www.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.info.geha.com/?qs=8c38e2940c4a104d3faa7f79cfcc6df6ea442c1e549be319ec658ea053c5de5c1c510303a25f8acb2cd2704924fb...
Effective URL:
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Pr...
Submission: On June 07 via manual (June 7th 2024, 10:23:08 am UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 69 HTTP transactions. The main IP is 2a02:26f0:ab00::214:8e59, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.geha.com. The Cisco Umbrella rank of the primary domain is 241523.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 23rd 2023. Valid for: a year.

This is the only time www.geha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.100.248 13.111.100.248	14340 (SALESFORCE) (SALESFORCE)
24	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2828	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2823	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.92.121 18.66.92.121	16509 (AMAZON-02) (AMAZON-02)
6	172.64.145.73 172.64.145.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:170... 2a02:26f0:1700:38a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.111.118.55 13.111.118.55	14340 (SALESFORCE) (SALESFORCE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:235... 2600:9000:235a:4c00:3:35f2:c540:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:594::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	23.219.78.169 23.219.78.169	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
69	16

1 13.111.100.248 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.info.geha.com

click.info.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:26f0:ab00::214:8e59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2828 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2823 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.92.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-121.fra56.r.cloudfront.net

d1mj578wat5n4o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.145.73 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

api-engage-us.sitecorecloud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:38a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd311.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.111.118.55 (United States)

ASN14340 (SALESFORCE, US)
PTR: cloud.info.geha.com

cloud.info.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:235a:4c00:3:35f2:c540:21 (United States)

ASN16509 (AMAZON-02, US)

d35vb5cccm4xzp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:594::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.219.78.169 (Seattle, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-78-169.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	geha.com 1 redirects click.info.geha.com www.geha.com — Cisco Umbrella Rank: 241523 cloud.info.geha.com — Cisco Umbrella Rank: 460768 Failed	811 KB
15	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2099 ka-p.fontawesome.com — Cisco Umbrella Rank: 3854	242 KB
6	sitecorecloud.io api-engage-us.sitecorecloud.io — Cisco Umbrella Rank: 66410	862 B
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	9 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2799 kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2800 fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net	1 KB
4	gstatic.com fonts.gstatic.com	91 KB
3	cloudfront.net d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net	81 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1539 c.go-mpulse.net — Cisco Umbrella Rank: 660	52 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 621 p.typekit.net — Cisco Umbrella Rank: 778	1 KB
1	akstat.io 684dd311.akstat.io — Cisco Umbrella Rank: 79558	224 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	82 KB
69	11

	Domain	Requested by
24	www.geha.com	www.geha.com
12	ka-p.fontawesome.com	kit.fontawesome.com www.geha.com
6	api-engage-us.sitecorecloud.io	d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net
6	fonts.googleapis.com	www.geha.com
4	fonts.gstatic.com	fonts.googleapis.com
3	kit.fontawesome.com	www.geha.com kit.fontawesome.com
2	d35vb5cccm4xzp.cloudfront.net	d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net
2	cloud.info.geha.com	www.geha.com
1	fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	684dd311.akstat.io	s.go-mpulse.net
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	www.geha.com
1	d1mj578wat5n4o.cloudfront.net	www.geha.com
1	www.googletagmanager.com	www.geha.com
1	p.typekit.net	use.typekit.net
1	use.typekit.net	www.geha.com
1	click.info.geha.com	1 redirects
69	20

This site contains links to these domains. Also see Links.

Domain
calendly.com
member-portal.geha.com
www.gehadentaldiscount.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-23` - `2024-09-22`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sitecorecloud.io E1	`2024-04-21` - `2024-07-20`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
cloud.info.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-12-03`	a year	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Frame ID: 4BDA00B93362BB425EC8922C967E0A90
Requests: 63 HTTP requests in this frame

Frame: https://cloud.info.geha.com/draft?utm_source=S24WTE0GINAP&utm_campaign=Partnerships%20-%2024%20-%20Brand%20Awareness%20-%20Email%20-%20NFL%20Draft%20Giveaway%20-%20Prospects%20-%20National_S24WTE0GINAP&utm_medium=Email
Frame ID: FBD2C5E0D6CC3FAB8697600F2B8E2B6D
Requests: 2 HTTP requests in this frame

Frame: https://cloud.info.geha.com/openseasonplanreminders
Frame ID: 1357083D89A2306C2B19AAA68787373D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Draft Giveaway | GEHA

Page URL History Show full URLs

https://click.info.geha.com/?qs=8c38e2940c4a104d3faa7f79cfcc6df6ea442c1e549be319ec658ea053c5de5c1c510303... HTTP 302
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

