www.geha.com Open in urlscan Pro
2a02:26f0:4700::17d4:6ed2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.geha.com//enrollment
Effective URL:
https://www.geha.com//enrollment
Submission: On September 19 via api (September 19th 2024, 5:21:47 am UTC) from US — Scanned from DE

Summary HTTP 114 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 18 domains to perform 114 HTTP transactions. The main IP is 2a02:26f0:4700::17d4:6ed2, located in Prague, Czech Republic and belongs to AKAMAI-ASN1, NL. The main domain is www.geha.com. The Cisco Umbrella rank of the primary domain is 274055.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 29th 2024. Valid for: a year.

This is the only time www.geha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2a02:26f0:470... 2a02:26f0:4700::17d4:6ed2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::210:a419	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	13.33.216.185 13.33.216.185	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:e30... 2a02:26f0:e300:186::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.111.118.55 13.111.118.55	14340 (SALESFORCE) (SALESFORCE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700:440... 2606:4700:4400::6812:2ab7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.150.82 3.160.150.82	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:3768	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
4	65.9.66.85 65.9.66.85	16509 (AMAZON-02) (AMAZON-02)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:470... 2a02:26f0:4700:298::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.209.42.199 52.209.42.199	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:235... 2600:9000:235a:1800:3:35f2:c540:21	16509 (AMAZON-02) (AMAZON-02)
12	13.32.121.13 13.32.121.13	16509 (AMAZON-02) (AMAZON-02)
1	18.173.205.17 18.173.205.17	16509 (AMAZON-02) (AMAZON-02)
1 1	193.108.153.12 193.108.153.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	193.108.153.20 193.108.153.20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:7... 2600:1901:0:7628::	15169 (GOOGLE) (GOOGLE)
1	95.101.149.99 95.101.149.99	16625 (AKAMAI-AS) (AKAMAI-AS)
114	26

29 2a02:26f0:4700::17d4:6ed2 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

www.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a419 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.216.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-216-185.fra60.r.cloudfront.net

d1mj578wat5n4o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:e300:186::11a6 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd325.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.111.118.55 (United States)

ASN14340 (SALESFORCE, US)
PTR: cloud.info.geha.com

cloud.info.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:2ab7 (United States)

ASN13335 (CLOUDFLARENET, US)

api-engage-us.sitecorecloud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-82.fra60.r.cloudfront.net

freshpaint-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-85.fra56.r.cloudfront.net

perfalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:4700:298::11a6 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.42.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-42-199.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:235a:1800:3:35f2:c540:21 (United States)

ASN16509 (AMAZON-02, US)

d35vb5cccm4xzp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.32.121.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-13.fra60.r.cloudfront.net

api.perfalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-17.fra56.r.cloudfront.net

freshpaint-impression.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.12 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-12.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-20.deploy.static.akamaitechnologies.com

fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-99.deploy.static.akamaitechnologies.com

pdx1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	geha.com www.geha.com — Cisco Umbrella Rank: 274055 cloud.info.geha.com — Cisco Umbrella Rank: 469268	744 KB
16	perfalytics.com perfalytics.com — Cisco Umbrella Rank: 17811 api.perfalytics.com — Cisco Umbrella Rank: 18481	145 KB
16	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1900 ka-p.fontawesome.com — Cisco Umbrella Rank: 3287	323 KB
12	qualtrics.com zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com — Cisco Umbrella Rank: 298835 siteintercept.qualtrics.com — Cisco Umbrella Rank: 973 pdx1.qualtrics.com — Cisco Umbrella Rank: 9616	75 KB
6	sitecorecloud.io api-engage-us.sitecorecloud.io — Cisco Umbrella Rank: 57660	964 B
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	9 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 959 tr6.snapchat.com — Cisco Umbrella Rank: 1352	621 B
5	gstatic.com fonts.gstatic.com	117 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2954 fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2956 eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net	1 KB
4	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6494 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 6081	6 KB
3	cloudfront.net d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net	85 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1631 c.go-mpulse.net — Cisco Umbrella Rank: 775	51 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 462 p.typekit.net — Cisco Umbrella Rank: 578	1 KB
1	freshpaint-impression.com freshpaint-impression.com — Cisco Umbrella Rank: 43382	404 B
1	akstat.io 684dd325.akstat.io — Cisco Umbrella Rank: 90943	224 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1113	23 KB
1	freshpaint-cdn.com freshpaint-cdn.com — Cisco Umbrella Rank: 56491	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	109 KB
114	18

	Domain	Requested by
29	www.geha.com	www.geha.com
13	ka-p.fontawesome.com	kit.fontawesome.com www.geha.com
12	api.perfalytics.com	perfalytics.com
10	siteintercept.qualtrics.com	zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com
6	api-engage-us.sitecorecloud.io	d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net
6	fonts.googleapis.com	www.geha.com
5	fonts.gstatic.com	fonts.googleapis.com
4	tr.snapchat.com	sc-static.net
4	perfalytics.com	freshpaint-cdn.com www.googletagmanager.com perfalytics.com
3	kit.fontawesome.com	www.geha.com kit.fontawesome.com
2	d35vb5cccm4xzp.cloudfront.net	d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net
2	rum-collector-2.pingdom.net	rum-static.pingdom.net
2	rum-static.pingdom.net	www.googletagmanager.com
1	pdx1.qualtrics.com
1	tr6.snapchat.com	sc-static.net
1	eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	freshpaint-impression.com	perfalytics.com
1	684dd325.akstat.io	s.go-mpulse.net
1	zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	www.geha.com
1	c.go-mpulse.net	s.go-mpulse.net
1	sc-static.net	www.geha.com
1	freshpaint-cdn.com	www.googletagmanager.com
1	cloud.info.geha.com	www.geha.com
1	s.go-mpulse.net	www.geha.com
1	d1mj578wat5n4o.cloudfront.net	www.geha.com
1	www.googletagmanager.com	www.geha.com
1	p.typekit.net	use.typekit.net
1	use.typekit.net	www.geha.com
114	31

This site contains links to these domains. Also see Links.

