS5_355VP5jk1V3-fOYFVym808eMDczMOr04I2ZWRbqujfcv6kQ&sai=AMfl-YS2nJAozyomm2icWJoQF6Ma7Z9s21NFYy3_CvHVQ5bWQRubynfkLvvIxk5vtNw4lhWodl7rSuUuRWZu6B0gK77ETwiYytwkhpe8dUs2FNdWQSmGX3fLY7oLJwKCPZ5NXz7jtsoRFIaq0bJtTgmW&sig=Cg0ArKJSzEGDHlnXbHW1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 00CE 22 KB
9 KB 124ms
55ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 00CE 3 KB
1 KB 476ms
476ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 13:37:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00CE 160 KB
49 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 14:44:12 GMT

GET
H2 200 6807047843747109463
tpc.googlesyndication.com/simgad/ Frame 00CE 102 KB
102 KB 175ms
112ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6807047843747109463

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd01ce47447659cc1c869815af18cfddd522d25da07ae8f107adbf56df18ef22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 21:08:59 GMT
x-content-type-options: nosniff
age: 63314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104139
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:52:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Apr 2024 21:08:59 GMT

GET
DATA 200
OK truncated
/ Frame 9969 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e90a775d9e08bb9a5c903a829c8e895d20fa38bba4156dd50c8dcd6a588b378c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5.112e6dc7.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 48ms
48ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.112e6dc7.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1075
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:02 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 567
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850aa-3f86"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b88f802b7d5045812849d68a740363ba
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame 79AD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71c66ba43a53fecd35f5fd9b9757c069d29c56c60f2628d78de9c172f817ea61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 00CE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f509e2ab98230f1d8db756b0cb69ac66d1ca0c04178d6cf6599537164a4ce9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79AD 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur8EZHmIC3qnAsFB--iHFtges-r3zkrhM-rDV7aOA9FJz5MgPw1m5CF7MnwgBKDKKu5rFbmYFGMPYVciC9uYu3LYqaSkhis4_FmXzGvCr0fB7Ohc93BuEy_j5ogEARROuGRsuWrWFSzTBRxxWM144qlixzXzSI_O6h03VTCCNkm2bC3EZ4SvGju9UKMYZO1KX5TinPB7iQs0jiZm8eOYfMe_HmUtmnPxG9kuC0dIvAQbVDoOXUy1kCthB9gUxzo0e3sHuDvYcVs5G2c07eiwf_CxcGTaLLpUxPo5BVgNHCVH-JwibuHpovLdaDsL2E&sai=AMfl-YS9Ed5Y5R8zklcTddQBWAFSnq2zCLpxoWds98j5j935AJxUa7eV8cH9apUjqsTAi8ySz9f8ccJmcgUoBI61cF3o091DjJVYMSealQ14DOQc9DK6PZRFvKjpMzkEGhqpmnN_1TVGpoZLNxn3OV4x&sig=Cg0ArKJSzJzPT8zkVbQwEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 14:44:13 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9969 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO70M5U3CheQVseLQ6uSj6eapkwlf0PnHBa4OXZs-8cirHW3wIsM3RTO1frCsjPOcuKVJtCtvhcVzYzFQtVqR5KsyvXbDGfcSU7T_KnLvRqZgm0VGEF7G1Y8w6vEMSRSPx1wJlF41kqcmoAfxNjbc5DG9zJgbfVC6zckmyFtrc67LIo6Z3H1RB2A66KsathHh-ceyStEMdoLtWN7W4l-FTcuOJZitdYmrk2j2TDQ8u6HOFeLehi8F08VNLAYEbKmpcAV3WKciNpUjjAEsCddLYK5P9-e851wGUCyT2VwuSpdLTem6F-XjgelBFuRg&sai=AMfl-YSqe-1se9RDS-jEBidGzvcYuaPh9Kvnvf73WxTyVvT4Cxi4vdUXReUMyfR0ZLjF_iBW44Um7qUpVWZ4oVSgxcEJVLfy8z4zb_zu54is--EpBjMMgIP6Pbr7AVxqHUeIBelvDoVnaAVHGpEIvA5Z&sig=Cg0ArKJSzHPXfJjueA8wEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 14:44:13 GMT