69
Requests

96 %
HTTPS

71 %
IPv6

11
Domains

20
Subdomains

16
IPs

2
Countries

1371 kB
Transfer

5892 kB
Size

11
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://calendly.com/d/3s7-qqm-xsd
Title: Schedule a Benefits Session

Search URL Search Domain Scan URL

URL: https://member-portal.geha.com/login
Title: Member

Search URL Search Domain Scan URL

URL: https://www.gehadentaldiscount.com/
Title: Connection Dental Discount

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GEHAhealth

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gehahealth

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gehahealth

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gehahealth

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.info.geha.com/?qs=8c38e2940c4a104d3faa7f79cfcc6df6ea442c1e549be319ec658ea053c5de5c1c510303a25f8acb2cd2704924fbf8e4d1469666a850a1e119d3e4a0928f4174 HTTP 302
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p5tbsdww3 HTTP 302
https://kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 67

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p5tbsdww3 HTTP 302
https://fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net/eum/results.txt

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request draftgiveaway Show response
www.geha.com/
Redirect Chain

https://click.info.geha.com/?qs=8c38e2940c4a104d3faa7f79cfcc6df6ea442c1e549be319ec658ea053c5de5c1c510303a25f8acb2cd2704924fbf8e4d1469666a850a1e119d3e4a0928f4174
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_key...

69 KB
14 KB

1611ms
1426ms

Document
text/html

2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

193c82f86ded257bf4e8f5e3fc3db07de1dd5806e147788b11b10e627a15e5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 12672
content-type: text/html; charset=utf-8
date: Fri, 07 Jun 2024 10:23:00 GMT
expires: -1
pragma: no-cache
server-timing: cdn-cache; desc=MISS edge; dur=718 origin; dur=503 ak_p; desc="1717755778591_34901589_134746612_122093_8868_38_74_255";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 65959 0 pmb=mRUM,1
x-content-type-options: 'nosniff'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 553
Content-Type: text/html; charset=utf-8
Date: Fri, 07 Jun 2024 10:22:58 GMT
Location: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/ 29 KB
4 KB 50ms
47ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/optimized-min.css?t=20200827T195652Z

Requested by

Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780112_34901589_134747920_40_8198_38_0_255";dur=1
content-length: 3484
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Aug 2020 19:56:52 GMT
etag: 71297b75a810417dbeaa71ed60eeb6e1
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=68059
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/ 132 KB
22 KB 61ms
59ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/optimized-min.css?t=20221109T053533Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780112_34901589_134747921_41_8180_38_0_255";dur=1
content-length: 22078
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Nov 2022 05:35:33 GMT
etag: cddcbd79bda84976b39a43a487bdbebf
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=18238
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/Main-Theme/styles/ 5 KB
2 KB 52ms
50ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Main-Theme/styles/optimized-min.css?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780112_34901589_134747922_40_8178_38_0_255";dur=1
content-length: 1636
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: ffd03de852da41deb27b87223721ff9a
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=10394
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Styles/ 1 KB
965 B 75ms
73ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Styles/optimized-min.css?t=20220715T021623Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

286dc7cf3eb0c6c06c2fb54d779f82bf342bbf766861f7aba001408bcb391828

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780125_34901589_134747932_272_7311_38_0_255";dur=1
content-length: 538
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:16:23 GMT
etag: bb86af52b3144400b8d0333da683b1db
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=29385
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/ 1 MB
137 KB 88ms
87ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b65ecc819f4b7a1056b90009ae39134cd681a53a70c845104ec132820a37630b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 15 Mar 2024 01:27:54 GMT
etag: c92ec30f3da24c8b97fc8632523f220f
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=25813
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780123_34901589_134747933_135_8935_38_0_255";dur=1
accept-ranges: bytes
content-length: 140066
x-xss-protection: 1; mode=block

GET
H2 200 VisitorIdentification.js Show response
www.geha.com/layouts/system/ 2 KB
1 KB 152ms
150ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/layouts/system/VisitorIdentification.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: 'nosniff'
date: Fri, 07 Jun 2024 10:23:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780125_34901589_134747934_333_8562_38_0_219";dur=1
content-length: 732
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 10 Sep 2018 14:56:14 GMT
server: Microsoft-IIS/10.0
etag: "0bb5d6b1649d41:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-stackifyid: V2|376ba7d2-d6e1-4c98-9e22-59ecbdf6884c|C57524|CD4989
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 57591c2ee3.js Show response
kit.fontawesome.com/ 12 KB
4 KB 303ms
212ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3.js
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277b8bd1952e82623693dc9123e1c2186cf0ac9436d4059dffe4ad732d2da5a3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 88ffec9a5e776977-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F9axx_jI6__3F6MzAyZh