Domain
calendly.com
member-portal.geha.com
www.opm.gov
www.employeeexpress.gov
retireefehb.opm.gov
www.gehadentaldiscount.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-29` - `2025-09-22`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
cloud.info.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-12-03`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
sitecorecloud.io WE1	`2024-08-17` - `2024-11-15`	3 months	crt.sh
freshpaint-cdn.com Amazon RSA 2048 M02	`2023-12-13` - `2025-01-10`	a year	crt.sh
pingdom.net WE1	`2024-09-12` - `2024-12-12`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
perfalytics.com Amazon RSA 2048 M02	`2024-07-12` - `2025-08-09`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh
*.perfalytics.com Amazon RSA 2048 M03	`2024-07-12` - `2025-08-09`	a year	crt.sh
freshpaint-impression.com Amazon ECDSA 256 M02	`2024-04-01` - `2025-04-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.geha.com//enrollment
Frame ID: 0D8ADD9C43C8C2FC6BC000E9F61F42B9
Requests: 103 HTTP requests in this frame

Frame: https://cloud.info.geha.com/openseasonplanreminders
Frame ID: 81D074D4EFA418024EEE4435DD4CC15F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=29a50b68-d5e7-4019-8575-7fea0adbb21f&u_scsid=abe21576-3f0c-4087-a1d5-8728596a25a8&u_sclid=6a8c3cbb-c6fb-443d-a95c-085a5dfea42e
Frame ID: 513F4C4D24A53A7C6DA81E47F83EA59E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How to enroll in a GEHA medical plan | GEHA

Page URL History Show full URLs

http://www.geha.com//enrollment HTTP 307
https://www.geha.com//enrollment Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

114
Requests

98 %
HTTPS

52 %
IPv6

18
Domains

31
Subdomains

26
IPs

5
Countries

1695 kB
Transfer

7860 kB
Size

16
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://calendly.com/d/3s7-qqm-xsd
Title: Schedule a Benefits Session

Search URL Search Domain Scan URL

URL: https://member-portal.geha.com/login
Title: Member

Search URL Search Domain Scan URL

URL: https://www.opm.gov/healthcare-insurance/healthcare/plan-information/enroll/#Employees
Title: Learn more at opm.gov

Search URL Search Domain Scan URL

URL: https://www.opm.gov/healthcare-insurance/healthcare/plan-information/department-of-defense-employees/
Title: DoD Automated Systems

Search URL Search Domain Scan URL

URL: https://www.opm.gov/healthcare-insurance/healthcare/plan-information/doe-automated-systems/
Title: DoE Automated Systems

Search URL Search Domain Scan URL

URL: https://www.opm.gov/healthcare-insurance/healthcare/plan-information/enroll-using-mypay/
Title: My Pay

Search URL Search Domain Scan URL

URL: https://www.opm.gov/healthcare-insurance/healthcare/plan-information/national-finance-center-employee-personal/
Title: Employee Personal Page

Search URL Search Domain Scan URL

URL: https://www.opm.gov/healthcare-insurance/healthcare/plan-information/how-to-use-postalease/
Title: Postal Ease

Search URL Search Domain Scan URL

URL: http://www.employeeexpress.gov/AgencyList.aspx
Title: Employee Express

Search URL Search Domain Scan URL

URL: https://retireefehb.opm.gov/
Title: RetireeFEHB.opm.gov

Search URL Search Domain Scan URL

URL: https://www.opm.gov/healthcare-insurance/healthcare/plan-information/enroll/#annuitants
Title: Mailing Details

Search URL Search Domain Scan URL

URL: https://www.opm.gov/healthcare-insurance/tribal-employers/health-insurance/
Title: Tribal Employee Information

Search URL Search Domain Scan URL

URL: https://member-portal.geha.com/create-account
Title: Register now

Search URL Search Domain Scan URL

URL: https://www.gehadentaldiscount.com/
Title: Connection Dental Discount

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GEHAhealth

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gehahealth

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gehahealth

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gehahealth

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.geha.com//enrollment HTTP 307
https://www.geha.com//enrollment Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pd32o0psw HTTP 302
https://fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 102

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pd32o0psw HTTP 302
https://eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net/eum/results.txt