GET
H2 200 moment.min.js Show response
a.omappapi.com/app/js/moment.js/2.29.4/ 57 KB
21 KB 40ms
39ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/moment.js/2.29.4/moment.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 3abec75692735d0664a10337b1403620f8edf2b4cb4b9fc5216dea2e623b1f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 723
perma-cache: MISS
x-amz-request-id: VBYDJTHEYGRAJEWS
cdn-cachedat: 04/25/2023 22:14:03
cdn-pullzone: 293267
x-amz-id-2: KQwpXoGvQK36cjE5PT7oZzBeQs3/cc9l68jV2Wbb10GChCv73ct84Xe/9Q4yDsDfHr75j7j54U4=
last-modified: Wed, 17 Aug 2022 22:33:45 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"c80207c947912a0a24c577d793c91088"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 666d9e7845d642578a8c641f2b7b3a77
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
8 KB 58ms
58ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: MISS
x-amz-request-id: 4T2DA0DMXKXSE3PH
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
x-amz-id-2: aKBn6AwHXacxxABNyOrRIuNc5oTsx6zkwOEYn9RDw0dYIdSaoYcwdZmwLWTqKsABPZ/7iwFpyBzZA6mMbONjgg==
last-modified: Wed, 17 Aug 2022 22:33:45 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"593e60ad549e46f8ca9a60755336c7df"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c894f4d686e6998de65a0ddbf6fd9ef9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.a7e57602.min.js Show response
a.omappapi.com/app/js/ 41 KB
13 KB 61ms
61ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.a7e57602.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 9521e9248df7d8a4bbe9c8052f273014560517a37e1aab0da71b61467d43922c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 860
perma-cache: HIT
cdn-storageserver: DE-572
cdn-cachedat: 05/01/2023 13:50:41
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:21:24 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 566
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64485264-a575"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0428c254eb440037cadc4c016468409d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00CE 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2ybkbIWlWi3dc-Q0rATSV2zNjPdcwQyEoCDotK3n-aLXBM1K7dohYtEv70N9TEfrRANesusD0qzSWJM16ugadMG_3BHp5CGGBPk8an7gNAGHdH6kLlDQaFItUujkLPKE03NnlyJDvK9sZ-oyOuyq3QvL4g9pQNiZYb6FVXl9fqTCvSUBGJkPLzpSLRz4lDV1HD6hENg-QGHduBlbV7FECW1crHGHSmDLTF5R5n9JiDcaPONkxnR8yhrKRD3bymA5BJqGCY5qJjmLhe4YwdhZWfI5bnobGza1J1sttqw3jHjvtV1dE8C0thBAfQuhD&sai=AMfl-YQsw3fSHb_PirLmeRNQ_gv-wnJJGvQTBiPC1YUooJfO0XcoB0gUnfcd_GAQH21xALvHl9_AdcIUIugu06SUVSBW1XXEHFQDlOiEGXneyykM6CWg5YyNO2lA1JbchIXH6Dh981jZd68VjHi-GDln&sig=Cg0ArKJSzNErx3y-na4AEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 14:44:13 GMT