GET
H2 200 57591c2ee3.css
kit.fontawesome.com/ 399 B
508 B 164ms
73ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3.css
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf99991359fbb6e575a809280eb26d7f2408710608ccb222788324c6c1ac753f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 142
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=300, public, stale-while-revalidate=30
cf-ray: 88ffec9a4e736977-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8yOZHQJuvpJnsn7dCCh

GET
H2 200 geha.png
www.geha.com/~/media93/Project/GEHA/shared/ 9 KB
10 KB 75ms
74ms Image
image/png 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/shared/geha.png?h=135&w=550&la=en&hash=6A9419DEDA474BA8DF91728302A3ACB2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3487c89cbf4176ba31dee9f3fb221bab9b05753f689e372d9c03e71c78b8e3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 30 Jul 2021 17:58:46 GMT
etag: cdfed84458664cc398ac12b335feb876
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=25805
content-disposition: inline; filename="geha.png"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780124_34901589_134747935_134_8851_38_0_182";dur=1
accept-ranges: bytes
content-length: 9374
x-xss-protection: 1; mode=block
x-datastream-cache-status: 1

GET
H2 200 database-white.png
www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/ 1 KB
2 KB 87ms
86ms Image
image/png 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/database-white.png?h=100&w=100&la=en&hash=521DCE033E36C28C1312246F6B57E917

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e43974dcd89e9262d9c19ddfc9ce50400414c01abbe784eebf8e8d785503d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Wed, 16 Dec 2020 17:05:29 GMT
etag: c359242c1555453b8bddae1659745e71
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=10478
content-disposition: inline; filename="database-white.png"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780124_34901589_134747937_137_8906_38_0_182";dur=1
accept-ranges: bytes
content-length: 1293
x-xss-protection: 1; mode=block

GET
H2 200 draft-giveaway-registration-page.jpg
www.geha.com/~/media93/Project/GEHA/GEHA/draft-giveaway/ 119 KB
119 KB 819ms
817ms Image
image/jpeg 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/draft-giveaway/draft-giveaway-registration-page.jpg?h=42%25&w=100%25&hash=75B25ADEE1C1B1CCC30276E00614EA43

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36cbe98f9a9327afce4c79a1c0a9d43e076d3b2ae36e68f7c40b7cbc41d95931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 29 Mar 2024 16:40:21 GMT
etag: b3e3fdc7d3974ccd9d46595cd18c23ff
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=86400
content-disposition: inline; filename="draft-giveaway-registration-page.jpg"
server-timing: cdn-cache; desc=HIT, edge; dur=407, ak_p; desc="1717755780201_34901589_134748047_40794_7723_38_0_182";dur=1
accept-ranges: bytes
content-length: 121778
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/ 1 MB
305 KB 64ms
63ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780201_34901589_134748048_42_7849_39_0_182";dur=1
content-length: 312095
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Nov 2022 05:35:31 GMT
etag: 5f8a850d7d5d40faa8d832fe2c37e52d
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=64864
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/XA-API/Scripts/ 2 KB
1 KB 48ms
48ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/XA-API/Scripts/optimized-min.js?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780324_34901589_134748192_35_9048_38_0_182";dur=1
content-length: 855
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: c38298f3b90349549796d730a6e8ff40
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=10400
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/ 3 KB
1 KB 59ms
59ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/optimized-min.js?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: 574f88811b0947e08eb6c1deb05b1ab4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=73618
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780375_34901589_134748257_31_7991_38_0_182";dur=1
accept-ranges: bytes
content-length: 962
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/ 5 KB
2 KB 169ms
169ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/optimized-min.js?t=20220715T021537Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780440_34901589_134748313_192_8975_38_0_182";dur=1
content-length: 1930
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:37 GMT
etag: 62f4e07c5ee3471187fee95f1034f7cb
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=57048
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Maps/Scripts/ 9 KB
3 KB 50ms
50ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Maps/Scripts/optimized-min.js?t=20220715T021537Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780605_34901589_134748550_30_8881_54_0_182";dur=1
content-length: 3035
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:37 GMT
etag: 13b4e978e32648de9f455492b56e0de2
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=10509
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/ 76 KB
18 KB 50ms
50ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/optimized-min.js?t=20221028T013215Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