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request enrollment Show response
www.geha.com//
Redirect Chain

http://www.geha.com//enrollment
https://www.geha.com//enrollment

93 KB
18 KB

1429ms
1242ms

Document
text/html

2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

72f23e2362324b5f4dbdf3819dfef0c829eb1142a7a9a99e1cb977111351e54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 17371
content-type: text/html; charset=utf-8
date: Thu, 19 Sep 2024 05:21:41 GMT
expires: -1
pragma: no-cache
server-timing: cdn-cache; desc=MISS edge; dur=643 origin; dur=264 ak_p; desc="1726723299691_399797917_209522706_90796_15811_23_119_255";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 91359 0 pmb=mRUM,1
x-content-type-options: 'nosniff'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.geha.com//enrollment
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/ 29 KB
4 KB 46ms
44ms Stylesheet
text/css 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/optimized-min.css?t=20200827T195652Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: 71297b75a810417dbeaa71ed60eeb6e1
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301085_399797917_209524693_42_7588_22_0_255";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Thu, 27 Aug 2020 19:56:52 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.css"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=47470
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 3484
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/ 132 KB
22 KB 47ms
46ms Stylesheet
text/css 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/optimized-min.css?t=20221109T053533Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: cddcbd79bda84976b39a43a487bdbebf
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301086_399797917_209524694_132_7233_22_0_255";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 05:35:33 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.css"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=54162
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 22078
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/Main-Theme/styles/ 5 KB
2 KB 54ms
53ms Stylesheet
text/css 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Main-Theme/styles/optimized-min.css?t=20220715T021536Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: ffd03de852da41deb27b87223721ff9a
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301085_399797917_209524695_45_7550_22_0_255";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.css"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=47514
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 1636
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Styles/ 1 KB
967 B 106ms
105ms Stylesheet
text/css 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Styles/optimized-min.css?t=20220715T021623Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

286dc7cf3eb0c6c06c2fb54d779f82bf342bbf766861f7aba001408bcb391828

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: bb86af52b3144400b8d0333da683b1db
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301118_399797917_209524696_3409_7764_23_0_255";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Fri, 15 Jul 2022 02:16:23 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.css"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=41240
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 538
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/ 1 MB
156 KB 61ms
60ms Stylesheet
text/css 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240913T202137Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6a0f1dbe8152c495067a195c4302ebdc288d938ffad17a4fe1e0105e0e797b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=11205
content-encoding: gzip
etag: 486d0ddda53c4db0b25b47bb9d82b261
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301089_399797917_209524697_460_9428_22_0_255";dur=1
content-length: 158846
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Fri, 13 Sep 2024 20:21:37 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.css"
x-frame-options: SAMEORIGIN

GET
H2 200 57591c2ee3.js Show response
kit.fontawesome.com/ 13 KB
5 KB 479ms
455ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3.js
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8973a5593f85db36a2afa7ff9d145ec026b8bc31219e4273ad0c7af98c7e7969

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://www.geha.com/

Response headers

access-control-max-age: 3000
x-request-id: F_aKmFYA4tF_iUuiw8Xh
cache-control: max-age=60, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: REVALIDATED
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c572237c9a1925f-FRA
access-control-allow-origin: *
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/javascript
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 57591c2ee3.css
kit.fontawesome.com/ 399 B
511 B 166ms
142ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3.css
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d38da29826bf99b2fbd5650821c05cde1a223da8d6e67bb3a72366700cf5b9d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://www.geha.com/

Response headers

access-control-max-age: 3000
x-request-id: F--C6OBsgGHtvD4rM1uC
cache-control: max-age=300, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: REVALIDATED
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c572237c99f925f-FRA
access-control-allow-origin: *
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 geha.png
www.geha.com/~/media93/Project/GEHA/shared/ 9 KB
10 KB 55ms
54ms Image
image/png 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/shared/geha.png?h=135&w=550&la=en&hash=6A9419DEDA474BA8DF91728302A3ACB2

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3487c89cbf4176ba31dee9f3fb221bab9b05753f689e372d9c03e71c78b8e3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=9226
x-datastream-cache-status: 1
etag: cdfed84458664cc398ac12b335feb876
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301085_399797917_209524698_52_7527_22_0_182";dur=1
content-length: 9374
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: image/png
last-modified: Fri, 30 Jul 2021 17:58:46 GMT
content-disposition: inline; filename="geha.png"
x-frame-options: SAMEORIGIN

GET
H2 200 sync-white.png
www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/ 1 KB
2 KB 59ms
58ms Image
image/png 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/sync-white.png?h=100&w=100&la=en&hash=C6712D312DE8845AA701DE0C2EA114F6

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d4b3d2315e78acb68f4dbf097f9ed2d8c1d6733bf745c5c893c15e9a52c1320a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=40402
etag: eee39a29307b47acbeb278beb75a3ecc
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301085_399797917_209524699_63_7817_22_0_182";dur=1
content-length: 1202
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: image/png
last-modified: Wed, 16 Dec 2020 17:07:06 GMT
content-disposition: inline; filename="sync-white.png"
x-frame-options: SAMEORIGIN

GET
H2 200 which-plan_01.svg
www.geha.com//~/media93/Project/GEHA/GEHA/geha-svg-icons/ 1 KB
1 KB 143ms
142ms Image
image/svg+xml 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com//~/media93/Project/GEHA/GEHA/geha-svg-icons/which-plan_01.svg?h=80&hash=1528F3BD72518C98F9E436250860AF12

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf38dd7245e426d52544a5037e2bfeb452da37b75e7d075d62205cc38eb0cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=8247
content-encoding: gzip
etag: 4298dc4c2a7d4372adb6172c0dd3edf0
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=105, ak_p; desc="1726723301139_399797917_209524772_10623_10634_22_0_182";dur=1
content-length: 706
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Oct 2023 19:37:10 GMT
vary: Accept-Encoding
content-disposition: inline; filename="which-plan_01.svg"
x-frame-options: SAMEORIGIN