GET
H2 200 moment-timezone-with-data-2012-2022.min.js Show response
a.omappapi.com/app/js/moment-timezone/0.5.34/ 41 KB
13 KB 40ms
39ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/moment-timezone/0.5.34/moment-timezone-with-data-2012-2022.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 7ed17775731ec99f940c02d17c8944d31c3e2f6d2884369af025e47285468720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: MISS
x-amz-request-id: DKGF82M62NENWWYA
cdn-cachedat: 04/25/2023 22:14:04
cdn-pullzone: 293267
x-amz-id-2: rnV8HREkg+WsrJDR5f+Pa2LJe+b7mQVssptLDkkY9VzyfoSbf2v3CtlNE6JjoBkds09N8yq4Pf9DacvUBnqTRWadA71iq8v/
last-modified: Wed, 17 Aug 2022 22:33:45 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"5c3d21324208bc391e661eca7f6347fb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 013e496b8caf8da4f07be5355e085295
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 13.56678130.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 39ms
39ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/13.56678130.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: b15b3c9a160b5adfb389f2ad81a6fe56f5b9950598efbda03dbd34c09c1236b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: MISS
x-amz-request-id: 4T269ST3BPAMBASE
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
x-amz-id-2: 80iw9dCtdkzZFuFRUWJju62Vls4UmjLDZHu5UyPjFun2329eSJCpsmwMfoyNOhquoxN7oBx/HPA=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"60da44c7e5141ffb78ce4124904d4641"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 02ac5ae0b006d79f615a1a6855e702c3
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.e40ad1db.min.js Show response
a.omappapi.com/app/js/ 4 KB
3 KB 43ms
41ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/20.e40ad1db.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 8df63939e87e03d5f16d0890511315ab0aa86bf66e64dfffb9d637b1d4c85741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1078
perma-cache: MISS
x-amz-request-id: 98BJ2QRJ1ZVANY46
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:01
cdn-pullzone: 293267
x-amz-id-2: ry7EZsjRWqValpbY6SltU6slRyjfL8sM5oHINXvpmTb28/uF9cLy37U+irfYsJUKM/eubZJUJR4=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"975c932378793719f435cfa95c3de9b5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1afbdae237feb8115b0e1c7e7b119e6a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.37593e59.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 44ms
42ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.37593e59.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: d08aa5fe6131891425c044dd702f43f2ecf647100e35173a102fe03fe49b0270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1076
perma-cache: MISS
x-amz-request-id: 98BVVZPKZN0RVZDA
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:01
cdn-pullzone: 293267
x-amz-id-2: AUO9UCHgyF+0dOR3xQEKiI7v8imuzEuuo5ilNAGj2WQqlKY1i6yekGSU+0WYXt4RtLOV+IKXQOA=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"d4dc37b7cb49ba21532b243c6bb2d2fb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 2c4039021bd408175c17a6d3303245e4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 34.01aeaad3.min.js Show response
a.omappapi.com/app/js/ 8 KB
3 KB 46ms
44ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/34.01aeaad3.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 0cf67a42bb48fba065918fca80854ed3117be8fe739d0b19492331f529e868d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 05/01/2023 15:57:41
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:05 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 566
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ad-203b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5ce2eb8b0266cfae9b3c187d6be224da
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.70f770b5.min.js Show response
a.omappapi.com/app/js/ 20 KB
7 KB 48ms
46ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.70f770b5.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: ef6d64d5a48a5bb376669ef86426e511b9d6d13b461d48b9b850c29fa107c77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 755
perma-cache: MISS
x-amz-request-id: 4T24HKAB4J3H8W6T
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
x-amz-id-2: Q8vULeiGR/nXceJHIeJZ7TxVzKR8SmEkFjAWvs/rUzK08OvzdzMZSLOrBLXUHcp+fZarU9SXoT4=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"2517c8e8213d4a8759e7d7b866867352"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d4f01916c9a1e7d1f3944c6bb1fc546a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.d1b2acf1.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 51ms
49ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.d1b2acf1.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 0b22415e4dbc33efb82827aec6c16cc04b481b84ba903d19c76543dc671f939b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1048
perma-cache: MISS
x-amz-request-id: 98BN93M8D9VEJ29W
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:01
cdn-pullzone: 293267
x-amz-id-2: A9tZJFMCNWX4zk4TuCzbeE19Q6khCqIClz5aNRnFeMSqG0gjCRf+vuocyqDrDHzbUf2SwhG+jXc=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"183aedb9bb64ea4d894025deace3168c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6f364b9f5204fe15a977b81a1ce42306
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.4e528b17.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 52ms
51ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.4e528b17.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: f678e256584e843feb8b927123eac8bbd5d98c4906eb713edcd04105ff063259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1049
perma-cache: MISS
x-amz-request-id: 98BYR0SJEK16ZHJB
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:01
cdn-pullzone: 293267