91af8f8604e6cbcb00a3ff4056f9fce3090c1ffca25400650895832c03b34ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780839_34901589_134748812_38_9224_48_0_182";dur=1
content-length: 18181
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Oct 2022 01:32:15 GMT
etag: aeae65fdf10e405a819820b86851dd8d
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=73725
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/ 52 KB
15 KB 49ms
49ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/optimized-min.js?t=20220715T021538Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780892_34901589_134748867_30_9192_39_0_182";dur=1
content-length: 14937
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:38 GMT
etag: 5ca53ec515f5411bacbd3a615d251007
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=27242
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/ 19 B
475 B 49ms
49ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/optimized-min.js?t=20220715T021538Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780943_34901589_134748921_30_9142_38_0_182";dur=1
content-length: 39
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:38 GMT
etag: e8bf1b6ff51942bfac73dfb8ec9beddf
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=35624
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Scripts/ 253 B
646 B 48ms
48ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Scripts/optimized-min.js?t=20220715T021621Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5fd7281dafc44afbbb34847a7c8dfff204d017418103d96eb401ade5c1f6012c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755780993_34901589_134748989_34_8921_38_0_182";dur=1
content-length: 210
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:16:21 GMT
etag: faf71ebe50fd45198d26fa25699a92d9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=40989
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/ 523 KB
142 KB 49ms
49ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/optimized-min.js?t=20240315T012754Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

71e970680812d5265281f05a10ae287a5739c582d03a027ef3b3f2e02166ec21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755781025_34901589_134749019_44_8342_38_0_182";dur=1
content-length: 144408
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Mar 2024 01:27:54 GMT
server: Microsoft-IIS/10.0
etag: 2c979c38fa4d45c684fb5b7bef965839
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=25639
accept-ranges: bytes

GET
H2 200 vxe3lkg.css
use.typekit.net/ 7 KB
1 KB 841ms
267ms Stylesheet
text/css 2a02:26f0:3100::1735:2828
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vxe3lkg.css

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

91885b79eafb9db3b3b6bccd7d3927f3cea7bc0a006fe3a6b625787d413fc412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 07 Jun 2024 10:23:01 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 972

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 144ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 09:14:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 10:23:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 81 KB
3 KB 158ms
63ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@500;600;700&family=Nunito+Sans:opsz,wght@6..12,500;6..12,700&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5d59965fc50d217015f96f657880ade0fcbc85b9cc15b5fc20f097a25be9a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 10:23:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 10:23:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 77 KB
3 KB 147ms
52ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@500;600;700&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

166b640351aa645b6af02b1013bc7fbead2822e44d773deba0b35f4053d0e94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 10:23:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 10:23:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
720 B 144ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:opsz,wght@6..12,400;6..12,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a4bf8a4ca374508387fc27de382cbbe01a6ace9f7bb3c1618884b7b86dd6c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 10:23:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 10:23:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
517 B 178ms
84ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 10:14:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 10:23:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
701 B 145ms
51ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400,600,700,800,900

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43bf46697a74707dd319e2549eb7e7ad414d629c257da2dfc02e082a7a7290c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 10:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 10:23:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 10:23:00 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 269ms
63ms Stylesheet
text/css 2a02:26f0:3100::1735:2823
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vxe3lkg&ht=tk&f=24537.24538.24539.24540.24545.24546.24547.24548.24549.24552&a=90735096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vxe3lkg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2823 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx
etag: "6649f74c-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 267 KB
82 KB 173ms
76ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb951962e4ba322ebae3e477d109486e6a0010e2ed20266bbe579e2e6c6f27d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83677
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 10:23:01 GMT

GET
H/1.1 200
OK sitecore-engage-v.1.3.0.min.js Show response
d1mj578wat5n4o.cloudfront.net/ 48 KB
49 KB 142ms
45ms Script
binary/octet-stream 18.66.92.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb56f17a4fe738143ac04ca01897e7ae5980eab0a5aaf0ebad8c6a2d09e39d90

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 05:19:07 GMT
Via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 May 2023 07:05:18 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 18265
x-amz-server-side-encryption: AES256
ETag: "f31e2f04c4696df590de7bcb24cebec2"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49153
X-Amz-Cf-Id: Fug0c3OCIZXWxJK3_j7fmGsgaDBau9ZthVjnVQftfr427ot6DEPfeQ==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 672 KB
118 KB 80ms
70ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:26 GMT
server: cloudflare
age: 45116
etag: "660c23a2-1d791"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca1bebd6977-FRA
content-length: 120721

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 27 KB
4 KB 121ms
112ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 801097
etag: "660c23a0-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca1bec06977-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 50 KB
7 KB 78ms
69ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 5674270
etag: "660c23a0-1c3b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca1bec26977-FRA
content-length: 7227

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 7 KB
2 KB 121ms
111ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 54074
etag: "660c23a0-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca1bebf6977-FRA
content-length: 1738