GET
H2 200 geha_ad-hoc-page_icons_watch-webinar.svg
www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/ 668 B
855 B 531ms
531ms Image
image/svg+xml 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/geha_ad-hoc-page_icons_watch-webinar.svg?la=en&hash=6FBD9CC3D99B93C9D3F17E4183478DAC

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

70102939d522ed5d709b30aa41e124938190434e62fba8387edb284257690768

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=8286
content-encoding: gzip
etag: 587556b8150b47cda4f68a216d84b00d
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=490, ak_p; desc="1726723301138_399797917_209524773_49005_9858_24_0_182";dur=1
content-length: 426
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Oct 2023 19:42:36 GMT
vary: Accept-Encoding
content-disposition: inline; filename="geha_ad-hoc-page_icons_watch-webinar.svg"
x-frame-options: SAMEORIGIN

GET
H2 200 geha_ad-hoc-page_icons_call.svg
www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/ 784 B
955 B 113ms
112ms Image
image/svg+xml 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/geha_ad-hoc-page_icons_call.svg?la=en&hash=27BBFF3FEB1DFAF048D3D473F6B7D804

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d775c0468071fed4c4faaf09ae24df269af5c5e3663632d6d8731254fbc1a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=86400
content-encoding: gzip
etag: a1d19170dcbb4db8982099f55dff92c9
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=80, ak_p; desc="1726723301282_399797917_209524963_7994_7963_22_0_182";dur=1
content-length: 532
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Oct 2023 21:38:11 GMT
vary: Accept-Encoding
content-disposition: inline; filename="geha_ad-hoc-page_icons_call.svg"
x-frame-options: SAMEORIGIN

GET
H2 200 geha_ad-hoc-page_icons_emial.svg
www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/ 789 B
919 B 43ms
42ms Image
image/svg+xml 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/geha_ad-hoc-page_icons_emial.svg?la=en&hash=5874FFD51E6C3DA1CD7251208C0CD32E

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f11aacd9a0e6e97168559f00a1afb79e1b3c940df5a935bfa10483c8d48c01c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=8182
content-encoding: gzip
etag: f6833efc7eb24a4bab384e4bf3e84366
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301787_399797917_209525627_346_7562_24_0_146";dur=1
content-length: 498
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Oct 2023 21:38:11 GMT
vary: Accept-Encoding
content-disposition: inline; filename="geha_ad-hoc-page_icons_emial.svg"
x-frame-options: SAMEORIGIN

GET
H2 200 geha_ad-hoc-page_icons_call.svg
www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/ 784 B
953 B 40ms
40ms Image
image/svg+xml 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/geha_ad-hoc-page_icons_call.svg?h=65&w=65&hash=F666E08BF5EE9BE6EF3664584AB54B80

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d775c0468071fed4c4faaf09ae24df269af5c5e3663632d6d8731254fbc1a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=8228
content-encoding: gzip
etag: a1d19170dcbb4db8982099f55dff92c9
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301831_399797917_209525740_224_10284_24_0_146";dur=1
content-length: 532
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Oct 2023 21:38:11 GMT
vary: Accept-Encoding
content-disposition: inline; filename="geha_ad-hoc-page_icons_call.svg"
x-frame-options: SAMEORIGIN

GET
H2 200 geha_ad-hoc-page_icons_emial.svg
www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/ 789 B
919 B 51ms
51ms Image
image/svg+xml 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/geha-svg-icons/geha_ad-hoc-page_icons_emial.svg?h=75&hash=CC378F7002C024242D33B05DD83C60CA

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f11aacd9a0e6e97168559f00a1afb79e1b3c940df5a935bfa10483c8d48c01c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=8185
content-encoding: gzip
etag: f6833efc7eb24a4bab384e4bf3e84366
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301848_399797917_209525768_368_8357_24_0_146";dur=1
content-length: 498
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Oct 2023 21:38:11 GMT
vary: Accept-Encoding
content-disposition: inline; filename="geha_ad-hoc-page_icons_emial.svg"
x-frame-options: SAMEORIGIN

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/ 1 MB
305 KB 35ms
35ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: 5f8a850d7d5d40faa8d832fe2c37e52d
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301397_399797917_209525103_46_10025_22_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 05:35:31 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=59323
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 312095
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/XA-API/Scripts/ 2 KB
1 KB 34ms
33ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/XA-API/Scripts/optimized-min.js?t=20220715T021536Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: c38298f3b90349549796d730a6e8ff40
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301474_399797917_209525211_33_8006_24_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=59261
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 855
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/ 3 KB
1 KB 36ms
35ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/optimized-min.js?t=20220715T021536Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: 574f88811b0947e08eb6c1deb05b1ab4
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301519_399797917_209525264_50_7550_24_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=24492
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 962
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/ 5 KB
2 KB 43ms
43ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/optimized-min.js?t=20220715T021537Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: 62f4e07c5ee3471187fee95f1034f7cb
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301560_399797917_209525329_707_10237_24_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Jul 2022 02:15:37 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=59351
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 1930
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Maps/Scripts/ 9 KB
3 KB 34ms
34ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Maps/Scripts/optimized-min.js?t=20220715T021537Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: 13b4e978e32648de9f455492b56e0de2
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301598_399797917_209525362_42_9289_24_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Jul 2022 02:15:37 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=59321
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 3035
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/ 76 KB
18 KB 44ms
44ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/optimized-min.js?t=20221028T013215Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