x-amz-id-2: IXBz6qWlicY0rhIJSuNEBZSz8zUj0ax2ribMElchZzt3lrDii/xkIt4Bc3ryL7X4q6nDOtamsSs=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"773a9cfbc3e258b146a0a348936cd786"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c6e43046e78dc7910ab48b857c37d3de
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.eec3051a.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 53ms
51ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.eec3051a.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 26d9b6c44230968d81776300834750358ab5bdf35e7239385af3d503a4b584ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1048
perma-cache: MISS
x-amz-request-id: 98BKYWFFR64ZFC8X
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:01
cdn-pullzone: 293267
x-amz-id-2: 5Z/+C7PT3+vGv7QvoYXjQJ/GWoTJAwzIBfPngqe60328Ie9rieSWz2WeazIpAFFnTcWF1X4eZfWVh5KRNelPx+i9poZYYMXG0RsKbUYCu8E=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"b60d934ae42f22be0680f84a9b07cfe7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: dd916369bcb265f68af75993d3d15fd4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 29.3ede5745.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 53ms
52ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/29.3ede5745.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 9b9030ba856ef3a2628973bbd256c5d8d42f92f8685c87998a3d8d4e3e35f4bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 865
perma-cache: MISS
x-amz-request-id: 4T2DZ670FHKSXTSY
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
x-amz-id-2: dy54c3qpupJXEQZ35V9ZMFClr2kgOPN63xl7DYQu/z3YfYR936hj8C8bI7kyq8u1AVJLuj3qebs=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"a9747af89ccab0b32a7ba19df53bca26"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 309e9fde81c1b19c75a4ee563feb70c9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.36eab21e.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 76ms
75ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.36eab21e.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: daa80cefbd2fdeeb84087c2dc6addc813e460e2f1529ec56f52ee56f152e3ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1053
perma-cache: MISS
x-amz-request-id: 4T2332BDEPR7BGR7
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:03
cdn-pullzone: 293267
x-amz-id-2: V3kZpDWysspKa3ft9MRZ42fN/Los11i8h3s9J9htra8FXGm76IqwNvQFtu53uT2tnpwGNRcqF2k=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"1e0b694cd634a3252accc10a680c392c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 533b881cb5e867bca40c7d91895297c5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.ee4b7ea4.min.js Show response
a.omappapi.com/app/js/ 855 B
1 KB 67ms
66ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.ee4b7ea4.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 31d7ec8dcd3d069ea9f87486f661754c6b51a44e1cb994a8b19352a02572cf41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: MISS
x-amz-request-id: 4T2EGVM3887HTR3K
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
x-amz-id-2: wQ3VoSM4AfLc0NjUL6ln87WRhzUsoE3HwGtEP5xJF/aJqm2wLMCWKkDrPyZs7xlitvH/AHRDSVg=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"f6ad08fb171ecca22726883b96fc80fe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 37379791e0dd70c863cb09ae2e24bf6d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.f5bdb602.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 70ms
68ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.f5bdb602.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 50d992dc35a3974d78fa1ade515401c4abfb683e9b61fb255e9ae9633517a41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: MISS
x-amz-request-id: 4T2BEH41Q8YRTZS9
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
x-amz-id-2: eYil3bsyt7oJXC465m5TlcOFAkqyShGAyAk/8oURch5qSwZYUB3Ez58o/yekRjzK1maa4+hBE6o=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"9c7cee131ddd0fc998a2942242aa5062"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 598d0d6808a45bd69a54bc49ba3b8bdf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.3cb73615.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 70ms
69ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/22.3cb73615.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 157acb48f0d2c4dc8d0b950af08fcf796e986d66d462f8face3d2244fb5eda18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 723
perma-cache: MISS
x-amz-request-id: VBYA3T2MKQV6S8CB
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:03
cdn-pullzone: 293267
x-amz-id-2: AbpPq4gT7Cyw8KcMVFNFat3z90HQshKADNF7cvJbuE/5pbO9tqUMUaqx8CzFWHleJOymJdeGzeYze4Xft5StDtVIWEC9A/lN38Khqr7WEII=
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"ec242bd47ce503cf2c0d744e5b05cad0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0e664b7123478ea0c161220013288ec7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.30441cf4.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 71ms
70ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/21.30441cf4.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 1b7c72c344628a34a182360ce440015c963b40f8f06b85095800f5791217c629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
cdn-edgestorageid: 1076
perma-cache: MISS
x-amz-request-id: 98BZSYPC95QNJMFN
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 22:14:01
cdn-pullzone: 293267
x-amz-id-2: PYEa8E8yXa4SPe/9WQmSLd6WW1QxgvGyAzN0OimgzqtTxN7DgG7ZICo3LEk5YgjUiZ7u/P3+jS4L2iStIJdAdg==
last-modified: Tue, 25 Apr 2023 21:29:13 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"f1ff7355267b87b29017f3953f2af83e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1bb40712d1bf95d9dac813be2382800f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 126ms
40ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343377981100718&ev=PageView&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&rl=&if=false&ts=1683038653660&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1683038653660.1390294622&it=1683038652757&coo=false&rqm=GET