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/57591c2ee3/93592551/ 0
152 B 69ms
68ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3/93592551/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
cf-cache-status: HIT
age: 7402748
content-length: 0
x-request-id: F7xlBcIjwYv1x4r5d89h
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 88ffeca1beaa6977-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 pro.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 672 KB
213 B 235ms
70ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://kit.fontawesome.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:26 GMT
server: cloudflare
age: 5673992
etag: "660c23a2-1d791"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca2b9e33a68-FRA
content-length: 120721

GET
H2 200 pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 27 KB
56 B 240ms
75ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://kit.fontawesome.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 801790
etag: "660c23a0-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca2b9e53a68-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 50 KB
73 B 237ms
71ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://kit.fontawesome.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 5673992
etag: "660c23a0-1c3b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca2b9de3a68-FRA
content-length: 7227

GET
H2 200 pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 7 KB
49 B 247ms
82ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://kit.fontawesome.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 5673992
etag: "660c23a0-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca2b9e83a68-FRA
content-length: 1738

OPTIONS
H3 200 create.json
api-engage-us.sitecorecloud.io/v1.2/browser/ Frame 0
0 416ms
364ms Preflight
text/plain 172.64.145.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/browser/create.json?client_key=b9c1f091c924864e2a26574bbef92243&message={}
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.145.73 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-library-version
Access-Control-Request-Method: GET
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version,X-Client-Software-ID
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88ffeca33e056a78-TXL
content-length: 24
content-type: text/plain
date: Fri, 07 Jun 2024 10:23:01 GMT
server: cloudflare
x-robots-tag: noindex

GET
H3 201 create.json Show response
api-engage-us.sitecorecloud.io/v1.2/browser/ 178 B
333 B 365ms
365ms Fetch
application/json 172.64.145.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/browser/create.json?client_key=b9c1f091c924864e2a26574bbef92243&message={}
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.145.73 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb231dde22d915813f655f0681cf909eac5e7727f05a763afe31e2c281dd93e7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Library-Version: 1.3.0
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 88ffeca57a186a78-TXL
content-length: 178
alt-svc: h3=":443"; ma=86400

GET
H2 200 7JTKV-XPJV9-YRVS3-M2J45-ZYZNN Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 128ms
40ms Script
application/javascript 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Tue, 14 May 2024 03:34:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET draft
cloud.info.geha.com/ Frame FBD2 0
0

GET
H/1.1 404
Not Found openseasonplanreminders Show response
cloud.info.geha.com/ Frame 1357 1 KB
1 KB 1141ms
167ms Document
text/html 13.111.118.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.info.geha.com/openseasonplanreminders
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.118.55 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.info.geha.com
Software: /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Connection: close
Content-Length: 1245
Content-Type: text/html
Date: Fri, 07 Jun 2024 10:23:02 GMT
X-Cache-Status: STORED

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 195ms
107ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:34:21 GMT
x-content-type-options: nosniff
age: 17320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 05:34:21 GMT

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 14 KB
14 KB 106ms
104ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-0.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:16 GMT
server: cloudflare
age: 5673992
etag: "660c2974-3914"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca4ca1d6977-FRA
content-length: 14612

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 14 KB
14 KB 63ms
61ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-12.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:22 GMT
server: cloudflare
age: 5673992
etag: "660c297a-3878"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca4ca226977-FRA
content-length: 14456

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 138ms
51ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 08:02:21 GMT
x-content-type-options: nosniff
age: 267640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 08:02:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:17:52 GMT
x-content-type-options: nosniff
age: 25509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 03:17:52 GMT

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 39 KB
39 KB 105ms
103ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-1.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
age: 5673992
etag: "660c2971-9d0c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca4ca266977-FRA
content-length: 40204

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 37 KB
37 KB 63ms
62ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-0.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:01 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
age: 5673992
etag: "660c2971-946c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88ffeca4ca2b6977-FRA
content-length: 37996

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 176ms
89ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 00:13:14 GMT
x-content-type-options: nosniff
age: 36587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 00:13:14 GMT

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
711 B 707ms
706ms XHR
application/json 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 10:23:02 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=297, origin; dur=361, ak_p; desc="1717755781903_34901589_134749965_65881_8449_44_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
707 B 211ms
210ms XHR
application/json 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=dentalRecommendation&PersonalizedInfoId=dentalRecommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 10:23:02 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=67, ak_p; desc="1717755782613_34901589_134750715_16296_8822_43_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK draft Show response
cloud.info.geha.com/ Frame FBD2 13 KB
3 KB 681ms
383ms Document
text/html 13.111.118.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.info.geha.com/draft?utm_source=S24WTE0GINAP&utm_campaign=Partnerships%20-%2024%20-%20Brand%20Awareness%20-%20Email%20-%20NFL%20Draft%20Giveaway%20-%20Prospects%20-%20National_S24WTE0GINAP&utm_medium=Email
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.118.55 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.info.geha.com
Software: /
Resource Hash: e3dd8f33992c58515312dbc2abd8620d0cca4e04f5a90e69f4dbfe7952dd771a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Length: 2866
Content-Type: text/html; charset=utf-8
Date: Fri, 07 Jun 2024 10:23:03 GMT
Expires: -1
Pragma: no-cache

