www.wesa.fm Open in urlscan Pro
52.222.236.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sales.asapp.com/t/106739/c/9aa9006e-4635-437d-9971-8bbd1b9a0034/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQ...
Effective URL:
https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Submission: On April 13 via api (April 13th 2023, 2:59:06 pm UTC) from US — Scanned from DE

Summary HTTP 105 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 21 domains to perform 105 HTTP transactions. The main IP is 52.222.236.10, located in United States and belongs to AMAZON-02, US. The main domain is www.wesa.fm. The Cisco Umbrella rank of the primary domain is 911322.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 20th 2023. Valid for: a year.

This is the only time www.wesa.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.202.7.244 67.202.7.244	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.153.1.88 18.153.1.88	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.10 52.222.236.10	16509 (AMAZON-02) (AMAZON-02)
19	143.204.89.36 143.204.89.36	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:249... 2600:9000:2491:1e00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	54.205.106.1 54.205.106.1	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:6200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	52.45.214.17 52.45.214.17	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
18	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	18.66.112.59 18.66.112.59	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f128:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
105	26

1 67.202.7.244 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-7-244.compute-1.amazonaws.com

sales.asapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.153.1.88 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-1-88.eu-central-1.compute.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-10.fra56.r.cloudfront.net

www.wesa.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 143.204.89.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-36.fra50.r.cloudfront.net

npr.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:1e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.106.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-106-1.compute-1.amazonaws.com

api.composer.nprstations.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.214.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-214-17.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2400:52e0:1e00::1080:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f128:83:face:b00c:0:25de (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

65a5f3a30d5b46dbd2ff3eb07a5676ed.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com 65a5f3a30d5b46dbd2ff3eb07a5676ed.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145 pagead2.googlesyndication.com — Cisco Umbrella Rank: 111	358 KB
19	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5098 api.omappapi.com — Cisco Umbrella Rank: 5253	83 KB
19	brightspotcdn.com npr.brightspotcdn.com — Cisco Umbrella Rank: 50501	974 KB
13	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	149 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	21 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	423 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	256 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	172 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7832 www.google.de — Cisco Umbrella Rank: 5216	986 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	232 B
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1637	227 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	2 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1231	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1542	15 KB
1	nprstations.org api.composer.nprstations.org — Cisco Umbrella Rank: 46847	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	wesa.fm www.wesa.fm — Cisco Umbrella Rank: 911322	33 KB
1	salesloft.com 1 redirects app.salesloft.com — Cisco Umbrella Rank: 40477	644 B
1	asapp.com 1 redirects sales.asapp.com	358 B
105	21

	Domain	Requested by
19	npr.brightspotcdn.com	www.wesa.fm npr.brightspotcdn.com
18	a.omappapi.com	rumcdn.geoedge.be
12	tpc.googlesyndication.com	rumcdn.geoedge.be
9	securepubads.g.doubleclick.net	rumcdn.geoedge.be www.googletagservices.com securepubads.g.doubleclick.net www.wesa.fm
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.wesa.fm
4	fonts.gstatic.com	fonts.googleapis.com
4	connect.facebook.net	www.wesa.fm connect.facebook.net
4	www.googletagmanager.com	www.wesa.fm www.googletagmanager.com
4	www.googletagservices.com	www.wesa.fm rumcdn.geoedge.be
3	stats.g.doubleclick.net	www.google-analytics.com
2	www.google.com	1 redirects rumcdn.geoedge.be
2	www.facebook.com	www.wesa.fm
2	region1.google-analytics.com	www.googletagmanager.com
2	rumcdn.geoedge.be	www.wesa.fm rumcdn.geoedge.be
1	65a5f3a30d5b46dbd2ff3eb07a5676ed.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.wesa.fm
1	googleads.g.doubleclick.net	1 redirects
1	adservice.google.com	rumcdn.geoedge.be
1	adservice.google.de	rumcdn.geoedge.be
1	api.omappapi.com	a.omappapi.com
1	www.googleadservices.com	rumcdn.geoedge.be
1	ping.chartbeat.net	www.wesa.fm
1	static.chartbeat.com	www.wesa.fm
1	api.composer.nprstations.org	npr.brightspotcdn.com
1	fonts.googleapis.com	www.wesa.fm
1	www.wesa.fm
1	app.salesloft.com	1 redirects
1	sales.asapp.com	1 redirects
105	29

This site contains links to these domains. Also see Links.

Domain
www.alleghenyfront.org
pittsburghcommunitybroadcasting.org
wyep.secureallegiance.com
wesa.careasy.org
goo.gl
www.facebook.com
twitter.com
www.linkedin.com
publicfiles.fcc.gov
www.instagram.com
www.tiktok.com

Subject Issuer	Validity	Valid
*.prod.npr.psdops.com Amazon RSA 2048 M01	`2023-02-20` - `2024-03-20`	a year	crt.sh
npr.brightspotcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-20` - `2023-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.composer.nprstations.org Amazon RSA 2048 M01	`2023-02-22` - `2023-07-27`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
a.omappapi.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Frame ID: D976DF500E8DB5E93AF080964B0E6C9E
Requests: 84 HTTP requests in this frame

Frame: https://65a5f3a30d5b46dbd2ff3eb07a5676ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 96D80DF0D0C2665D460853C56B8021A2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu87oLAXVCNv1YkiUNGhKrGPaARb4LkZ-XHoSI6ePbsNHADt0UvYZgnP9oyRA_XDxwP4kt5sI6LZlPxCGwvUTCc8386ezdBm5767L1gPMEKl2-OLnS-8GJKFyXpYrOPGnMPD6cTPRIvd0oP5l4gNQTsm59d68Hzm03meLJ_0MflWLn5hihJgvGuEwdCka7AMxlEhcB_IC57DY-4B18FajI-gttIBhiuENVt78cFUyNDpT3g53Ud_hqRBY5LUesbHCVLH82rJoldcFBC-Yebg_-MrPimdG1eo-a2AEHCQPM4TvHyXWJoZjN88TiF&sai=AMfl-YQ2syy02Gvzc_ATL6XBKipicHEOWe4iUmhR6x8L9m1dpXPtaNIFGrRPyTIXe2gtqmMqZ0JYij_T5Awc5x6nYdpoT5gMXj-ypNg5QQjJRJQC9rmY0qD15MB3IJelR5ju8M7ju6dCxLfSJowmNWdK&sig=Cg0ArKJSzI0bzZY0kJjDEAE&uach_m=[UACH]&adurl=
Frame ID: 6972CFC082FEB0815B4633FC423A2EE5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9tu4CYbsLszJQbOhh_VT2ix4xaKLiKlKF7Uph48z_Vtm21LvljVPbHJbXl2ZiaheCgB0PWjVgToFJHSHmzgKqgkhgIPX6tcSE5TynrRSoqrBpekEGwcAiyHBx8ZwwVX8uM_uCulutfwsZknwwYNH0GpXFh7Y9qg8gvbduWRggtYpuU4XO6yHhZJCUqgVzhElP2tAMxdh3FIvd13KTxm-VS9zjyLfsbLk_tSel58fM0ni1J4TDW2fosd-wPrRw8zxtL1We5a-juTE9-TisKyO6FjS3tWaTc9Y3-tQudgxAdMRmpvWacAMtk2YVBA&sai=AMfl-YRWPgeoiO8OriwO7RX9EkyKYqpUyyrS5Wg2-6TVXAfpamN705qAnIq4RoyqZ5t-DwRSHRZrqBfVuMbfM1Y11fArcP3OLitz1yW0C8MIaf1Lc2kAI-BjB08WftdjCXEReVHB1Jc7ucinPYhfCcKK&sig=Cg0ArKJSzBPv5bADFm8LEAE&uach_m=[UACH]&adurl=
Frame ID: 7FE94FF059D09EE8B0CAC4F251B9945E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuhejT6Xvi2YqdDtQDgciv3duvrNexZTxIaSA_x1s76C3QlqTCCpbmOeiXvZjbCIrPEnJIUP7uFTwYGG5ECnd68NUFeXy5z-Vablqu9-nu109wZZN5DG47Pp_wEq7wqPsuLq2C94rvfwN9z-eq5D4Z_qfuKlOFcyayzyV5mH0f03tf9T9-feGx-OKEn8XKDLy5kG5qZfPkRvvRyClOfUVyQrfkyYfcrEQLlVOf27UXdc7M2DQQOWmudpKj3qq_TSmeXUr8jCkuzPFKo37d0wB5CijquuGmwjm2sIbATCAyIWH5nmF7nLilDAmyJw&sai=AMfl-YTB_FP1-YxBam8bM7ZaWrLX7eR_RUczYEqf7XI7RjNo_q8dWK6av7l6TmIHAZcVeyz5JwzI-aG0UfZSon4amyXTzyvQHqT4-yTE1Ti4Ukqi6uZ_7JpKbPK2ncQ_VUohVPm3bpj_GNASFRE2kiXs&sig=Cg0ArKJSzJMhZUcN8NFUEAE&uach_m=[UACH]&adurl=
Frame ID: 6138D3AB75D1FD28DFDC5F0B15F3200A
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 42696DA9C8AED0F190F00BFE256B51D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C9A92F8F7605FC38323D6DF0C17F534
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CA0A8FA0AE03C6D7A058BA049A5669E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medicaid renewals: Those who don't reenroll could get kicked off | 90.5 WESA

Page URL History Show full URLs

https://sales.asapp.com/t/106739/c/9aa9006e-4635-437d-9971-8bbd1b9a0034/NB2HI4DTHIXS653XO4XHOZLTMEXG... HTTP 302
https://app.salesloft.com/t/106739/c/9aa9006e-4635-437d-9971-8bbd1b9a0034/NB2HI4DTHIXS653XO4XHOZLTMEXG... HTTP 302
https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

105
Requests

99 %
HTTPS

71 %
IPv6

21
Domains

29
Subdomains

26
IPs

5
Countries

2779 kB
Transfer

7845 kB
Size

18
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alleghenyfront.org/
Title: Allegheny Front

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/dei-overview
Title: DEI Efforts

Search URL Search Domain Scan URL

URL: https://wyep.secureallegiance.com/wyep/WebModule/Donate.aspx?P=WESA&PAGETYPE=PLG&CHECK=KzZvmrKfA2CqK20krF35cqUOstgWaB20
Title: Become a Member