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 May 2023 14:44:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 198ms
89ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=44790927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51152d574f4a0305fafd5f754418f04c6f003399d8d1bb773eb5445aff45a264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11166
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 May 2023 14:44:14 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77B4 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wesa.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 13:37:32 GMT
expires: Wed, 01 May 2024 13:37:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7C44 783 B
950 B 57ms
57ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e8d20769f955c113664808db6da67f80bb9adf897484006f6d83df594a674c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UfKup17iPcqifCieTeKpZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wesa.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-UfKup17iPcqifCieTeKpZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 14:44:14 GMT
expires: Tue, 02 May 2023 14:44:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 D_Z8l7FXua56lMjcnRNtasCxfKkn9I_Va0VbSjt1CoE.js Show response
pagead2.googlesyndication.com/bg/ Frame 77B4 36 KB
14 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D_Z8l7FXua56lMjcnRNtasCxfKkn9I_Va0VbSjt1CoE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ff67c97b157b9ae7a94c8dc9d136d6ac0b17ca927f48fd56b455b4a3b750a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 13:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 13:37:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7C44 0
0 207ms
140ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250201&jk=944833960118753&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 24AE 0
70 B 40ms
40ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.wesa.fm
Referer: https://www.wesa.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.wesa.fm
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 14:44:14 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 77B4 0
10 B 44ms
43ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lvqNjw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 14:44:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 79AD 42 B
174 B 145ms
144ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1Im8qHU-CkZKAn5ExRdk_5UJEIzXe8NEcnXXRozvhutumAE9nunuAKagBRP108Za8gsohrR-FGO4N49V-HpdVJXW7DnMyNANpzbiO8UqLqk5Z1K5k&sig=Cg0ArKJSzImOZBzym-QtEAE&id=lidar2&mcvt=1000&p=401,1100,651,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230501&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=638188953&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683038652896&rpt=585&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 14:44:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9969 42 B
108 B 143ms
143ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7JLihVud5NYIZ3F2fQHB-lXKsC2XfGKjsTe4djVVEmilDo08WDvEER0qqSG4-fLHVhgGTnwEzPT_3vdA-85Z_mc255u-IBtepuksTihYmibAyZtXK&sig=Cg0ArKJSzHg2ZRQqp2v6EAE&id=lidar2&mcvt=1004&p=251,436,341,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230501&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2736006922&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683038652882&rpt=604&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 14:44:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 322ms
321ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250201&jk=944833960118753&bg=!paalpvLNAAb9Sbh13Uk7ADkAdvg8Wj93VtVYTYWhlzrTkoZohaHfI2tVy3b-T2odlClkP4hyTH8zcXXUVQ-Pi_8OGN3zcpPf3_cCAAAARFIAAAAEaAEHCgAv2XqAzuTrOg01GR9I5aCf20vSeiampw5x4RjaM_tqrqeaZVMkaHsQgUtVn0M4HMOZAqsMihtllCbUpK5GibkCFA2ttLv25DuqMOXOKpUZcEeGtE8uhZxQ-ZZjgbjcZp8IZWFsugeDIShjhY42BaYfl7A2GmEFrVeLrX_nFYrKslORIUT0D3fYAKMDe3H9rnmPqTxcF8CB91nKvJrPbrRErEEwebNYLg6Jj-wJ5eDdN0e9JhwGqZDeWLAqMh-Upr_EqlWOOqgzRD6KNs61KrAT1lX4ZlwAWzLey1YeiV_0Howwx3uYM4ByvVeSEEJgC4mwmDQdyYDpWLT5X_V1vRN56jF3sR6vyM_cDDv2VlP4AxTeAJHeSWL5jyAsphSgmTh1tJwoFvNMBLRSY_hT8qdZvuonjLpZClY8GxPIAyeJAMJI8t_D9p7I4JkWwmGTxWiJY1cUekXoWd6LJ8mxnsHPODicu1SDYlP770ljd2i7ZBIySgpQdBVeTU_8mvbIST0kQHozJeyTR-HtE_lYPd813FoCVlzwr3rUWVC3Rbvax2RTadFG5CriZCs4k77DiSunAyhZUI9APggpaDSNYgtRbnExvEkKaCe5selhODemtql_u9CJeT0kKQq9MmUG7xdr7HEqjieWStTWCJCaLDdQ2wec5GTqLKGXufoU43fxvkZ9X0gRC5GDhAI1mMj91tTGKGlCTUxw3HLo9onNj-WydsdMMDST0HK07_QK-qMQh810PMbO6OtlOCZET0uEnSlo1hEFAxZ6-a55iWVSlX-bVQLEenXHCf2H8EzDwbmYwyXzCgDM_DI3xaKX_ixO2oYdf0aQtqrCX0n0Q0zN58e3nJcAsl56hQbat8wDSN1eNzFytQ09bxaOxonixERGmh-tXopS_BaYusiviY1t2eHDoRqyHTYKetLosNroW5tUSp9lE0C77D62V1R2iNwxry6kFJx9qOgoAldsjbmS3Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.wesa.fm/	1969-12-31 23:59:59	Name: BSP_PLAYER_PREROLLUID Value: {"version":"1.0.1","uuid":"6drbd69k","timestamp":1683038652234}
.wesa.fm/	1970-01-20 21:06:38	Name: _ga_XGZ99F1SED Value: GS1.1.1683038652.1.0.1683038652.0.0.0
.wesa.fm/	1970-01-20 21:06:38	Name: _ga_KF0HV4V4FK Value: GS1.1.1683038652.1.0.1683038652.0.0.0
.wesa.fm/	1970-01-20 21:06:38	Name: _ga Value: GA1.2.343777494.1683038653
.wesa.fm/	1970-01-20 11:32:05	Name: _gid Value: GA1.2.1661732859.1683038653
.wesa.fm/	1970-01-20 11:30:38	Name: _dc_gtm_UA-25070716-1 Value: 1
.wesa.fm/	1970-01-20 11:30:38	Name: _dc_gtm_UA-9999999-98 Value: 1
.wesa.fm/	1970-01-20 11:30:38	Name: _dc_gtm_UA-18188937-11 Value: 1
.wesa.fm/	1970-01-20 13:40:14	Name: _gcl_au Value: 1.1.319877943.1683038653
.wesa.fm/	1970-01-20 20:59:26	Name: _cb Value: CE6UsIBDOQgfQZzZm
.wesa.fm/	1970-01-20 20:59:26	Name: _chartbeat2 Value: .1683038652642.1683038652642.1.dKYE-COxGDfDJUjHfBu_-iif6ydy.1
.wesa.fm/	1970-01-20 11:30:40	Name: _cb_svref Value: null
www.wesa.fm/	1970-01-20 21:06:38	Name: _omappvp Value: gqFF1q0QhSvmJqMgN5ItZVObA5aUk03XTCix1pGxwspJ8c0MVxvdxscvvJUKeGHjpInHU18naHXC7hYtnNTTNRMpYNme9HVG
www.wesa.fm/	1970-01-20 11:30:39	Name: _omappvs Value: 1683038652847
.wesa.fm/	1970-01-20 20:52:14	Name: __gads Value: ID=95a2a8347ba63695:T=1683038652:S=ALNI_MYVCw4qa1zMYrZ5oRBnsSqvoZZyUA
.wesa.fm/	1970-01-20 20:52:14	Name: __gpi Value: UID=00000bf4e1e6f25a:T=1683038652:RT=1683038652:S=ALNI_MbHOU_TDyr2fnM8NLXWiw6p_gz2Bw
.doubleclick.net/	1970-01-20 20:52:14	Name: IDE Value: AHWqTUnkgB4IG5vclFGEXl06QT3sSZ9IRIXtUin2ZAwxcJzDxeRnmWC2YIJUyss4YQQ
.wesa.fm/	1970-01-20 13:40:14	Name: _fbp Value: fb.1.1683038653660.1390294622