GET
H2 200 web-version.min.js Show response
d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/ 1 KB
2 KB 242ms
152ms Script
application/javascript 2600:9000:235a:4c00:3:35f2:c540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/web-version.min.js
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:4c00:3:35f2:c540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8339750b4cf72003f5f74e7f645b822a44345c58d724e7e0c321daec71f31c68

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:04 GMT
via: 1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 18:21:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
etag: "72ffd03ca7a925392eb79f7d45faa457"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1242
x-amz-cf-id: yCxRPtBzRWOZg2QoQk4d4qpYZGYyiI2vbqV4ni_wa7k2fO61EUA2Fg==

POST
H3 201 events Show response
api-engage-us.sitecorecloud.io/v1.2/ 124 B
264 B 149ms
149ms Fetch
application/json 172.64.145.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/events
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.145.73 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c614a17937455152c1cb92c54268b088373065a0ab4a2bca3006df0a469c36

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/
X-Library-Version: 1.3.0
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 88ffecac3e886a78-TXL
content-length: 124
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 events
api-engage-us.sitecorecloud.io/v1.2/ Frame 0
0 157ms
157ms Preflight
text/plain 172.64.145.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.145.73 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-library-version
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version,X-Client-Software-ID
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: POST,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88ffecab3cdf6a78-TXL
content-length: 13
content-type: text/plain
date: Fri, 07 Jun 2024 10:23:03 GMT
server: cloudflare
x-robots-tag: noindex

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
709 B 209ms
208ms XHR
application/json 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 10:23:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=63, ak_p; desc="1717755782929_34901589_134750959_15960_8437_42_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 781 B
945 B 173ms
77ms XHR
application/json 2a02:26f0:7100:594::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=7JTKV-XPJV9-YRVS3-M2J45-ZYZNN&d=www.geha.com&t=5725853&v=1.632.0&sl=0&si=54urylpa26n-sepgue&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=624528
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:594::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d6c7aab5e99b28d0949210066e12f129a32d7757d262d60617e8b96112afdbe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 07 Jun 2024 10:23:03 GMT
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 781
content-type: application/json

GET
H2 200 web-lib.min.js Show response
d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/ 127 KB
31 KB 45ms
45ms Script
application/javascript 2600:9000:235a:4c00:3:35f2:c540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/web-lib.min.js
Requested by: Host: d35vb5cccm4xzp.cloudfront.net
URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/web-version.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:4c00:3:35f2:c540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ae91a1dbaa74648b3a37a89b46257eebe9203f54ad4896f69a92f671c59b8d5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 Nov 2023 12:12:55 GMT
content-encoding: br
via: 1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 18:21:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 17532609
etag: W/"c2569cbe88bd4366de67e5ef15480614"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: aPlXq1yH1Ks8WfyiqXwb_Rp_rQXvMTkZJnRX6O-C0FLx5zhovcjaNw==

POST
H3 200 getBucket Show response
api-engage-us.sitecorecloud.io/v2/ 63 B
265 B 161ms
160ms Fetch
application/json 172.64.145.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v2/getBucket
Requested by: Host: d35vb5cccm4xzp.cloudfront.net
URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/web-lib.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.145.73 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d8f4a9b72e0ced76a0e65ce805ec1c48cff417768a31916609d2343b8b75ce6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 10:23:03 GMT
x-correlation-id: 3d75cfd7-00d4-462d-808c-5e741804c5a6
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 88ffecae1a076a78-TXL
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 getBucket
api-engage-us.sitecorecloud.io/v2/ Frame 0
0 151ms
150ms Preflight
text/plain 172.64.145.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v2/getBucket
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.145.73 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version
access-control-allow-methods: HEAD,GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1800
allow: POST,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88ffecad28336a78-TXL
content-length: 13
content-type: text/plain
date: Fri, 07 Jun 2024 10:23:03 GMT
server: cloudflare
x-correlation-id: b3973278-e36c-4d84-8756-baa21aeb4c59
x-robots-tag: noindex