Search URL Search Domain Scan URL

URL: https://wesa.careasy.org/home
Title: Donate My Vehicle

Search URL Search Domain Scan URL

URL: https://wesa.careasy.org/real-estate-donation
Title: Donate My Real Estate

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/mediapartnership
Title: Media Partnership

Search URL Search Domain Scan URL

URL: https://goo.gl/3O4YS3
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=935012573999863&display=popup&href=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&text=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&mini=true&title=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off&summary=A%20federal%20rule%20that%20protected%20coverage%20for%20Medicaid%20recipients%20during%20the%20pandemic%20will%20expire%20on%20March%2031.%20When%20it%20does%2C%20tens%20of%20millions%20of%20people%20will%20need%20to%20re-enroll%20or%20lose%20benefits.&source=WESA
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://wyep.secureallegiance.com/wyep/WebModule/Donate.aspx?P=WESAPAGE&PAGETYPE=PLG&CHECK=UGXJg5DzfYabWAg%2beYyTHm3L5BYddGq6PVAl6UEf65g%3d

Search URL Search Domain Scan URL

URL: https://wyep.secureallegiance.com/wyep/WebModule/Donate.aspx?P=WESAINART&PAGETYPE=PLG&CHECK=XfOg267bEtmQUeABc7NhCq1gzMC6uhq5nDjkJobrCdg%3d
Title: Dear Reader:

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/
Title: Pittsburgh Community Broadcasting

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/board-of-directors
Title: Board of Directors

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/jobs
Title: Careers

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/reports-resources
Title: Reports & Resources

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/wesa
Title: Public Files

Search URL Search Domain Scan URL

URL: https://pittsburghcommunitybroadcasting.org/covidcare
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.facebook.com/905wesa/

Search URL Search Domain Scan URL

URL: https://twitter.com/905wesa

Search URL Search Domain Scan URL

URL: https://www.instagram.com/905wesa/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@wesanews

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sales.asapp.com/t/106739/c/9aa9006e-4635-437d-9971-8bbd1b9a0034/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQF5WWKZDJMNQWSZBNOJSW4ZLXMFWHGLLUNBXXGZJNO5UG6LLEN5XHILLSMVSW44TPNRWC2Y3POVWGILLHMV2C223JMNVWKZBNN5TGM===/www-wesa-fm-2023-03-30-medicaid-renewals-those-who-dont-reenroll-could-get- HTTP 302
https://app.salesloft.com/t/106739/c/9aa9006e-4635-437d-9971-8bbd1b9a0034/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQF5WWKZDJMNQWSZBNOJSW4ZLXMFWHGLLUNBXXGZJNO5UG6LLEN5XHILLSMVSW44TPNRWC2Y3POVWGILLHMV2C223JMNVWKZBNN5TGM===/www-wesa-fm-2023-03-30-medicaid-renewals-those-who-dont-reenroll-could-get- HTTP 302
https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853565918/?random=1559783915&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=1430938067.1681397941&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=tRg4ZNxmmJnsA7qygtAB&sscte=1&crd=&eitems=ChEI8NDeoQYQ0MWs7tmMjYGyARIdABZU-Wm4Tj92O8pYzRfZSwdvUqkz6uNNz9isjdA&pscrd=Ek5DaEFJOE5EZW9RWVFuZks5bU5pcmk3VWlFaVlBNklsY010b2tFYTVLVENpaUZiU3BNZHh2U2dybkJDeWVxWFgxUDZwS3ZpeVRJSDNrc0EaWkNoRUk4TkRlb1FZUV84ekNfcVdrM2EyVEFSSXVBTF82VkVHQnFfdTVrSF9vQUM1UTNlcmdNcEk5RjF1SERoaU9FaFZTZUZpNkw5S2RpTFk1aER1S1A0QWxNZw HTTP 302
https://www.google.com/pagead/1p-conversion/853565918/?random=1559783915&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=1430938067.1681397941&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5EZW9RWVFuZks5bU5pcmk3VWlFaVlBNklsY010b2tFYTVLVENpaUZiU3BNZHh2U2dybkJDeWVxWFgxUDZwS3ZpeVRJSDNrc0EaWkNoRUk4TkRlb1FZUV84ekNfcVdrM2EyVEFSSXVBTF82VkVHQnFfdTVrSF9vQUM1UTNlcmdNcEk5RjF1SERoaU9FaFZTZUZpNkw5S2RpTFk1aER1S1A0QWxNZw&is_vtc=1&ocp_id=tRg4ZNxmmJnsA7qygtAB&eitems=ChEI8NDeoQYQ0MWs7tmMjYGyARIdABZU-WlNc1pI6lgcXINdpfRl-spcIjEbG2yJaB0&random=2903329265 HTTP 302
https://www.google.de/pagead/1p-conversion/853565918/?random=1559783915&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=1430938067.1681397941&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5EZW9RWVFuZks5bU5pcmk3VWlFaVlBNklsY010b2tFYTVLVENpaUZiU3BNZHh2U2dybkJDeWVxWFgxUDZwS3ZpeVRJSDNrc0EaWkNoRUk4TkRlb1FZUV84ekNfcVdrM2EyVEFSSXVBTF82VkVHQnFfdTVrSF9vQUM1UTNlcmdNcEk5RjF1SERoaU9FaFZTZUZpNkw5S2RpTFk1aER1S1A0QWxNZw&is_vtc=1&ocp_id=tRg4ZNxmmJnsA7qygtAB&eitems=ChEI8NDeoQYQ0MWs7tmMjYGyARIdABZU-WlNc1pI6lgcXINdpfRl-spcIjEbG2yJaB0&random=2903329265&ipr=y&prhg=0

105 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off Show response
www.wesa.fm/2023-03-30/
Redirect Chain

https://sales.asapp.com/t/106739/c/9aa9006e-4635-437d-9971-8bbd1b9a0034/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQF5WWKZDJMNQWSZBNOJSW4ZLXMFWHGLLUNBXXGZJNO5UG6LLEN5XHILLSMVSW44TPNRWC2Y3POVWGI...
https://app.salesloft.com/t/106739/c/9aa9006e-4635-437d-9971-8bbd1b9a0034/NB2HI4DTHIXS653XO4XHOZLTMEXGM3JPGIYDEMZNGAZS2MZQF5WWKZDJMNQWSZBNOJSW4ZLXMFWHGLLUNBXXGZJNO5UG6LLEN5XHILLSMVSW44TPNRWC2Y3POVW...
https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

180 KB
33 KB

1166ms
604ms

Document
text/html

52.222.236.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-10.fra56.r.cloudfront.net
Software: N/A / Brightspot
Resource Hash: 57028c54d6e42b50699e18ef8497b545be66eb9bf08a9ff56ab98b5330c660da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-length: 33711
content-type: text/html;charset=UTF-8
date: Thu, 13 Apr 2023 14:58:59 GMT
server: N/A
vary: Accept-Encoding
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-id: KfGDFBbPGtGNha0Z3bmyaxnUBIVSuY80VK90MszUo2QiDoqE19oB3g==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Brightspot

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Thu, 13 Apr 2023 14:58:59 GMT
Location: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Strict-Transport-Security: max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: df35a1d971828eb6acf75a8234e95009
X-Runtime: 0.065003
X-XSS-Protection: 1; mode=block

GET
H2 200 All.min.47ce7b101ec8b467fda1791258694121.gz.css
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/ 440 KB
63 KB 114ms
9ms Stylesheet
text/css 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad7fc959b2593ae9ffbfd1d358cd1208f72cbb3344ba5cc931df570632be6cc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 12:53:51 GMT
content-encoding: gzip
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 12:53:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2599510
etag: "e58a184a06635117ba5d526842fc8008"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 64305
x-amz-cf-id: ECYxJ06fKo4TOumIXcoUSB3w7_BXHcVdQ8pjOoPacZhGi-b3xXivGQ==

GET
H2 200 All.min.b0c9cfa194e2c73976e55dfcff6a1851.gz.js Show response
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/ 876 KB
239 KB 124ms
19ms Script
text/javascript 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.b0c9cfa194e2c73976e55dfcff6a1851.gz.js
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42575c8a290570887732909eb3517bb81b937b747d22d1225071418201c9dea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 12:53:51 GMT
content-encoding: gzip
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 12:53:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2599510
etag: "faa250a7fb9f2b9b3e6e88034ad7e40c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 243787
x-amz-cf-id: sG0lHGXgDXPbOVL-hVb61nrmNa6nLn-65KlydyjYdm6cnqHLIvYErA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
25 KB 212ms
118ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ae773a53fa8b223085c481eab484b51285302883432f202a23881e514369f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25577
x-xss-protection: 0
server: cafe
etag: 882 / 19460 / 31073786 / config-hash: 11789896269357185813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Apr 2023 14:59:00 GMT

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/ 14 KB
6 KB 49ms
7ms Script
application/javascript 2600:9000:2491:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:48:04 GMT
x-amz-version-id: DuJR1hVAvVhDHML78yIw9xWnN.jnHD8G
content-encoding: br
last-modified: Mon, 27 Mar 2023 06:19:38 GMT
server: AmazonS3
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 657
x-amz-cf-id: FjFPmGpA3uWPiQ4H5rzT3tiZpkdnLGCcMuWrjAkvnnn0OjPBvAI6WA==

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/e0fc062/2147483647/strip/true/crop/2262x3016+0+0/resize/150x200!/quality/90/ 10 KB
10 KB 10ms
9ms Image
image/jpeg 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/e0fc062/2147483647/strip/true/crop/2262x3016+0+0/resize/150x200!/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2018%2F08%2F21%2Fnpr_98035461_vert-337bb7c237daa59d7887866c20cbe430671f71d6.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: cef6897f68627573e9aff6e4d7933b02dbe93a903b4d104605027f5084066709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:14:58 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 236642
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 9890
x-amz-cf-id: Wd1cF4aqyxomOG3LWDUK6ldEonpmMcKFqTFbGpXxasRQHdFyz-Fy2g==
expires: Tue, 09 Apr 2024 21:14:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
63 KB 145ms
64ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9287e12c94954e07c115da468d2e44df5d9b394fc465de1282d18105fc6050f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63750
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Apr 2023 14:59:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 33ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c63a33e1bf26e7edd5abea98611f7493d86e22380c8da8702a891ab0749c70cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 14:59:00 GMT
content-md5: YnQUjmXMvDiZNAIxMd/W1Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: wpKd2p7SWowuSA7K9SpG27xAqZc64+sbtcCKJkPFRBwOrQ4K48HT4xvoqjrJ4Mp6laIsWsdYV/yDDogQYesQqw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: b04c9b2e82ab6ed5d42d9881cc7d1fc9
cross-origin-opener-policy: same-origin-allow-popups
etag: "8d81b105455b0b64c699dbebaac4afe7"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 13 Apr 2023 15:09:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 122ms
44ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65f006dc6c792f575410ecd9853bd4cc08453dfd959ec5634b39f305b4adeb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.wesa.fm/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 14:59:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Apr 2023 14:59:00 GMT