91af8f8604e6cbcb00a3ff4056f9fce3090c1ffca25400650895832c03b34ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: aeae65fdf10e405a819820b86851dd8d
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301645_399797917_209525430_507_8146_24_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 28 Oct 2022 01:32:15 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=59357
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 18181
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/ 52 KB
15 KB 32ms
32ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/optimized-min.js?t=20220715T021538Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: 5ca53ec515f5411bacbd3a615d251007
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301670_399797917_209525467_41_7700_23_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Jul 2022 02:15:38 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=59356
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 14937
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/ 19 B
475 B 33ms
32ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/optimized-min.js?t=20220715T021538Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: e8bf1b6ff51942bfac73dfb8ec9beddf
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301684_399797917_209525484_34_7728_23_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Jul 2022 02:15:38 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=29042
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 39
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Scripts/ 253 B
646 B 38ms
37ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Scripts/optimized-min.js?t=20220715T021621Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5fd7281dafc44afbbb34847a7c8dfff204d017418103d96eb401ade5c1f6012c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

content-encoding: gzip
etag: faf71ebe50fd45198d26fa25699a92d9
x-content-type-options: 'nosniff'
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301711_399797917_209525510_35_7983_23_0_182";dur=1
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Jul 2022 02:16:21 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=59257
x-datastream-cache-status: 1
accept-ranges: bytes
content-length: 210
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/ 535 KB
144 KB 46ms
45ms Script
application/x-javascript 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/optimized-min.js?t=20240913T191254Z

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dc4ac291a13ea9d3d18b1fba70728d8a971db831e1bc418af7d479eb0708f18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=6916
content-encoding: gzip
etag: 38bc2c2d32a544b490b485273f4834b4
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723301730_399797917_209525533_557_7321_23_0_182";dur=1
content-length: 146863
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/x-javascript
last-modified: Fri, 13 Sep 2024 19:12:54 GMT
vary: Accept-Encoding
content-disposition: inline; filename="optimized-min.js"
x-frame-options: SAMEORIGIN

GET
H2 200 vxe3lkg.css
use.typekit.net/ 7 KB
1 KB 553ms
508ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vxe3lkg.css

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240913T202137Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

91885b79eafb9db3b3b6bccd7d3927f3cea7bc0a006fe3a6b625787d413fc412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 972
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
1 KB 48ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240913T202137Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 05:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 04:28:00 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 77 KB
3 KB 61ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@500;600;700&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240913T202137Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

166b640351aa645b6af02b1013bc7fbead2822e44d773deba0b35f4053d0e94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 05:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 05:21:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 47ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:opsz,wght@6..12,400;6..12,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240913T202137Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a4bf8a4ca374508387fc27de382cbbe01a6ace9f7bb3c1618884b7b86dd6c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 05:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 05:21:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 81 KB
3 KB 63ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@500;600;700&family=Nunito+Sans:opsz,wght@6..12,500;6..12,700&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240913T202137Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5d59965fc50d217015f96f657880ade0fcbc85b9cc15b5fc20f097a25be9a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 05:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 05:21:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 3 KB
494 B 50ms
20ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240913T202137Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 05:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 05:21:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 8 KB
701 B 50ms
20ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400,600,700,800,900

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240913T202137Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43bf46697a74707dd319e2549eb7e7ad414d629c257da2dfc02e082a7a7290c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 05:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 05:21:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 90ms
22ms Stylesheet
text/css 2a02:26f0:780::210:a419
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vxe3lkg&ht=tk&f=24537.24538.24539.24540.24545.24546.24547.24548.24549.24552&a=90735096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vxe3lkg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a419 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "6649f74c-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 352 KB
109 KB 63ms
41ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a1b7193829adf389b43d0a940cce925bd6a330eec563f40d00095ac9968109d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 05:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 111471
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK sitecore-engage-v.1.3.0.min.js Show response
d1mj578wat5n4o.cloudfront.net/ 48 KB
49 KB 33ms
7ms Script
binary/octet-stream 13.33.216.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.216.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-216-185.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb56f17a4fe738143ac04ca01897e7ae5980eab0a5aaf0ebad8c6a2d09e39d90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

ETag: "f31e2f04c4696df590de7bcb24cebec2"
Age: 22937
Connection: keep-alive
Via: 1.1 133ff3be92540995db4a7234eada8b80.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 49153
X-Amz-Cf-Id: PgBQyL0Ltxq9mpqsIxB_uGtzl3kieU41DA3FYdbFl9EZ-2iAvmw63w==
Date: Wed, 18 Sep 2024 22:59:25 GMT
Content-Type: binary/octet-stream
Last-Modified: Wed, 10 May 2023 07:05:18 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 1 MB
180 KB 43ms
21ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-2cce4"
age: 2067347
cf-ray: 8c57223c8c68925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 183524
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 27 KB
4 KB 52ms
30ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-shims.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-10e7"
age: 5576561
cf-ray: 8c57223c8c66925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4327
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 50 KB
7 KB 42ms
20ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b8-1c1c"
age: 19483
cf-ray: 8c57223c8c64925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7196
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 7 KB
2 KB 52ms
30ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-6ca"
age: 5576561
cf-ray: 8c57223c8c69925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1738
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/57591c2ee3/93592551/ 0
135 B 27ms
26ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3/93592551/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

access-control-max-age: 3000
x-request-id: F7xlBcIjwYv1x4r5d89h
cf-cache-status: HIT
etag: 54af53b207eef226d6511e0a88e3038e
age: 16370268
access-control-allow-methods: GET, OPTIONS
date: Thu, 19 Sep 2024 05:21:41 GMT
content-type: text/css
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
cache-control: max-age=31556926, public, must-revalidate
cf-ray: 8c57223c6c50925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H2 200 pro.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 1 MB
57 B 86ms
25ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kit.fontawesome.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-2cce4"
age: 2069290
cf-ray: 8c57223ccec7973f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 183524
date: Thu, 19 Sep 2024 05:21:41 GMT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare
content-type: text/css