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.b0c9cfa194e2c73976e55dfcff6a1851.gz.js(Line 58) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript	warning	URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off Message: The resource https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59dc7390292a783406d611f657ed59ea.safeframe.googlesyndication.com
a.omappapi.com
adservice.google.com
adservice.google.de
api.composer.nprstations.org
api.omappapi.com
app.salesloft.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
npr.brightspotcdn.com
pagead2.googlesyndication.com
ping.chartbeat.net
region1.google-analytics.com
rumcdn.geoedge.be
sales.asapp.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.wesa.fm
108.156.60.96
172.217.18.98
18.64.103.120
18.66.112.67
2001:4860:4802:32::36
2400:52e0:1e00::1082:1
2600:9000:2127:2800:18:1fcd:351:7bc1
2600:9000:2127:3000:4:b37b:9440:93a1
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.203.65.114
52.29.67.120
54.205.106.1
54.221.50.8
02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6
0898143e806ca37ecc076f3238f59a570bd15f7634af330d3b5cb59523f3b2db
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0b22415e4dbc33efb82827aec6c16cc04b481b84ba903d19c76543dc671f939b
0c3a7371b7228b5057ddf12a2b2d8552114e737bcab441d58d7a94e680a09c77
0cf67a42bb48fba065918fca80854ed3117be8fe739d0b19492331f529e868d8
0e8d20769f955c113664808db6da67f80bb9adf897484006f6d83df594a674c5
0ff67c97b157b9ae7a94c8dc9d136d6ac0b17ca927f48fd56b455b4a3b750a81
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
14b978c807a1075a294295bbfd033e8b0122498f3bf87539afb302fd5d698aaa
157acb48f0d2c4dc8d0b950af08fcf796e986d66d462f8face3d2244fb5eda18
1b7c72c344628a34a182360ce440015c963b40f8f06b85095800f5791217c629
26d9b6c44230968d81776300834750358ab5bdf35e7239385af3d503a4b584ca
28f9362a3d350b604eeb257588899eaca36904688ce31bc0012678c117fe68a8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d7ec8dcd3d069ea9f87486f661754c6b51a44e1cb994a8b19352a02572cf41
336393bf159b310e02225b1ed60db2d1ff58ef9cf06ed39219af887b441c0d32
3664ae33c7ad3585435cb97bceb0e161a491040182f6f6e7e267308552241dd0
38298617ccd6ef095daf4bb1d78d368826ed5a28e15d2a205fddc03fb8230861
389c998807e57385f82ca5ab541f5e364a6eaed10ff47ad172fe0ec3d901efa7
39bd19e657c8254765f6cdf2bbb97134ed5d05f3d06e9ca0fca21867963dba03
3abec75692735d0664a10337b1403620f8edf2b4cb4b9fc5216dea2e623b1f34
411a932e1dabaaa20258fa6a47ebc6d88770f34e177a13aa518f9a3be3d5be44
42575c8a290570887732909eb3517bb81b937b747d22d1225071418201c9dea3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ec9c15035109487dcf563322b20d47db38bf26634b1691c5e7d2fc04dac054c
50d992dc35a3974d78fa1ade515401c4abfb683e9b61fb255e9ae9633517a41a
51152d574f4a0305fafd5f754418f04c6f003399d8d1bb773eb5445aff45a264
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee721ee3d3dbc852ac307e77605441a3351ed170b96014f6ac4b5b909cd60c
576845b180f730697436f002c73c5caf6f8767a95da650bfd3ff760c54206427
5e5e69fbb7610ba9a61c4dacc4c025ab17f4c0541c648f8c83c5e47b6bb0cd91
60e81346814df0c5ef3121ada4f158b8f0a07ec791ada0572971aa67766dacc7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c912d1a7022b5b05685b7c32e8fdedb7ef62686ad99b38bfb5910eec7b726ca
71347fb3ea7e3f722eb29972cfe86ca18ca8326a490f4a789334b4dbbc4fbc3c
71c66ba43a53fecd35f5fd9b9757c069d29c56c60f2628d78de9c172f817ea61