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0898143e806ca37ecc076f3238f59a570bd15f7634af330d3b5cb59523f3b2db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3664ae33c7ad3585435cb97bceb0e161a491040182f6f6e7e267308552241dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8864ed59810e3eced3290075250f9a51259e7c5b3fe47426da48b63529429748

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9042f806140fb25319c61c61abe8cc7ebb3ef3da2ce543bdd89403159017e0b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fee96f54bac4a3dd9075904bcbb46b79f5f470f0946b6cacddfe0fd8329a1a70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 87 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d45fba801a95857977c779c662c7041cc99d9abb8a5f96ddc866b4c66c674f04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Roboto-Regular.bcb27e846d65db81e599d1bada682c2e.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 64 KB
65 KB 26ms
8ms Font
application/octet-stream 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/Roboto-Regular.bcb27e846d65db81e599d1bada682c2e.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:15:33 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 11875408
x-cache: Hit from cloudfront
content-length: 65916
last-modified: Tue, 19 Jan 2021 18:22:30 GMT
server: AmazonS3
etag: "9feb0110b6dff9ee2b9ebd17f7a1aee6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: aoxoyqVHQIcxInPW618xBHk-6LuIJWFwcnRmLze2iwbBGuXoc9XpKQ==

GET
H2 200 now Show response
api.composer.nprstations.org/v1/widget/5187f152e1c837e16b69e482/ 2 KB
1 KB 351ms
101ms Fetch
application/json 54.205.106.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.composer.nprstations.org/v1/widget/5187f152e1c837e16b69e482/now?format=json&style=v2&show_song=true
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.b0c9cfa194e2c73976e55dfcff6a1851.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.106.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-106-1.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 052188a4563a23aa38f02ecf6128972a1b2e0e0329244a3d6f7654734841f765

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: gzip
server: nginx
x-powered-by: Express
vary: Accept-Encoding, X-HTTP-Method-Override, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, api_key

GET
H2 200 Oswald-Regular.4324699069756c7680a6e7fffeff0857.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 37 KB
37 KB 8ms
8ms Font
application/octet-stream 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/Oswald-Regular.4324699069756c7680a6e7fffeff0857.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f253fa17446bb4f97d687e514e47ad8d90f53ec2db5a27078c2e48a19153d3ff

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 08:48:44 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 11513416
x-cache: Hit from cloudfront
content-length: 37812
last-modified: Tue, 19 Jan 2021 18:22:28 GMT
server: AmazonS3
etag: "edaa7375a6aa70847d9ac82c5a1aaf1d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: -V4oKItq6keiN4EN9kGCS7uFOoxfZjpmGJ-hdSNCaviJq83rnHHCRg==

GET
H2 200 RobotoCondensed-Regular.85ad50e76a8a1549510da5e301f292d1.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 65 KB
65 KB 10ms
9ms Font
application/octet-stream 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/RobotoCondensed-Regular.85ad50e76a8a1549510da5e301f292d1.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71347fb3ea7e3f722eb29972cfe86ca18ca8326a490f4a789334b4dbbc4fbc3c

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 15:02:36 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 9330985
x-cache: Hit from cloudfront
content-length: 66296
last-modified: Tue, 19 Jan 2021 18:22:29 GMT
server: AmazonS3
etag: "c8bde939f4823cf1d13619290782e58b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: o5MWixWYLx54-MXMuvxAeD_peNErxGAGOpDep-jE26EijeC1dJWPSw==

GET
H2 200 Tinos-Regular.c34f0550299e7b1df8097deca3f3e423.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 151 KB
152 KB 9ms
9ms Font
application/octet-stream 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/Tinos-Regular.c34f0550299e7b1df8097deca3f3e423.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de129dc339ad6d1ef70979fbb767a093b58f7074295ce5023220880aebdfeea

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:06:52 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 10583529
x-cache: Hit from cloudfront
content-length: 154784
last-modified: Tue, 19 Jan 2021 18:22:31 GMT
server: AmazonS3
etag: "651186a8d354527d1d1109c8494c1330"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: lxubE0JvnwnHKb1GvORp3xka--TwxXQGz3rylfmTTDlNQiYqlo68tQ==

GET
H2 200 Lora-Regular.6a829d3b47948aff3773d4ef7c692b54.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/ 62 KB
62 KB 13ms
13ms Font
application/octet-stream 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/assets/fonts/Lora-Regular.6a829d3b47948aff3773d4ef7c692b54.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e98838f5615ef1b770afa611ee8e16049049748d057d5610899de9cd93f85e1e

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.47ce7b101ec8b467fda1791258694121.gz.css
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 10:41:41 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 10988240
x-cache: Hit from cloudfront
content-length: 63208
last-modified: Tue, 19 Jan 2021 18:22:32 GMT
server: AmazonS3
etag: "45333152d84c5b68301514bb6689f0e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.wesa.fm
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 5hb1n1dEOh74_C61jkPDoZUn94qXNjjF_y_20ZO5jJjgoYoywvuZxQ==

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/a68f09d/2147483647/strip/true/crop/300x60+0+0/resize/534x106!/format/webp/quality/90/ 8 KB
9 KB 11ms
8ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/a68f09d/2147483647/strip/true/crop/300x60+0+0/resize/534x106!/format/webp/quality/90/?url=https%3A%2F%2Fnpr.brightspotcdn.com%2Fdims4%2Fdefault%2F593f326%2F2147483647%2Fresize%2Fx60%2Fquality%2F90%2F%3Furl%3Dhttp%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2F84%2Fc6%2F8555649c4ab293247c66ba6a7c27%2Fgrove-header-logo-150x750-1.png
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 5e5e69fbb7610ba9a61c4dacc4c025ab17f4c0541c648f8c83c5e47b6bb0cd91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:37:41 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 11863279
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 8580
x-amz-cf-id: RiGi8w0dBY-AwXsp9EkGLtb-v0jATVydpvVomMHNUlF6Ly_4Ov0dCg==
expires: Mon, 27 Nov 2023 07:37:41 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/a995b9b/2147483647/strip/true/crop/138x46+0+0/resize/1760x586!/format/webp/quality/90/ 16 KB
16 KB 14ms
12ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/a995b9b/2147483647/strip/true/crop/138x46+0+0/resize/1760x586!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fimages%2Fstations%2Flogos%2Fnpr.gif
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: a1812aee105946804c1f904efd8830f09a7c16d0fd5a227e1f6ab2f64f1c5289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:50:27 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 10663713
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 16148
x-amz-cf-id: CSzo1WavJAxvvmo6QMeOy99M2Z08lfphkvsEgwznMWYwBfQ6GZaARg==
expires: Mon, 11 Dec 2023 04:50:27 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/a3bf883/2147483647/strip/true/crop/4032x2667+0+10/resize/260x172!/format/webp/quality/90/ 17 KB
17 KB 13ms
11ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/a3bf883/2147483647/strip/true/crop/4032x2667+0+10/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2F3c%2Fe7%2F8ac9339b49638df7aafeb01c725d%2Fspin-scooter-forstadt.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: ccd64d1f0cd42acb99a242cfaa9e59f90df728c509ba01b837c7eb224a7b798f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 10:13:43 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 17117
etag: a80b42be0579265b19a68621effca4ee
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 17340
x-amz-cf-id: c5GYponD5Y3ljBQsWNfulSp7Mb9B-cvQksPka84wyIyY1tQD4pqkJw==
expires: Fri, 12 Apr 2024 10:13:43 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/e607f9d/2147483647/strip/true/crop/1982x1311+0+0/resize/260x172!/format/webp/quality/90/ 13 KB
14 KB 14ms
12ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/e607f9d/2147483647/strip/true/crop/1982x1311+0+0/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2F6c%2F59%2F14d9794541f59530ac21aad12269%2Fgoldman-family.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: c2cc7169ed6e2728bac526713387faeb00b2a76e20e8e56cd6dc097df1ffca1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:35:06 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 19434
etag: 2c4c9d948fc2da203016c70a91db0d99
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 13654
x-amz-cf-id: HQw_25uUXty3pMmQyWZgqmM4O-Vr689GCYgVD8AIecvF2Zh5CkOcOg==
expires: Fri, 12 Apr 2024 09:35:06 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/3dca7eb/2147483647/strip/true/crop/946x626+42+0/resize/260x172!/format/webp/quality/90/ 5 KB
5 KB 14ms
12ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/3dca7eb/2147483647/strip/true/crop/946x626+42+0/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Ff8%2F39%2F41e9b90e4870a84769909904625a%2Ffac8cfd3-e2b1-5e82-7031-b1ccae1041b6.jpeg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 9405487bfc5f967294a36de0340715b67d41cdb712ac169f77bf6e61a324d18f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:31:58 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 19622
etag: ff1b38cedcbd408f64b364bd8473d2f8
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 4616
x-amz-cf-id: 1nNgrfc2ISqTFvpKo610u4r-K9HaDJp71rkI92u5kuYaaTjdC3H8jA==
expires: Fri, 12 Apr 2024 09:31:58 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/d88f61e/2147483647/strip/true/crop/3611x2389+318+0/resize/260x172!/format/webp/quality/90/ 15 KB
15 KB 15ms
13ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/d88f61e/2147483647/strip/true/crop/3611x2389+318+0/resize/260x172!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2023%2F04%2F11%2Fap22231758520709_wide-e0979132b3e21d4e5f0ffc613c487e31caa5549c.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 02b24e7b733cb625289347455e8238c63d42b5180369b4f210737d882fc59c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:30:21 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 19718
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 15248
x-amz-cf-id: MmgIcfj9tSckhwZMlgO5Ujsj1YuOGre5VlQ5Inthmq3pNjbpV2oauA==
expires: Fri, 12 Apr 2024 09:30:22 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/2fdf708/2147483647/strip/true/crop/1901x1258+0+0/resize/260x172!/format/webp/quality/90/ 21 KB
21 KB 15ms
13ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/2fdf708/2147483647/strip/true/crop/1901x1258+0+0/resize/260x172!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Fb2%2F12%2F1b3149f0428c9ea2504f91d2d966%2Fimg-20230412-104159206-hdr.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 28f9f6b7464e1cbb3312d0ea0f87b14b161271b92159e05250318ce619e325e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 20:39:37 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 65963
etag: 324ca3ae6a35ead8a02b99d15cc6e176
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 21556
x-amz-cf-id: J_EJ-t3j4u8V5BvU6UrBwQvLa1le8CJ_Y0b9YRyWDmp3Kf6qcnf8uw==
expires: Thu, 11 Apr 2024 20:39:37 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/691fb79/2147483647/strip/true/crop/1080x1080+0+0/resize/1760x1760!/format/webp/quality/90/ 129 KB
130 KB 15ms
14ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/691fb79/2147483647/strip/true/crop/1080x1080+0+0/resize/1760x1760!/format/webp/quality/90/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Ffd%2Fa0%2F38d9ac584c06b9dffc3d58e945cd%2Fmay-2022-membership-pledge-drive.png
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 4f7841d3e734e38f1870803b593fb9de906c529ceefc1a7fa4003aab9cf6007a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 19:06:52 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 2663527
etag: 7ad7b93394e491366d788fe0491fbc73
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 132508
x-amz-cf-id: JgMJfHoXQdRN583S1-2rK8UtBDGk_iwXskBesuMj78qkH3-eoU9bEA==
expires: Tue, 12 Mar 2024 19:06:52 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/9378dc5/2147483647/strip/true/crop/3226x1797+0+311/resize/560x312!/format/webp/quality/90/ 12 KB
12 KB 16ms
15ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/9378dc5/2147483647/strip/true/crop/3226x1797+0+311/resize/560x312!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2022%2F07%2F18%2Fgettyimages-3378908-eedc6ff6af21023ec910e5efd49e007fce8b8614.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: cdb300ba05f4edde63bf9e80ccaea9386de45cd27a5d2e2c9b84d432e71090cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:46:44 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 735
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 11806
x-amz-cf-id: ceuCNfMrUc3oXpYufpqLkdDs813kEAIx7qzijBPADIjWSY4v4m887w==
expires: Fri, 12 Apr 2024 14:46:45 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/fe274cc/2147483647/strip/true/crop/939x523+0+90/resize/560x312!/format/webp/quality/90/ 15 KB
16 KB 17ms
15ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/fe274cc/2147483647/strip/true/crop/939x523+0+90/resize/560x312!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2023%2F04%2F13%2Fap23102714296166-7c0b3c934e869d827e9b238617c721a611d426c1.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: d0fb29ab623faf3313b9c413c94a5d6ea9c84f87974ce9cefa41d7c66f063523