GET
H2 200 favicon.ico
www.geha.com/~/media93/Files/ 3 KB
3 KB 48ms
48ms Other
image/x-icon 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Files/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ec0bebf0577f413bd3cd829dc4880527f790f20f64620e1c03625feac77c8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:23:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 30 Jul 2021 18:25:22 GMT
etag: a4720147a38f42369ca54504a28cdeda
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: public, max-age=67670
content-disposition: inline; filename="favicon.ico"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717755783619_34901589_134751570_32_8576_41_0_219";dur=1
accept-ranges: bytes
content-length: 2967
x-xss-protection: 1; mode=block

POST
H2 204 /
684dd311.akstat.io/ 0
224 B 109ms
98ms Ping
image/gif 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd311.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 10:23:03 GMT
content-type: image/gif
access-control-allow-origin: https://www.geha.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Fri, 07 Jun 2024 10:23:03 GMT

GET
H/1.1

200
OK

results.txt Show response
kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p5tbsdww3
https://kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

696ms
234ms

XHR
text/plain

23.219.78.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 23.219.78.169 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-78-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 10:23:04 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Fri, 07 Jun 2024 10:23:04 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p5tbsdww3
https://fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

209ms
39ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 10:23:04 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Fri, 07 Jun 2024 10:23:03 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cloud.info.geha.com
URL: https://cloud.info.geha.com/draft

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geha.com/	1970-01-20 21:13:34	Name: utm Value: Partnerships - 24 - Brand Awareness - Email - NFL Draft Giveaway - Prospects - National_S24WTE0GINAP
.geha.com/	1969-12-31 23:59:59	Name: gw2_ck_1 Value: xlajkp2uepchpmc3s2xpox2z
.geha.com/	1970-01-21 06:45:15	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 2fa51a0fd4334ea6afbc2f4d4d05d5de\|False
.geha.com/	1969-12-31 23:59:59	Name: sxa_site Value: GEHA-CD
.geha.com/	1969-12-31 23:59:59	Name: BIGipServer~external~gehaweb-prd-pool Value: !8vqckevk6u1ITOzwVolwB7OgiPYfT5cd9gExEprmSCqOnaQY+lFaUS2x5Rb0tteOhcLv2vCSewhC6o16O6y23q1i5aVSeLBx32qBM0+O
.geha.com/	1970-01-20 21:09:22	Name: ak_bmsc Value: AE4B631327DFAD002117DB61A278B715~000000000000000000000000000000~YAAQVY4UAtR8z+ePAQAAzhs58hgwyLQS77O4enBqbiLQvJPkQ6Ow1MTu0OiPzMBZ9d0Q+2mPRL0bsZLeAzWA0f6XvCchmkYDMHQbw8VX1NDKFSgOu5BaKr/K5nLft4a0E6OYV/AqFp8Ozkd//vfdsFH2nLXSXGHUBKUE2kACWcSBTcYrgKCaHqaWBykLYiMjhQXKxsUkNeeaBBie3PBzWXP2NqemnzR2L1F30SSV3lE80Fld52XRkSBqFk0qYRxap/41XJfS4V1PzVdVIghduvFl7hF6Vw4Crufb3FMXMiYelepAen73qU0vAYOof7jAVwDx14CalCmjLDCSle4t1FYovyffqM1EXM/bf7z7OmaJVKXvnftEjwYzzx3oOpHJcTCk6w2SKlYFNs5jGYmT
.geha.com/	1970-01-20 21:19:20	Name: RT Value: "z=1&dm=geha.com&si=54urylpa26n&ss=lx4jfvuw&sl=0&tt=0"
.geha.com/	1970-01-21 05:54:51	Name: bid_b9c1f091c924864e2a26574bbef92243 Value: b8bed4f5-7dac-4a98-8c53-4db544f6f629
.geha.com/	1970-01-20 21:09:22	Name: bm_sv Value: 5FF2CBD8A4CE790A9EC7953CFA22BBD0~YAAQVY4UAuB8z+ePAQAAuSc58hg4Mjn/n8cRd3c6t+n2dxCDg53pfI3fVN2chihjLnHEkakKin0hxQVHJXvvB0FO7u1nXmiVva0xzR8k4ZizEMnWoOjX5PK4qZT57e6vQQ/xDQgZqslprdlGIUgKUyHvxITtkBjcFyPmuN59Gkn6YI5o8yxBSHzTo9OmZl3TCoNsVSeE7uxSYhOiznRGXJUhWHG9d1Jw7v+xgScVuHCYhRJua1dYwjXuajdyvQ==~1
www.geha.com/	1969-12-31 23:59:59	Name: bx_bucket_number Value: 53
www.geha.com/	1969-12-31 23:59:59	Name: bx_guest_ref Value: 70aa4c64-ad62-427b-9931-8f70d5d25dab