GET
H2 200 pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 27 KB
57 B 98ms
38ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-shims.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kit.fontawesome.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-10e7"
age: 5576561
cf-ray: 8c57223ccec9973f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4327
date: Thu, 19 Sep 2024 05:21:41 GMT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare
content-type: text/css

GET
H2 200 pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 50 KB
79 B 89ms
28ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kit.fontawesome.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b8-1c1c"
age: 1452503
cf-ray: 8c57223ccec5973f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7196
date: Thu, 19 Sep 2024 05:21:41 GMT
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare
content-type: text/css

GET
H2 200 pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.6.0/css/ 7 KB
211 B 87ms
27ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kit.fontawesome.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-6ca"
age: 5576560
cf-ray: 8c57223ccecb973f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1738
date: Thu, 19 Sep 2024 05:21:41 GMT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare
content-type: text/css

GET
H2 200 7JTKV-XPJV9-YRVS3-M2J45-ZYZNN Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 138ms
64ms Script
application/javascript 2a02:26f0:e300:186::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:186::11a6 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

cache-control: max-age=604800
timing-allow-origin: *
content-encoding: br
content-length: 51580
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 22 Jun 2024 13:12:41 GMT
vary: Accept-Encoding

GET
H/1.1 404
Not Found openseasonplanreminders Show response
cloud.info.geha.com/ Frame 81D0 1 KB
1 KB 637ms
181ms Document
text/html 13.111.118.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.info.geha.com/openseasonplanreminders
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.118.55 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.info.geha.com
Software: /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Connection: close
Content-Length: 1245
Content-Type: text/html
Date: Thu, 19 Sep 2024 05:21:41 GMT
X-Cache-Status: STORED

GET
H2 200 medical-enrollment.jpg
www.geha.com/~/media93/Project/GEHA/GEHA/internal-page-images/2024/ 26 KB
26 KB 562ms
561ms Image
image/jpeg 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/internal-page-images/2024/medical-enrollment.jpg

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a8adfc7e3ea1242af130314f1acb6adfdd9ed4ece01970eeddac8385d89bc228

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=8339
etag: b43fdd8231414a69853fb0d054c6af60
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=325, origin; dur=0, ak_p; desc="1726723302010_399797917_209525970_32492_8596_23_0_146";dur=1
content-length: 26553
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: image/jpeg
last-modified: Sat, 23 Sep 2023 00:49:12 GMT
content-disposition: inline; filename="medical-enrollment.jpg"
x-frame-options: SAMEORIGIN

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://fonts.googleapis.com/

Response headers

age: 148451
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 12:07:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 12:07:31 GMT
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30096
x-xss-protection: 0
server: sffe

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 14 KB
14 KB 19ms
17ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-regular-400-0.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70159909cf9a1df78dadf35e0bea44c9b8ab4bfa5b675ccdc28acfc5333151fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63a-38f4"
age: 5576560
cf-ray: 8c57223ddd15925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14580
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:10 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 15 KB
15 KB 23ms
22ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-12.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63f-3d88"
age: 1982182
cf-ray: 8c57223ddd16925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15752
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:15 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 44ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://fonts.googleapis.com/

Response headers

age: 149004
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 11:58:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 11:58:18 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 39ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://fonts.googleapis.com/

Response headers

age: 149449
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 11:50:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 11:50:53 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 42ms
18ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://fonts.googleapis.com/

Response headers

age: 149001
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 11:58:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 11:58:21 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://fonts.googleapis.com/

Response headers

age: 457785
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Sep 2025 22:11:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Sep 2024 22:11:57 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 40 KB
40 KB 25ms
24ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-1.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a0b817dfea4caab2f044f9f57fed96ce0445d197aad5683f8c2f737389e486

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a637-9e3c"
age: 5574519
cf-ray: 8c57223ddd17925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40508
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:07 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 37 KB
37 KB 20ms
19ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-0.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a637-9204"
age: 2067975
cf-ray: 8c57223ddd18925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37380
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:07 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-solid-900-16.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 18 KB
18 KB 22ms
21ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-16.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0165edaaa082a8854a37cc7aa117f1d80809437e41f6ca489f484bdf23e8d50b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.geha.com
Referer: https://www.geha.com/

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a63f-46f8"
age: 2051661
cf-ray: 8c57223ddd19925f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18168
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:15 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
709 B 216ms
216ms XHR
application/json 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geha.com//enrollment
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/json

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
x-content-type-options: 'nosniff'
expires: -1
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=74, ak_p; desc="1726723302099_399797917_209526095_18128_8812_24_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: application/json; charset=utf-8
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
707 B 196ms
196ms XHR
application/json 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=dentalRecommendation&PersonalizedInfoId=dentalRecommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geha.com//enrollment
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/json

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
x-content-type-options: 'nosniff'
expires: -1
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=57, ak_p; desc="1726723302323_399797917_209526460_16244_8963_24_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: application/json; charset=utf-8
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN