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:26:41 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 1939
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 15842
x-amz-cf-id: FJtNr8kZHyItNi0tUvloUJSDO0oESJgVHu84_Pq6ZJZ_YYB1UuxbdA==
expires: Fri, 12 Apr 2024 14:26:41 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/04b787f/2147483647/strip/true/crop/4950x2758+0+13/resize/560x312!/format/webp/quality/90/ 24 KB
25 KB 17ms
16ms Image
image/webp 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/04b787f/2147483647/strip/true/crop/4950x2758+0+13/resize/560x312!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2023%2F04%2F13%2Fgettyimages-1465705624_wide-590f7c581fad29ff8fcc7425262824547b754234.jpg
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 22593af746f86c8b85189c254aa61491b5f4d8217d2070c93c58b64995c40463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:26:40 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 1939
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 25016
x-amz-cf-id: TxRM4QtEVo0Jr9imtbDeneHUMmK2sELUoBbpVqLMpm2k7SkmW5Hk0g==
expires: Fri, 12 Apr 2024 14:26:41 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0715b243971bddaa5e88dc4f3786c074

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be504ac422ac06cd10c181a09cf94d895a86a162330a1e3fc8b9bd2660de3766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wesa.fm/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 14:59:00 GMT
content-md5: NjWbf+3bHYk1eLTiMadTwA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87099
x-fb-rlafr: 0
x-fb-debug: 87i2yCA2GHFzO8Ta1QptBIDqPYDhfDBZHtgiqMnAF5qpAZwpoQIT7FQzEoqMLCaQNwTLpxz8xVJ3++ja+RsYEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1f585a9d81dab3a480331de4ca8db549
cross-origin-opener-policy: same-origin-allow-popups
etag: "e2b474b4f000d3a2276b27e5fa7ca007"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Apr 2024 13:51:08 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/ 715 KB
222 KB 8ms
8ms Script
text/javascript 2600:9000:2491:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95772ffc4606a61dfc53d9eccf82eee222e43796731b80945771c9ff8a42c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:48:05 GMT
x-amz-version-id: IHDfWpXxYdxoiliyVszKCBqRw_kcP7IF
content-encoding: br
last-modified: Thu, 13 Apr 2023 14:21:10 GMT
server: AmazonS3
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"d9ad4524c5871775a7aea5d7cae6f3d1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 656
x-amz-cf-id: LRNMxTzDRfzxkg1ZySUIEmS96ZP1nq4TiIXMCxyyfuyY5ImAga_3dg==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 115ms
36ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 02:07:56 GMT
x-content-type-options: nosniff
age: 46264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 02:07:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 167ms
88ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 188869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 152ms
76ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 02:07:56 GMT
x-content-type-options: nosniff
age: 46264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 02:07:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 120ms
45ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wesa.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:00 GMT
x-content-type-options: nosniff
age: 188880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 135ms
35ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 14:57:16 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 104
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 13 Apr 2023 16:57:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
55 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC27BPG&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ab5d0e440d26e3f677eeae04cb76097358d10d70568da19df1d3d7f9b169e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56557
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Apr 2023 14:59:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 52ms
8ms Script
application/x-javascript 2600:9000:2057:6200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 49718
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: QWJPvoS2J9f0Z9wrf4Ds4CPbUorfuJ-Nol1x52eIDca3Jt7jtaCIOQ==
expires: Fri, 14 Apr 2023 01:10:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
70 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XGZ99F1SED&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76774678bad133b6a0a9491a27d561effb1e626674d769410f9376bbf8cbbbe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71903
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Apr 2023 14:59:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
68 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KF0HV4V4FK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

694694f1dc57c1bb8c081f6cef39c8c630d920ba588ecc86839eefed95563ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69140
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Apr 2023 14:59:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ 400 KB
124 KB 128ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073786

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 10:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15785
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126862
x-xss-protection: 0
server: cafe
etag: 16869941564567738629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 12 Apr 2024 10:35:55 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 38 B
578 B 162ms
70ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wesa.fm

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55ee721ee3d3dbc852ac307e77605441a3351ed170b96014f6ac4b5b909cd60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
x-xss-protection: 0
expires: Thu, 13 Apr 2023 14:59:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 339ms
106ms Image
image/gif 52.45.214.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=wesa.fm&p=%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&u=D2dluxDepRkEBEbdsC&d=wesa.fm&g=33583&g0=No%20Section&g1=Maria%20Godoy&n=1&f=00001&c=0&x=0&m=0&y=4654&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&b=2602&t=Dt62UXB_NjvpBpXL5uChNVjJ3fT8i&V=139&i=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&tz=0&sn=1&sv=CYiXJyBk18-YDG_2aKBYVfbADjYUVn&sd=1&im=067b0fff&_
Requested by: Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.214.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-214-17.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 13 Apr 2023 14:59:01 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/853565918/ 3 KB
2 KB 197ms
74ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/853565918/?random=1681397940860&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&bttype=purchase&auid=1430938067.1681397941&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

16254be426c39db11af3d8a0b41a844230f7651a595f3dd40b6e16148a4f55dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1691
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 50 KB
19 KB 71ms
16ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 027c2027172321d6e83d4aaf70caa78667cb5bebbf55791aee309fd55994db3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: br
cdn-edgestorageid: 723
perma-cache: HIT
cdn-storageserver: DE-570
cdn-cachedat: 04/11/2023 19:29:29
cdn-pullzone: 293267
last-modified: Tue, 11 Apr 2023 19:29:28 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 615
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6435b518-c83b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f3e9cf2fd9ee8799dce26a6980b123bc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Apr 2023 14:59:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ggYc0C8IdQV5v0RkazjdbBzTkn99MVoVKllSUgYZm5XnK0VkCJ6C3Jo5GKI01+bh9ECJWxnsg93xn0b1vk/qXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 343377981100718 Show response
connect.facebook.net/signals/config/ 2 MB
308 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/343377981100718?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a32c47c29db4971d5385c06d93844e34cdd0a7016d330e3dcefc60c351a3ef8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 14:59:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 314915
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PyOTsqSCpxQuyZms5lWF7VbWVhcKIjsX5L1Z2wcaDkNbTC2RBGG+dGmmSJnSU4itF6h8exzi0BO/aWlZogNYTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 54ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KF0HV4V4FK&gtm=45je34a0&_p=1798152674&cid=1007972644.1681397941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681397940&sct=1&seg=0&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&en=page_view&_fv=1&_nsi=1&_ss=1&ep.station=90.5%20WESA&ep.page_type=news-story&ep.nid=00000187-31cc-d817-adcf-3bfe0ef70000&ep.article_category=&ep.article_author=Maria%20Godoy&ep.article_keywords=&ep.story_org_id=s1&ep.site_name=90.5%20WESA&epn.inline_audio=1&ep.program=Morning%20Edition&ep.article_published_date=2023-03-30T05%3A08%3A15Z&epn.article_word_count=0&ep.npr_story_id=1166970026&ep.station_org_id=360&ep.npr_cms_site=true&ep.article_series=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KF0HV4V4FK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 14:59:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XGZ99F1SED&gtm=45je34c0h2&_p=1798152674&cid=1007972644.1681397941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681397940&sct=1&seg=0&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&en=page_view&_fv=1&_ss=1&ep.station=90.5%20WESA&ep.page_type=news-story&ep.nid=00000187-31cc-d817-adcf-3bfe0ef70000&ep.article_category=&ep.article_author=Maria%20Godoy&ep.article_keywords=&ep.story_org_id=s1&ep.site_name=90.5%20WESA&epn.inline_audio=1&ep.program=Morning%20Edition&ep.article_published_date=2023-03-30T05%3A08%3A15Z&epn.article_word_count=0&ep.npr_story_id=1166970026&ep.station_org_id=360&ep.npr_cms_site=true&ep.article_series=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XGZ99F1SED&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 14:59:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25070716-1&cid=1007972644.1681397941&jid=526599286&gjid=1405709750&_gid=386514228.1681397941&_u=YCDAgEABAAAAAEAAI~&z=25288602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wesa.fm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 53ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9999999-98&cid=1007972644.1681397941&jid=1166560461&gjid=1588255090&_gid=386514228.1681397941&_u=YCDAgEABAAAAAEAAI~&z=2086758862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wesa.fm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 51ms
20ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-18188937-11&cid=1007972644.1681397941&jid=832095198&gjid=904287053&_gid=386514228.1681397941&_u=YCDAgEABAAAAAEAAI~&z=2054032635