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloud.info.geha.com/openseasonplanreminders Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd311.akstat.io
api-engage-us.sitecorecloud.io
c.go-mpulse.net
click.info.geha.com
cloud.info.geha.com
d1mj578wat5n4o.cloudfront.net
d35vb5cccm4xzp.cloudfront.net
fiaqjiathaajekqce3ydkaaacztgfx4h-p5tbsd-097013c2b-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kd7qo2ix3nhksztc36ea-p5tbsd-7e85cf5cb-clientnsv4-s.akamaihd.net
kit.fontawesome.com
p.typekit.net
s.go-mpulse.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
use.typekit.net
www.geha.com
www.googletagmanager.com
cloud.info.geha.com
13.111.100.248
13.111.118.55
172.64.145.73
18.66.92.121
23.219.78.169
2600:9000:235a:4c00:3:35f2:c540:21
2606:4700:4400::6812:2844
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2008
2a02:26f0:1700:38a::11a6
2a02:26f0:3100::1735:2823
2a02:26f0:3100::1735:2828
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:7100:594::11a6
2a02:26f0:ab00::214:8e59
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b
0ec0bebf0577f413bd3cd829dc4880527f790f20f64620e1c03625feac77c8de
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71
166b640351aa645b6af02b1013bc7fbead2822e44d773deba0b35f4053d0e94a
193c82f86ded257bf4e8f5e3fc3db07de1dd5806e147788b11b10e627a15e5c3
19c614a17937455152c1cb92c54268b088373065a0ab4a2bca3006df0a469c36
1a4bf8a4ca374508387fc27de382cbbe01a6ace9f7bb3c1618884b7b86dd6c60
1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593
277b8bd1952e82623693dc9123e1c2186cf0ac9436d4059dffe4ad732d2da5a3
286dc7cf3eb0c6c06c2fb54d779f82bf342bbf766861f7aba001408bcb391828
2d8f4a9b72e0ced76a0e65ce805ec1c48cff417768a31916609d2343b8b75ce6
3487c89cbf4176ba31dee9f3fb221bab9b05753f689e372d9c03e71c78b8e3c1
36cbe98f9a9327afce4c79a1c0a9d43e076d3b2ae36e68f7c40b7cbc41d95931
416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c
427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f
43bf46697a74707dd319e2549eb7e7ad414d629c257da2dfc02e082a7a7290c7
4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56
4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d
4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385
4e43974dcd89e9262d9c19ddfc9ce50400414c01abbe784eebf8e8d785503d64
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13
5d6c7aab5e99b28d0949210066e12f129a32d7757d262d60617e8b96112afdbe
5fd7281dafc44afbbb34847a7c8dfff204d017418103d96eb401ade5c1f6012c
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b
7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e
71e970680812d5265281f05a10ae287a5739c582d03a027ef3b3f2e02166ec21
7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
7ae91a1dbaa74648b3a37a89b46257eebe9203f54ad4896f69a92f671c59b8d5
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
8339750b4cf72003f5f74e7f645b822a44345c58d724e7e0c321daec71f31c68
8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109
91885b79eafb9db3b3b6bccd7d3927f3cea7bc0a006fe3a6b625787d413fc412
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91af8f8604e6cbcb00a3ff4056f9fce3090c1ffca25400650895832c03b34ac5
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f
a5d59965fc50d217015f96f657880ade0fcbc85b9cc15b5fc20f097a25be9a63
b65ecc819f4b7a1056b90009ae39134cd681a53a70c845104ec132820a37630b
babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf99991359fbb6e575a809280eb26d7f2408710608ccb222788324c6c1ac753f
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dd8f33992c58515312dbc2abd8620d0cca4e04f5a90e69f4dbfe7952dd771a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02
faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318
fb231dde22d915813f655f0681cf909eac5e7727f05a763afe31e2c281dd93e7
fb56f17a4fe738143ac04ca01897e7ae5980eab0a5aaf0ebad8c6a2d09e39d90
fb951962e4ba322ebae3e477d109486e6a0010e2ed20266bbe579e2e6c6f27d6

www.geha.com Open in urlscan Pro 2a02:26f0:ab00::214:8e59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

96 %HTTPS

71 %IPv6

11 Domains

20 Subdomains

16 IPs

2 Countries

1371 kBTransfer

5892 kBSize

11 Cookies

7 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e59 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

96 %
HTTPS

71 %
IPv6

11
Domains

20
Subdomains

16
IPs

2
Countries

1371 kB
Transfer

5892 kB
Size

11
Cookies

69 HTTP transactions
0 data transactions