OPTIONS
H3 200 create.json
api-engage-us.sitecorecloud.io/v1.2/browser/ Frame 0
0 335ms
310ms Preflight
text/plain 2606:4700:4400::6812:2ab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-engage-us.sitecorecloud.io/v1.2/browser/create.json?client_key=b9c1f091c924864e2a26574bbef92243&message={}

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2ab7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-library-version
Access-Control-Request-Method: GET
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version,X-Client-Software-ID
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c5722411a054d6e-FRA
content-length: 24
content-type: text/plain
date: Thu, 19 Sep 2024 05:21:42 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-robots-tag: noindex

GET
H3 201 create.json Show response
api-engage-us.sitecorecloud.io/v1.2/browser/ 178 B
367 B 129ms
128ms Fetch
application/json 2606:4700:4400::6812:2ab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-engage-us.sitecorecloud.io/v1.2/browser/create.json?client_key=b9c1f091c924864e2a26574bbef92243&message={}

Requested by

Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2ab7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ab594336bf1a463dbb4f3efc585c7cd97b8c64c4de1a735f99ba55b72a5f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/
X-Library-Version: 1.3.0

Response headers

strict-transport-security: max-age=2592000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
cf-ray: 8c5722430bbc4d6e-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 178
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 freshpaint.js Show response
freshpaint-cdn.com/js/6424a885-8a84-4052-a1f3-0dae4f1ee50b/ 9 KB
3 KB 41ms
8ms Script
application/javascript 3.160.150.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freshpaint-cdn.com/js/6424a885-8a84-4052-a1f3-0dae4f1ee50b/freshpaint.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-82.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c77ae12b1162a8d7a5fc8141fe5ef5f890b0d8367955bd7694dcd53deb3835f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: br
etag: W/"2b7a6b08dad48a0639f56c811217e11a"
x-amz-version-id: Vzu5fiNKzMYj8eDhCMrTH1AzYenEHtFM
age: 19567
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: nmiwTm-Qbv0HyE5it01_kHaJ3G1-B7Si946TA7mVvkMb-aBADCT9qA==
date: Wed, 18 Sep 2024 23:55:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 16 Jul 2024 21:06:58 GMT
cache-control: no-cache
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pa-5b8e94d0cea07b0016000061.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 153ms
126ms Script
application/javascript 2606:4700:10::6816:3768
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5b8e94d0cea07b0016000061.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b635282e06504d447e9dd8fe4c90c5bd308a8ffdc2da080243d51a65df81bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"63490024-1852"
cf-ray: 8c57224149df905e-FRA
expires: Thu, 19 Sep 2024 05:26:42 GMT
access-control-allow-origin: *
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pa-555b6812abe53d462fed7a74.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 151ms
124ms Script
application/javascript 2606:4700:10::6816:3768
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-555b6812abe53d462fed7a74.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486cb6639529a37f8755f3fda22b724e26ea0cfca10de5bae934da56e2d6022c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"63490024-1852"
cf-ray: 8c57224149dd905e-FRA
expires: Thu, 19 Sep 2024 05:26:42 GMT
access-control-allow-origin: *
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 scevent.min.js Show response
sc-static.net/ 54 KB
23 KB 51ms
25ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.geha.com
URL: https://www.geha.com//enrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9bdf81bf0ffae2df5e65fbc07d2b3d49a323963ea44470492b4b02a232b8ee7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23393
x-amz-cf-id: HlppVAsQGJqGZZ54nqjGnVbNsmFwEn0H3aOymgrDhshKxqaEq3N1Lg==
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: FRA60-P3
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
710 B 228ms
227ms XHR
application/json 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geha.com//enrollment
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/json

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
x-content-type-options: 'nosniff'
expires: -1
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=64, ak_p; desc="1726723302624_399797917_209526939_18375_10570_23_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: application/json; charset=utf-8
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN

GET
H2 200 freshpaint.js Show response
perfalytics.com/static/js/ 132 KB
42 KB 33ms
7ms Script
application/javascript 65.9.66.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/freshpaint.js
Requested by: Host: freshpaint-cdn.com
URL: https://freshpaint-cdn.com/js/6424a885-8a84-4052-a1f3-0dae4f1ee50b/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46fd84c0e7470ced1baafe177bae2c8add08ec57bab37d6f42b366a98235f295

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-version-id: A_qLpEuV6KEAU1xdCjCxbuljLIzhMaSt
etag: W/"ac2d9c4f73a6f2f767893bb9c48c79fa"
age: 19103
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: eRzVrd5e2E40WQJ776ZbSzocsEy1cRWKyvtpWGk7UJl8m02AIGVanQ==
date: Thu, 19 Sep 2024 00:03:20 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Wed, 04 Sep 2024 18:02:44 GMT

GET
H2 200 freshpaint-gtm.js Show response
perfalytics.com/static/js/ 1 KB
982 B 37ms
13ms Script
application/javascript 65.9.66.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/freshpaint-gtm.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6061afe2f61cd705a9877ac4211e86ee6a5f23767a6908ecc261d6c32d054249

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-version-id: mYs2oaZ2uq.4IH5lkHOprZkHCT1P2x4R
etag: W/"2c6c0251a3654f54d0db8f38d52f8a06"
age: 19102
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: JRv_4gfgwjHVCPnno-0Nq22n6xi7KNj6Ao5y7wcjZicZqa7jwu477A==
date: Thu, 19 Sep 2024 00:03:21 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Wed, 04 Sep 2024 18:02:45 GMT