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wesa.fm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 36ms
35ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1798152674&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&ul=en-us&de=UTF-8&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=526599286&gjid=1405709750&cid=1007972644.1681397941&tid=UA-25070716-1&_gid=386514228.1681397941&gtm=45He34a0n81N39QFDR&cd6=90.5%20WESA&cd7=news-story&cd8=00000187-31cc-d817-adcf-3bfe0ef70000&cd10=&cd11=Maria%20Godoy&cd12=&cd13=s1&cd14=90.5%20WESA&cd15=1&cd16=Morning%20Edition&cd17=2023-03-30T05%3A08%3A15Z&cd18=0&cd19=1166970026&cd21=360&cd22=1&cd23=&z=1282116209

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75228
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
35ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1798152674&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&ul=en-us&de=UTF-8&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAEAAI~&jid=1166560461&gjid=1588255090&cid=1007972644.1681397941&tid=UA-9999999-98&_gid=386514228.1681397941&gtm=45He34a0n81N39QFDR&cd6=90.5%20WESA&cd7=news-story&cd8=00000187-31cc-d817-adcf-3bfe0ef70000&cd10=&cd11=Maria%20Godoy&cd12=&cd13=s1&cd14=90.5%20WESA&cd15=1&cd16=Morning%20Edition&cd17=2023-03-30T05%3A08%3A15Z&cd18=0&cd19=1166970026&cd21=360&cd22=1&cd23=&z=989344850

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75228
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
36ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1798152674&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&ul=en-us&de=UTF-8&dt=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAEAAI~&jid=832095198&gjid=904287053&cid=1007972644.1681397941&tid=UA-18188937-11&_gid=386514228.1681397941&gtm=45He34a0n81N39QFDR&cd6=90.5%20WESA&cd7=news-story&cd8=00000187-31cc-d817-adcf-3bfe0ef70000&cd10=&cd11=Maria%20Godoy&cd12=&cd13=s1&cd14=90.5%20WESA&cd15=1&cd16=Morning%20Edition&cd17=2023-03-30T05%3A08%3A15Z&cd18=0&cd19=1166970026&cd21=360&cd22=1&cd23=&z=292277061

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75228
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 7ms
7ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:00 GMT
content-encoding: br
cdn-edgestorageid: 755
perma-cache: HIT
cdn-storageserver: DE-571
cdn-cachedat: 04/11/2023 19:32:06
cdn-pullzone: 293267
last-modified: Tue, 11 Apr 2023 19:32:04 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 601
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6435b5b4-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6cffdc94a70e2921d132efd8ec7c4eb5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 147286 Show response
api.omappapi.com/v2/embed/ 8 KB
3 KB 134ms
100ms XHR
application/json 18.66.112.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/147286?d=wesa.fm
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-59.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 87d1c5cb74c9a6d7f8b1dcd9dd8028054147d335795514b00bd275165550b1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: gzip
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-account: 160723
x-user-agent: standard--
last-modified: Mon, 13 Mar 2023 13:32:18 GMT
server: Pagely Gateway/1.5.1
etag: W/"d19eb4848c55c4797b28e65e1315632c"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: rapuuO3qg0dx4c3jwK3HIbZbe7Y02zleMS0hFItDkj8onav6v23f8A==
expires: Thu, 13 Apr 2023 14:46:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 115ms
34ms Image
text/plain 2a03:2880:f128:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343377981100718&ev=PageView&dl=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&rl=&if=false&ts=1681397941070&sw=1600&sh=1200&v=2.9.101&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1681397941069.677349337&it=1681397940897&coo=false&rqm=GET

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f128:83:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Apr 2023 14:59:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 155ms
44ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wesa.fm

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 148ms
45ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wesa.fm

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 5.112e6dc7.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.112e6dc7.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 723
perma-cache: HIT
cdn-storageserver: DE-568
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Thu, 02 Feb 2023 22:05:53 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 541
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63dc33c1-3f86"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 48b8a60fd062cd249e293a05f6a6c3c4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

/
www.google.de/pagead/1p-conversion/853565918/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853565918/?random=1559783915&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fww...
https://www.google.com/pagead/1p-conversion/853565918/?random=1559783915&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-3...
https://www.google.de/pagead/1p-conversion/853565918/?random=1559783915&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30...

42 B
455 B

135ms
50ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/853565918/?random=1559783915&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=1430938067.1681397941&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5EZW9RWVFuZks5bU5pcmk3VWlFaVlBNklsY010b2tFYTVLVENpaUZiU3BNZHh2U2dybkJDeWVxWFgxUDZwS3ZpeVRJSDNrc0EaWkNoRUk4TkRlb1FZUV84ekNfcVdrM2EyVEFSSXVBTF82VkVHQnFfdTVrSF9vQUM1UTNlcmdNcEk5RjF1SERoaU9FaFZTZUZpNkw5S2RpTFk1aER1S1A0QWxNZw&is_vtc=1&ocp_id=tRg4ZNxmmJnsA7qygtAB&eitems=ChEI8NDeoQYQ0MWs7tmMjYGyARIdABZU-WlNc1pI6lgcXINdpfRl-spcIjEbG2yJaB0&random=2903329265&ipr=y&prhg=0