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7ed17775731ec99f940c02d17c8944d31c3e2f6d2884369af025e47285468720
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86bc046608c42adef19dc2c1794b75805f6a63f12b5b586e1d57dfb76fe02e69
880bbd9c06b97b57f898332f63fae1952bd4ed630b73a404acc6dd49400010ca
8864ed59810e3eced3290075250f9a51259e7c5b3fe47426da48b63529429748
8b5c1ccd723beecec8e1022f57d2decdfc3733b002223fb2320affe12d1fc43b
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
8d3c306f5ca64343668f3453010b70575404ff9841f3b750d4a49be845150aa3
8df63939e87e03d5f16d0890511315ab0aa86bf66e64dfffb9d637b1d4c85741
8f509e2ab98230f1d8db756b0cb69ac66d1ca0c04178d6cf6599537164a4ce9d
9042f806140fb25319c61c61abe8cc7ebb3ef3da2ce543bdd89403159017e0b2
9521e9248df7d8a4bbe9c8052f273014560517a37e1aab0da71b61467d43922c
9782b54fd271b7132d41aed92168312f7bdb6788b335b33a6a4bc6168a7629d1
9b9030ba856ef3a2628973bbd256c5d8d42f92f8685c87998a3d8d4e3e35f4bf
9de129dc339ad6d1ef70979fbb767a093b58f7074295ce5023220880aebdfeea
9f0b2277a37d948697c91f9d33aaffc11d1f7baed1c1926384ff175adc2e1530
a1812aee105946804c1f904efd8830f09a7c16d0fd5a227e1f6ab2f64f1c5289
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b15b3c9a160b5adfb389f2ad81a6fe56f5b9950598efbda03dbd34c09c1236b8
b240f6825e701e2e5dd89198a9153002cb17bd3c6ca617acab792a681bb0a8f4
b8734da7533c8b09e0927c5fdcb72f2df574eb554d6cd941a8eb5d91f3a63ec0
bc128812f4255d4a15488d187cf8e1f7a5107fec92b406fae0c08be29eb1e341
bd01ce47447659cc1c869815af18cfddd522d25da07ae8f107adbf56df18ef22
bff841b941387a0d5e10a6c4921d6e0bd149a7e21f0ae8cb654c1fb5deba8b5b
c10e39695ca2f1e254b1ac885db9a8ae968d3ef2580ec6a514abe241f2f61d69
c19035a8fd390ff0aaceba2c9cc470674ff129a3d92e7c9e19bf0e5e6b957d76
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cef6897f68627573e9aff6e4d7933b02dbe93a903b4d104605027f5084066709
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08aa5fe6131891425c044dd702f43f2ecf647100e35173a102fe03fe49b0270
d45fba801a95857977c779c662c7041cc99d9abb8a5f96ddc866b4c66c674f04
daa80cefbd2fdeeb84087c2dc6addc813e460e2f1529ec56f52ee56f152e3ed9
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
e14e8b8a688aec81ddcded0bec6cd12b26686af4582b407c6854f4f0e3733c9f
e18af82900584bddfef0eb9847a0c441987281cb9d967c685addc4a0dc5a8026
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e90a775d9e08bb9a5c903a829c8e895d20fa38bba4156dd50c8dcd6a588b378c
e98838f5615ef1b770afa611ee8e16049049748d057d5610899de9cd93f85e1e
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6d64d5a48a5bb376669ef86426e511b9d6d13b461d48b9b850c29fa107c77f
f253fa17446bb4f97d687e514e47ad8d90f53ec2db5a27078c2e48a19153d3ff
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f678e256584e843feb8b927123eac8bbd5d98c4906eb713edcd04105ff063259
f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2
fee96f54bac4a3dd9075904bcbb46b79f5f470f0946b6cacddfe0fd8329a1a70
ffb95ffc2408091d57960c9e8b225dbd92667b05211db0897d14e5d9a88475c4

www.wesa.fm Open in urlscan Pro 18.64.103.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

99 %HTTPS

71 %IPv6

21 Domains

29 Subdomains

27 IPs

3 Countries

4412 kBTransfer

9767 kBSize

18 Cookies

23 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wesa.fm Open in urlscan Pro
18.64.103.120 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

99 %
HTTPS

71 %
IPv6

21
Domains

29
Subdomains

27
IPs

3
Countries

4412 kB
Transfer

9767 kB
Size

18
Cookies

107 HTTP transactions
9 data transactions