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 14:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 14:59:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/853565918/?random=1559783915&cv=11&fst=1681397940860&bg=ffffff&guid=ON&async=1&gtm=45He34c0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&label=_rYxCJLBr5YYEN7DgZcD&hn=www.googleadservices.com&frm=0&tiba=Medicaid%20renewals%3A%20Those%20who%20don%27t%20reenroll%20could%20get%20kicked%20off%20%7C%2090.5%20WESA&value=0&auid=1430938067.1681397941&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5EZW9RWVFuZks5bU5pcmk3VWlFaVlBNklsY010b2tFYTVLVENpaUZiU3BNZHh2U2dybkJDeWVxWFgxUDZwS3ZpeVRJSDNrc0EaWkNoRUk4TkRlb1FZUV84ekNfcVdrM2EyVEFSSXVBTF82VkVHQnFfdTVrSF9vQUM1UTNlcmdNcEk5RjF1SERoaU9FaFZTZUZpNkw5S2RpTFk1aER1S1A0QWxNZw&is_vtc=1&ocp_id=tRg4ZNxmmJnsA7qygtAB&eitems=ChEI8NDeoQYQ0MWs7tmMjYGyARIdABZU-WlNc1pI6lgcXINdpfRl-spcIjEbG2yJaB0&random=2903329265&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
22 KB 89ms
88ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3064073144822357&correlator=906755582600477&eid=31073786&output=ldjh&gdfp_req=1&vrg=202304110101&ptt=17&impl=fifs&iu_parts=12382905%2CTop_Banner_WESA%2CWESA_medium_1%2CWESA_medium_2%2CWESA_medium_3&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3%2C0%2F4&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=1&adks=1131466332%2C3008798320%2C453249744%2C4172552068&sfv=1-0-40&prev_scp=id%3D00000187-31cc-d817-adcf-3bfe0ef70000%26type%3Dnews-story%26programs%3DMorning%2520Edition%7Cid%3D00000187-31cc-d817-adcf-3bfe0ef70000%26type%3Dnews-story%26programs%3DMorning%2520Edition%7Cid%3D00000187-31cc-d817-adcf-3bfe0ef70000%26type%3Dnews-story%26programs%3DMorning%2520Edition%7Cid%3D00000187-31cc-d817-adcf-3bfe0ef70000%26type%3Dnews-story%26programs%3DMorning%2520Edition&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1681397941130&lmt=1681397941&dlt=1681397940361&idt=733&adxs=436%2C1100%2C1100%2C1100&adys=251%2C311%2C1624%2C1664&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wesa.fm%2F2023-03-30%2Fmedicaid-renewals-those-who-dont-reenroll-could-get-kicked-off&frm=20&vis=1&psz=1600x0%7C300x0%7C300x0%7C300x0&msz=1600x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1007972644.1681397941&ga_sid=1681397941&ga_hid=1798152674&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc6647ddcd89e92b3bf8799b50d0ef2bb26b03d2252f6ef37f327e032e5eab0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22082
x-xss-protection: 0
google-lineitem-id: 6239419409,6274034383,6274034383,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424805001,138429360903,138429360237,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wesa.fm
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
65a5f3a30d5b46dbd2ff3eb07a5676ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96D8 6 KB
3 KB 173ms
43ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://65a5f3a30d5b46dbd2ff3eb07a5676ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wesa.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 14:59:01 GMT
expires: Fri, 12 Apr 2024 14:59:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 1053
perma-cache: HIT
cdn-storageserver: DE-567
cdn-cachedat: 04/06/2023 18:10:57
cdn-pullzone: 293267
last-modified: Fri, 05 Aug 2022 15:30:54 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 419
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"62ed37ae-40cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 79008a7e615c568a086973747cfefa7e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.a7e57602.min.js Show response
a.omappapi.com/app/js/ 41 KB
13 KB 8ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.a7e57602.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 9521e9248df7d8a4bbe9c8052f273014560517a37e1aab0da71b61467d43922c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Wed, 29 Mar 2023 18:39:34 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 578
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642485e6-a575"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: ac41327a682c99879c34ebb59151e3dc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 13.56678130.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/13.56678130.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: b15b3c9a160b5adfb389f2ad81a6fe56f5b9950598efbda03dbd34c09c1236b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 1076
perma-cache: HIT
cdn-storageserver: DE-568
cdn-cachedat: 04/06/2023 18:10:57
cdn-pullzone: 293267
last-modified: Wed, 14 Dec 2022 16:27:28 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 336
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6399f970-90c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d24a3038e576ee74302bb349033b4b0d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.e40ad1db.min.js Show response
a.omappapi.com/app/js/ 4 KB
2 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/20.e40ad1db.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8df63939e87e03d5f16d0890511315ab0aa86bf66e64dfffb9d637b1d4c85741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 864
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Wed, 25 Jan 2023 19:58:01 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 306
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63d189c9-ee0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b2fef3cb49520c940c963c77052f3dcc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.37593e59.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 8ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.37593e59.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: d08aa5fe6131891425c044dd702f43f2ecf647100e35173a102fe03fe49b0270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 863
perma-cache: HIT
cdn-storageserver: DE-572
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Wed, 14 Dec 2022 16:27:28 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 335
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6399f970-1761"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a58e8bdb19a930e526284d8dcb8b356b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 34.01aeaad3.min.js Show response
a.omappapi.com/app/js/ 8 KB
3 KB 8ms
8ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/34.01aeaad3.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 0cf67a42bb48fba065918fca80854ed3117be8fe739d0b19492331f529e868d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 1078
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Wed, 14 Dec 2022 16:27:29 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 336
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6399f971-203b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0b1bb67ee489ed548a0fc5e0faabdf4b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.70f770b5.min.js Show response
a.omappapi.com/app/js/ 20 KB
7 KB 12ms
10ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.70f770b5.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: ef6d64d5a48a5bb376669ef86426e511b9d6d13b461d48b9b850c29fa107c77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 1047
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Tue, 21 Feb 2023 15:28:32 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 566
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f4e320-4ea5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 3ed674f3bee860a2e9c0f001d1b6fdae
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.d1b2acf1.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 8ms
6ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.d1b2acf1.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 0b22415e4dbc33efb82827aec6c16cc04b481b84ba903d19c76543dc671f939b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: MISS
x-amz-request-id: G4X5BR9KP1TEDYXH
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/11/2023 19:29:29
cdn-pullzone: 293267
x-amz-id-2: MRPMIU4tsZl0Tq7TeDTPx1XH2hoHUJ377QSk/YdlhrZOo0O9iaiPkt1Rf7dytnuD61B3otaGCEA=
last-modified: Tue, 11 Apr 2023 19:29:20 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"183aedb9bb64ea4d894025deace3168c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 10e06b37dc8d146128d73a5c8394e822
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.4e528b17.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 10ms
8ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.4e528b17.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: f678e256584e843feb8b927123eac8bbd5d98c4906eb713edcd04105ff063259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 1048
perma-cache: HIT
cdn-storageserver: DE-572
cdn-cachedat: 04/06/2023 18:10:57
cdn-pullzone: 293267
last-modified: Wed, 14 Dec 2022 16:27:24 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 420
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6399f96c-687"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: fe8c95b2720b9f2d72456b9e5c2e5713
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.eec3051a.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 9ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.eec3051a.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 26d9b6c44230968d81776300834750358ab5bdf35e7239385af3d503a4b584ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 755
perma-cache: HIT
cdn-storageserver: DE-566
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Wed, 25 Jan 2023 19:58:12 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 146
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63d189d4-7cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4184708f4dfb1aefb73259d69d6ce784
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 29.3ede5745.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 10ms
9ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/29.3ede5745.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 9b9030ba856ef3a2628973bbd256c5d8d42f92f8685c87998a3d8d4e3e35f4bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-572
cdn-cachedat: 04/06/2023 18:10:57
cdn-pullzone: 293267
last-modified: Wed, 25 Jan 2023 19:58:03 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 520
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63d189cb-ade"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6a40c03041d7cf4a231ae68dac2ae7d4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.36eab21e.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.36eab21e.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: daa80cefbd2fdeeb84087c2dc6addc813e460e2f1529ec56f52ee56f152e3ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 1077
perma-cache: HIT
cdn-storageserver: DE-569
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Wed, 25 Jan 2023 19:58:05 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 525
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63d189cd-4f4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 58deb11d7720a3fb06432bc82b75bea7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.ee4b7ea4.min.js Show response
a.omappapi.com/app/js/ 855 B
1 KB 12ms
11ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.ee4b7ea4.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 31d7ec8dcd3d069ea9f87486f661754c6b51a44e1cb994a8b19352a02572cf41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-570
cdn-cachedat: 04/06/2023 18:10:59
cdn-pullzone: 293267
last-modified: Wed, 14 Dec 2022 16:27:26 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 420
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6399f96e-357"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 27860bb86a376ee0efd390d6427133d1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.f5bdb602.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 11ms
10ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.f5bdb602.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 50d992dc35a3974d78fa1ade515401c4abfb683e9b61fb255e9ae9633517a41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 864
perma-cache: HIT
cdn-storageserver: DE-572
cdn-cachedat: 04/06/2023 18:10:57
cdn-pullzone: 293267
last-modified: Wed, 25 Jan 2023 19:58:05 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 494
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63d189cd-171e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6b869404bf777c8df81e2dfff8d6b1c0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.3cb73615.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 12ms
11ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/22.3cb73615.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 157acb48f0d2c4dc8d0b950af08fcf796e986d66d462f8face3d2244fb5eda18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Wed, 14 Dec 2022 16:27:29 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 196
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6399f971-616"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4622899d11d685e2f8e62bcfc03fa82d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6972 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu87oLAXVCNv1YkiUNGhKrGPaARb4LkZ-XHoSI6ePbsNHADt0UvYZgnP9oyRA_XDxwP4kt5sI6LZlPxCGwvUTCc8386ezdBm5767L1gPMEKl2-OLnS-8GJKFyXpYrOPGnMPD6cTPRIvd0oP5l4gNQTsm59d68Hzm03meLJ_0MflWLn5hihJgvGuEwdCka7AMxlEhcB_IC57DY-4B18FajI-gttIBhiuENVt78cFUyNDpT3g53Ud_hqRBY5LUesbHCVLH82rJoldcFBC-Yebg_-MrPimdG1eo-a2AEHCQPM4TvHyXWJoZjN88TiF&sai=AMfl-YQ2syy02Gvzc_ATL6XBKipicHEOWe4iUmhR6x8L9m1dpXPtaNIFGrRPyTIXe2gtqmMqZ0JYij_T5Awc5x6nYdpoT5gMXj-ypNg5QQjJRJQC9rmY0qD15MB3IJelR5ju8M7ju6dCxLfSJowmNWdK&sig=Cg0ArKJSzI0bzZY0kJjDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Apr 2023 14:59:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame 6972 22 KB
9 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 6972 3 KB
1 KB 159ms
73ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 09:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6972 159 KB
49 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 14:59:01 GMT

GET
H2 200 17381289691475166606
tpc.googlesyndication.com/simgad/ Frame 6972 81 KB
81 KB 201ms
116ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17381289691475166606

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffb95ffc2408091d57960c9e8b225dbd92667b05211db0897d14e5d9a88475c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:56:45 GMT
x-content-type-options: nosniff
age: 18136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83245
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 21:42:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Apr 2024 09:56:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FE9 0
0 71ms
71ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9tu4CYbsLszJQbOhh_VT2ix4xaKLiKlKF7Uph48z_Vtm21LvljVPbHJbXl2ZiaheCgB0PWjVgToFJHSHmzgKqgkhgIPX6tcSE5TynrRSoqrBpekEGwcAiyHBx8ZwwVX8uM_uCulutfwsZknwwYNH0GpXFh7Y9qg8gvbduWRggtYpuU4XO6yHhZJCUqgVzhElP2tAMxdh3FIvd13KTxm-VS9zjyLfsbLk_tSel58fM0ni1J4TDW2fosd-wPrRw8zxtL1We5a-juTE9-TisKyO6FjS3tWaTc9Y3-tQudgxAdMRmpvWacAMtk2YVBA&sai=AMfl-YRWPgeoiO8OriwO7RX9EkyKYqpUyyrS5Wg2-6TVXAfpamN705qAnIq4RoyqZ5t-DwRSHRZrqBfVuMbfM1Y11fArcP3OLitz1yW0C8MIaf1Lc2kAI-BjB08WftdjCXEReVHB1Jc7ucinPYhfCcKK&sig=Cg0ArKJSzBPv5bADFm8LEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Apr 2023 14:59:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame 7FE9 22 KB
9 KB 118ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 7FE9 3 KB
1 KB 150ms
75ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 09:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FE9 159 KB
49 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 14:59:01 GMT

GET
H2 200 10604091120407565131
tpc.googlesyndication.com/simgad/ Frame 7FE9 104 KB
105 KB 150ms
76ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10604091120407565131

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151434bcbb068dcfa0cbba632b0a0eb54510046662403129a80f7c92f42f7f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:03:17 GMT
x-content-type-options: nosniff
age: 28544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106624
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:47:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Apr 2024 07:03:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6138 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuhejT6Xvi2YqdDtQDgciv3duvrNexZTxIaSA_x1s76C3QlqTCCpbmOeiXvZjbCIrPEnJIUP7uFTwYGG5ECnd68NUFeXy5z-Vablqu9-nu109wZZN5DG47Pp_wEq7wqPsuLq2C94rvfwN9z-eq5D4Z_qfuKlOFcyayzyV5mH0f03tf9T9-feGx-OKEn8XKDLy5kG5qZfPkRvvRyClOfUVyQrfkyYfcrEQLlVOf27UXdc7M2DQQOWmudpKj3qq_TSmeXUr8jCkuzPFKo37d0wB5CijquuGmwjm2sIbATCAyIWH5nmF7nLilDAmyJw&sai=AMfl-YTB_FP1-YxBam8bM7ZaWrLX7eR_RUczYEqf7XI7RjNo_q8dWK6av7l6TmIHAZcVeyz5JwzI-aG0UfZSon4amyXTzyvQHqT4-yTE1Ti4Ukqi6uZ_7JpKbPK2ncQ_VUohVPm3bpj_GNASFRE2kiXs&sig=Cg0ArKJSzJMhZUcN8NFUEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Apr 2023 14:59:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame 6138 22 KB
9 KB 113ms
48ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 6138 3 KB
1 KB 167ms
167ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 09:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6138 159 KB
49 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 14:59:01 GMT

GET
H2 200 6807047843747109463
tpc.googlesyndication.com/simgad/ Frame 6138 102 KB
102 KB 161ms
99ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6807047843747109463

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd01ce47447659cc1c869815af18cfddd522d25da07ae8f107adbf56df18ef22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 06:49:44 GMT
x-content-type-options: nosniff
age: 29357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104139
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:52:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Apr 2024 06:49:44 GMT

GET
DATA 200
OK truncated
/ Frame 6972 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 546064526c897ff218b4f1073f6fd3dfa7eac7b68a41793d0d70dcd25ee045e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7FE9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e25cec6e51d019cfb75b0b29de5ffaa7cda53eab25f2a8186300049ae14f4d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6138 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e8f72cd6adec11afd60ca68a92df62402687d1f60f179d2eb67f7edebe79875

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6972 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstio7CQ6u5-nHj5LKKPP4qKJYhHVjLwmWwTZ4WwqfgSeefxN6nIp5lDdc_Zxe3BZ2VDuHZND1pyhwkxAzoxZJ78jXEHSDleBDjpPH99ipE3wtHpW9r5La-LJRtk2n0oHe7CFmLnweEpuRhNkpT-v5Yl7ASI8B_rXa2a61GE99cT1Q633-Jo4XU0j_i3iTYZQhDYN7r8YnUlVw479vj632yi4Fr5jSnLzpwrVBO_t5yfdxUqrZGnLD6D-7-zSzxmqGFA3LSNz-c7hKlSspycI7PaZcc_8VD4nNSn0E8ty3IyqIxS8CPpxZmqtpuy-KA&sai=AMfl-YRxOy5wFUsbUhFeZyD-jijJ0kMeZbuNWIK-fVpMGQBhzE_KJPp-HevFPPAYkl75OjyuZhldtd1w656uFwQ5kFz3k-CP-LKJd_QIIE7VgcH-GRn2HzEyHayYDS7SIvSmqAzDq5SqvAx1K_uHpQS6&sig=Cg0ArKJSzLbkojDXL6NdEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Apr 2023 14:59:01 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FE9 0
0 74ms
73ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstF18fRBofUfKGDSek8CRlEORz9GbLL6RKHnOEN8yDUEpr8BX8XPnoSJvSq84oM2NvtH7h1vRkMJHEZZvZHT5Xz6fNcN1ZGrS8MpfRLIg2J_C01rS_iuPvAxUuLCuiAaobJ_rlJnKHZrQkmGx1nPWT-wUFddJ0s7yU5dJOzrgfRQbfQm3bV_9iolDvxWrAtszlzedAjRqL0tYDssW-vScguON1y1TKbemOWLVO2cNU9iGByueXArWpVEkKosXT-olE6MZyt0nqfiDfqHDODQ6M8RFvPTo7cu2W2yeHWU7DHuPkoiyMt7ZfpVUy7VVHO&sai=AMfl-YSDoyNPVqe5mCpn-mhXYhHgmwbyEaOFoUI-DMBv_Pq4-HMIyx4fs8Tugj_1INGT0jIHxFajXjj7XecqNYtCe9BhvWYlhSacNO4slJY_NR6JoTTXPFcsUeOu1q506wlvwoSy9wFgCM5ODOFxd52Z&sig=Cg0ArKJSzGXpO49HDkFsEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Apr 2023 14:59:01 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6138 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxInqia_aNyj0LG4VKmsTPe8Wlgbtx_9wQ6pfMJSJQTtOWatxtF1mQk_Lsn4Tc06oTv1DZ4acHlR_XdXjxMqtVM-H6x_JjXzqTsv279WSrI6LGD7Ev-uMhGmErCYv1KntNLfazc0yYhDVvDI0kP8IQx2nbWkH95a8mAbH96p_nW2skNyIHYvzntKENJSLOJH-4o_GAuwZqJtXtRijnq2XExN4kmqAolAKGX464itNYxkKY2cKVptaUl_yVSYz_w9wD7O5TcOhCY3vWzzNhiu4ohJN23doWC6EpA3flyl7D29V_aOpC7TZA-HKmkvWG&sai=AMfl-YQgdAutyQzEFs0D2IVPf0ZWahcde_YUQVeE__6fuRXTJgUUEyLFACV_3MRgRTlrTBCept508gkVey147yuCQhUpR63WKj0xoEjtjnXE4hZZGIPqzyNFsSwf1HXMGFO0yu1QJP-hwndNA6UU1usV&sig=Cg0ArKJSzI5DR8eEDgPrEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Apr 2023 14:59:01 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 4269 0
47 B 33ms
33ms Document
text/plain 2a03:2880:f128:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.wesa.fm
URL: https://www.wesa.fm/2023-03-30/medicaid-renewals-those-who-dont-reenroll-could-get-kicked-off

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f128:83:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.wesa.fm
Referer: https://www.wesa.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.wesa.fm
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 14:59:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 178ms
86ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbc88e592f075311e70562e96903ce401383c73109edc78a06db64b9c7a0e0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11188
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 931ms
931ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 14:59:02 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6972 42 B
174 B 73ms
71ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuo4Gq070X3zTKFwqJUk0jhbDPqQvGxIqXf1drPT3IZRnA2MZ5xb8eN4FLBhQ0Frje4oiSudwXZgm6gTxlyKvcSE2nYHRcHeeqbD5MHMNN-dUIhEzgz&sig=Cg0ArKJSzGL5uvwvxARHEAE&id=lidar2&mcvt=1000&p=251,436,341,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1131466332&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681397941260&rpt=270&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 14:59:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6138 42 B
108 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYWlFoOwS6lweu755w5_RGDeNtk1zqwjoFrnoO_BfQMIGLwi-bfsqUVTHHakmcGG8hkX8V1p8GEboR-4IGmYSd75ctJlroDd00xnV78s0SG1Jg_xLN&sig=Cg0ArKJSzFGyCHonG7dLEAE&id=lidar2&mcvt=1001&p=401,1100,651,1400&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230412&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3008798320&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681397941284&rpt=257&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 14:59:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C9A 13 KB
5 KB 38ms
36ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wesa.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 13:58:49 GMT
expires: Fri, 12 Apr 2024 13:58:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6CA0 783 B
952 B 46ms
45ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/880a45f2-0015-49d2-b38f-2d26be44ae09/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ba0c1f7f491e0515dbee1e15fe7f2fcf9cc9f130bf0902fefd00ec251cc97fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E2qx6o1GGt-tkP0fJQPmSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wesa.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-E2qx6o1GGt-tkP0fJQPmSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 14:59:02 GMT
expires: Thu, 13 Apr 2023 14:59:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6CA0 0
0 144ms
70ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304110101&jk=3064073144822357&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C9A 36 KB
14 KB 108ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 09:52:12 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C9A 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RouzcQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 14:59:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304110101&jk=3064073144822357&bg=!WVqlWg7NAAYIJb0jKCU7ADkAdvg8Wkz_p2tffsihuN3dqbmhnSdrdlIBpxphKCreMJPde_MzyZqNysCrwKYVSmCf3CPD6kRuDocCAAAAUFIAAAADaAEHCgCbjotLq6IuCSQIHJNr1TKfGoUG4t_Y0ezaf_nbH3zaJXDr1590BQM8TQah0EFHzLmpuQTayb9Fcfs9DjEu1mDy_Slz9yhiuXWwZVGpjxAs3ffrNqVA4uTZgHalbwbBZfaLYInrsonWYO32vIiOg5VIBuNr26S5fM9WPCLBNEIhLL8kQn4cMsXdK7_ys0LLowUiUA8dY1K0pbrZ1c2ZAqWWo6pmuOCmoHWFsUxMR3oXzL6pfH97_0EeLQJC7kna0ILgMnj8rJNT52yQRhmQC3WLGpxyV4XJdBCXeMDs1pYFvN9Cg7Pwh5W8Mid3EFLxJ9rfXiPKXjMKkJdq5LiRL9NXqxnkj91UwOxXBoaGGBmPDg2n50Y53cKLylFgNx4pr79wOj1i_j44wE7WCmwARXzA3519kSua51rtcr-04zr30x3b2tR_XLy66NtqZu3-lMqaZziz8tfL8NPq6r6-xnRv0aBdoZel9J12B2mDOLUQfWdHg0HlK_2ttXGcFav2ytfoHrHEfRFlpJfXSxLpeKjLVhdBea4VfPXm_z7y9Zf9dq2wZrNUT2uW2Az_p8jik5itvgPssPFHV4hzQBfMj2i4-HOoyzcxDp6ayQqpkZDq4TIG7wZtpk5UfhO4frlFahO_A_Y4tpQ4Kg5j5kgdvx_56hTxl69My7dvpFiHdBZF30v1QdKp0CopgyPCKpzsGg-FnTOijmwqn4wLdR4RFN7KVd11f92Mh_3z8i35o9ho4ZXgz9w2lmsEKLvU0egKSwBrKKyEmM9LiKAcSK5h3iL7Opp1Lyca4MZVxbypXitQ6OtKRwLrs-KruhsBi6KWgXJI_H84odKRb3TcOdZ5RXft4Dntb7eT2nMzA66VRS_0mUWALxvDkGGKS9iSnmIoA92t-pDer8xrC_h_xGukMEEkB3EWaOd_9N_Yr_ib5MK7XThyLB0bdDpa2rXMxXLvH2XPm_oBPYokSmI1ciWaUC_HP5jmvbbSpfancIMwJBUDBJcnI2KCM8-ogQNswDCm1KaD3vizUES60Ab6hcaZt4C_0IBPlE0MLRUoq1kxsmoNteUJZeda0zjLyxXfQrrbHKc8p-Q6Fufz6lK63vIqI_28Ton8SQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wesa.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.wesa.fm/	1969-12-31 23:59:59	Name: BSP_PLAYER_PREROLLUID Value: {"version":"1.0.1","uuid":"f8x66vc3p","timestamp":1681397940631}
.wesa.fm/	1970-01-20 20:32:05	Name: _cb Value: D2dluxDepRkEBEbdsC
.wesa.fm/	1970-01-20 20:32:05	Name: _chartbeat2 Value: .1681397940832.1681397940832.1.CYiXJyBk18-YDG_2aKBYVfbADjYUVn.1
.wesa.fm/	1970-01-20 11:03:19	Name: _cb_svref Value: null
.wesa.fm/	1970-01-20 13:12:53	Name: _gcl_au Value: 1.1.1430938067.1681397941
.wesa.fm/	1970-01-20 20:39:17	Name: _ga_KF0HV4V4FK Value: GS1.1.1681397940.1.0.1681397940.0.0.0
.wesa.fm/	1970-01-20 20:39:17	Name: _ga_XGZ99F1SED Value: GS1.1.1681397940.1.0.1681397940.0.0.0
.wesa.fm/	1970-01-20 20:39:17	Name: _ga Value: GA1.2.1007972644.1681397941
.wesa.fm/	1970-01-20 11:04:44	Name: _gid Value: GA1.2.386514228.1681397941
.wesa.fm/	1970-01-20 11:03:18	Name: _dc_gtm_UA-25070716-1 Value: 1
.wesa.fm/	1970-01-20 11:03:18	Name: _dc_gtm_UA-9999999-98 Value: 1
.wesa.fm/	1970-01-20 11:03:18	Name: _dc_gtm_UA-18188937-11 Value: 1
www.wesa.fm/	1970-01-20 20:39:17	Name: _omappvp Value: uhVwVSgqxUc8ixAPv2TSg4pnKNmXXmO3VFiPVVf8yEcxelrww6J1yGjmsXbLjaNCnvs2DAMInigrG2b9QgcRTQXxiFAjgu04
www.wesa.fm/	1970-01-20 11:03:19	Name: _omappvs Value: 1681397940982
.wesa.fm/	1970-01-20 13:12:53	Name: _fbp Value: fb.1.1681397941069.677349337
.wesa.fm/	1970-01-20 20:24:53	Name: __gads Value: ID=98bd6418d04b9bec:T=1681397941:S=ALNI_MZpbtzg890H1JhChHwlN5wKtYnKEQ
.wesa.fm/	1970-01-20 20:24:53	Name: __gpi Value: UID=00000bd5361d85d3:T=1681397941:RT=1681397941:S=ALNI_MalQgCSK7tJEbDv0vVaor092CcnIg
.doubleclick.net/	1970-01-20 20:24:53	Name: IDE Value: AHWqTUkNgj2rQszIrhrsZr7yOvYPKDFkhYmQgb6hO6jDWlHMAj2rPc_o57N5o3_ZTMY

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.b0c9cfa194e2c73976e55dfcff6a1851.gz.js(Line 58) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

65a5f3a30d5b46dbd2ff3eb07a5676ed.safeframe.googlesyndication.com
a.omappapi.com
adservice.google.com
adservice.google.de
api.composer.nprstations.org
api.omappapi.com
app.salesloft.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
npr.brightspotcdn.com
pagead2.googlesyndication.com
ping.chartbeat.net
region1.google-analytics.com
rumcdn.geoedge.be
sales.asapp.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.wesa.fm
143.204.89.36
172.217.18.98
18.153.1.88
18.66.112.59
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2600:9000:2057:6200:18:1fcd:351:7bc1
2600:9000:2491:1e00:4:b37b:9440:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f128:83:face:b00c:0:25de
52.222.236.10
52.45.214.17
54.205.106.1
67.202.7.244
027c2027172321d6e83d4aaf70caa78667cb5bebbf55791aee309fd55994db3d
02b24e7b733cb625289347455e8238c63d42b5180369b4f210737d882fc59c93
052188a4563a23aa38f02ecf6128972a1b2e0e0329244a3d6f7654734841f765
0898143e806ca37ecc076f3238f59a570bd15f7634af330d3b5cb59523f3b2db
0b22415e4dbc33efb82827aec6c16cc04b481b84ba903d19c76543dc671f939b
0cf67a42bb48fba065918fca80854ed3117be8fe739d0b19492331f529e868d8
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
151434bcbb068dcfa0cbba632b0a0eb54510046662403129a80f7c92f42f7f86
157acb48f0d2c4dc8d0b950af08fcf796e986d66d462f8face3d2244fb5eda18
16254be426c39db11af3d8a0b41a844230f7651a595f3dd40b6e16148a4f55dd
22593af746f86c8b85189c254aa61491b5f4d8217d2070c93c58b64995c40463
26d9b6c44230968d81776300834750358ab5bdf35e7239385af3d503a4b584ca
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
28f9f6b7464e1cbb3312d0ea0f87b14b161271b92159e05250318ce619e325e2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d7ec8dcd3d069ea9f87486f661754c6b51a44e1cb994a8b19352a02572cf41
3664ae33c7ad3585435cb97bceb0e161a491040182f6f6e7e267308552241dd0
3ae773a53fa8b223085c481eab484b51285302883432f202a23881e514369f57
3ba0c1f7f491e0515dbee1e15fe7f2fcf9cc9f130bf0902fefd00ec251cc97fa
42575c8a290570887732909eb3517bb81b937b747d22d1225071418201c9dea3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e8f72cd6adec11afd60ca68a92df62402687d1f60f179d2eb67f7edebe79875
4f7841d3e734e38f1870803b593fb9de906c529ceefc1a7fa4003aab9cf6007a
50d992dc35a3974d78fa1ade515401c4abfb683e9b61fb255e9ae9633517a41a
546064526c897ff218b4f1073f6fd3dfa7eac7b68a41793d0d70dcd25ee045e7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee721ee3d3dbc852ac307e77605441a3351ed170b96014f6ac4b5b909cd60c
57028c54d6e42b50699e18ef8497b545be66eb9bf08a9ff56ab98b5330c660da
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e5e69fbb7610ba9a61c4dacc4c025ab17f4c0541c648f8c83c5e47b6bb0cd91
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f006dc6c792f575410ecd9853bd4cc08453dfd959ec5634b39f305b4adeb61
694694f1dc57c1bb8c081f6cef39c8c630d920ba588ecc86839eefed95563ddb
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71347fb3ea7e3f722eb29972cfe86ca18ca8326a490f4a789334b4dbbc4fbc3c
76774678bad133b6a0a9491a27d561effb1e626674d769410f9376bbf8cbbbe5
7ab5d0e440d26e3f677eeae04cb76097358d10d70568da19df1d3d7f9b169e16
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87d1c5cb74c9a6d7f8b1dcd9dd8028054147d335795514b00bd275165550b1ef
8864ed59810e3eced3290075250f9a51259e7c5b3fe47426da48b63529429748
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
8df63939e87e03d5f16d0890511315ab0aa86bf66e64dfffb9d637b1d4c85741
9042f806140fb25319c61c61abe8cc7ebb3ef3da2ce543bdd89403159017e0b2
9287e12c94954e07c115da468d2e44df5d9b394fc465de1282d18105fc6050f4
9405487bfc5f967294a36de0340715b67d41cdb712ac169f77bf6e61a324d18f
9521e9248df7d8a4bbe9c8052f273014560517a37e1aab0da71b61467d43922c
95772ffc4606a61dfc53d9eccf82eee222e43796731b80945771c9ff8a42c30f
9b9030ba856ef3a2628973bbd256c5d8d42f92f8685c87998a3d8d4e3e35f4bf
9de129dc339ad6d1ef70979fbb767a093b58f7074295ce5023220880aebdfeea
a1812aee105946804c1f904efd8830f09a7c16d0fd5a227e1f6ab2f64f1c5289
a32c47c29db4971d5385c06d93844e34cdd0a7016d330e3dcefc60c351a3ef8c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee
ad7fc959b2593ae9ffbfd1d358cd1208f72cbb3344ba5cc931df570632be6cc6
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b15b3c9a160b5adfb389f2ad81a6fe56f5b9950598efbda03dbd34c09c1236b8
bd01ce47447659cc1c869815af18cfddd522d25da07ae8f107adbf56df18ef22
be504ac422ac06cd10c181a09cf94d895a86a162330a1e3fc8b9bd2660de3766
c2cc7169ed6e2728bac526713387faeb00b2a76e20e8e56cd6dc097df1ffca1f
c63a33e1bf26e7edd5abea98611f7493d86e22380c8da8702a891ab0749c70cc
cbc88e592f075311e70562e96903ce401383c73109edc78a06db64b9c7a0e0d5
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
ccd64d1f0cd42acb99a242cfaa9e59f90df728c509ba01b837c7eb224a7b798f
cdb300ba05f4edde63bf9e80ccaea9386de45cd27a5d2e2c9b84d432e71090cc
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cef6897f68627573e9aff6e4d7933b02dbe93a903b4d104605027f5084066709
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08aa5fe6131891425c044dd702f43f2ecf647100e35173a102fe03fe49b0270
d0fb29ab623faf3313b9c413c94a5d6ea9c84f87974ce9cefa41d7c66f063523
d45fba801a95857977c779c662c7041cc99d9abb8a5f96ddc866b4c66c674f04
daa80cefbd2fdeeb84087c2dc6addc813e460e2f1529ec56f52ee56f152e3ed9
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
e25cec6e51d019cfb75b0b29de5ffaa7cda53eab25f2a8186300049ae14f4d9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98838f5615ef1b770afa611ee8e16049049748d057d5610899de9cd93f85e1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6d64d5a48a5bb376669ef86426e511b9d6d13b461d48b9b850c29fa107c77f
f253fa17446bb4f97d687e514e47ad8d90f53ec2db5a27078c2e48a19153d3ff
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f678e256584e843feb8b927123eac8bbd5d98c4906eb713edcd04105ff063259
f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2
fc6647ddcd89e92b3bf8799b50d0ef2bb26b03d2252f6ef37f327e032e5eab0b
fee96f54bac4a3dd9075904bcbb46b79f5f470f0946b6cacddfe0fd8329a1a70
ffb95ffc2408091d57960c9e8b225dbd92667b05211db0897d14e5d9a88475c4

www.wesa.fm Open in urlscan Pro 52.222.236.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

99 %HTTPS

71 %IPv6

21 Domains

29 Subdomains

26 IPs

5 Countries

2779 kBTransfer

7845 kBSize

18 Cookies

22 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wesa.fm Open in urlscan Pro
52.222.236.10 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

99 %
HTTPS

71 %
IPv6

21
Domains

29
Subdomains

26
IPs

5
Countries

2779 kB
Transfer

7845 kB
Size

18
Cookies

105 HTTP transactions
9 data transactions