GET
H2 200 29a50b68-d5e7-4019-8575-7fea0adbb21f.json Show response
tr.snapchat.com/config/com/ 117 B
399 B 131ms
110ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/29a50b68-d5e7-4019-8575-7fea0adbb21f.json?v=3.28.2-2409172358

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.geha.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 92
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://www.geha.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 513F 0
0 35ms
17ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=29a50b68-d5e7-4019-8575-7fea0adbb21f&u_scsid=abe21576-3f0c-4087-a1d5-8728596a25a8&u_sclid=6a8c3cbb-c6fb-443d-a95c-085a5dfea42e

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 19 Sep 2024 05:21:42 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 781 B
945 B 156ms
99ms XHR
application/json 2a02:26f0:4700:298::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=7JTKV-XPJV9-YRVS3-M2J45-ZYZNN&d=www.geha.com&t=5755744&v=1.632.0&sl=0&si=fqox7uax3x5-sk1o86&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=624528
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:4700:298::11a6 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f303b092a93d6baf6ee475bbc579344f04200f349dd1d1d7a696be28158d3477

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
content-length: 781
alt-svc: h3=":443"; ma=93600
timing-allow-origin: *
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json

GET
H2 200 6424a885-8a84-4052-a1f3-0dae4f1ee50b Show response
perfalytics.com/event-definitions/ 40 KB
4 KB 190ms
176ms XHR
application/json 65.9.66.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/event-definitions/6424a885-8a84-4052-a1f3-0dae4f1ee50b
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66c8eafe62c19ebb3bec60794bcf315091f95cb5a4c7ab30bff6da9c8ba030be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: P.hLkSZum3SHW8GTQ5MJYuWBVlAwno6L
etag: W/"8f8b7cd4ff27d9479daeeb57624d497f"
access-control-allow-methods: GET
x-cache: RefreshHit from cloudfront
x-amz-cf-id: mUo0XELYQcMpwPWbwDmcwN0uRVGGqaEOAFfNaUa-cJJGei25iigq2Q==
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
last-modified: Mon, 16 Sep 2024 19:50:16 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=60,s-max-age=60
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
server: AmazonS3

GET
H2 200 / Show response
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 10 KB
5 KB 87ms
33ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1726723302905

Requested by

Host: www.geha.com
URL: https://www.geha.com//enrollment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2668f9f36d59bee39f87277a925a109da82d31bb6d36a6ec08515b7c11df1dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"26a8-Nw5iVu6hWzEEgcVLnCLJOPt4OlQ"
age: 33046
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:42 GMT
edge-control: max-age=604800
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722438c50670b-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 favicon.ico
www.geha.com/~/media93/Files/ 3 KB
3 KB 41ms
40ms Other
image/x-icon 2a02:26f0:4700::17d4:6ed2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Files/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700::17d4:6ed2 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ec0bebf0577f413bd3cd829dc4880527f790f20f64620e1c03625feac77c8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com//enrollment

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: public, max-age=54647
x-datastream-cache-status: 1
etag: a4720147a38f42369ca54504a28cdeda
x-content-type-options: 'nosniff'
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726723302930_399797917_209527519_239_10753_23_0_219";dur=1
content-length: 2967
x-xss-protection: 1; mode=block
date: Thu, 19 Sep 2024 05:21:42 GMT
content-type: image/x-icon
last-modified: Fri, 30 Jul 2021 18:25:22 GMT
content-disposition: inline; filename="favicon.ico"
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 139ms
31ms XHR
text/plain 52.209.42.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5b8e94d0cea07b0016000061&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=48&cE=191&dLE=48&dLS=3&fS=3&hS=71&rE=-1&rS=-1&reS=191&resS=1432&resE=1439&uEE=-1&uES=-1&dL=1453&dI=2977&dCLES=2977&dCLEE=2978&dC=3301&lES=3301&lEE=3303&s=nt&title=How%20to%20enroll%20in%20a%20GEHA%20medical%20plan%20%7C%20GEHA&path=https%3A%2F%2Fwww.geha.com%2F%2Fenrollment&ref=&sId=1ls8255h&sST=1726723302&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5b8e94d0cea07b0016000061.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.42.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-42-199.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

Expires: 0
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Thu, 19 Sep 2024 05:21:43 GMT
Pragma: no-cache
Connection: keep-alive

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 127ms
28ms XHR
text/plain 52.209.42.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=555b6812abe53d462fed7a74&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=48&cE=191&dLE=48&dLS=3&fS=3&hS=71&rE=-1&rS=-1&reS=191&resS=1432&resE=1439&uEE=-1&uES=-1&dL=1453&dI=2977&dCLES=2977&dCLEE=2978&dC=3301&lES=3301&lEE=3303&s=nt&title=How%20to%20enroll%20in%20a%20GEHA%20medical%20plan%20%7C%20GEHA&path=https%3A%2F%2Fwww.geha.com%2F%2Fenrollment&ref=&sId=1ls8255h&sST=1726723302&sIS=2&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-555b6812abe53d462fed7a74.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.42.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-42-199.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

Expires: 0
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Thu, 19 Sep 2024 05:21:43 GMT
Pragma: no-cache
Connection: keep-alive

GET
H2 200 12.0ce80e99217aaa963082.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 75 KB
21 KB 30ms
25ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1726723302905

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56023b60759e909c096e9ea4761cfcf56ad4bd5b4da4aa743fe01c235b3af4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12bf8-191e386ffa8"
age: 8250
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c572243dc89670b-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

OPTIONS
H3 200 events
api-engage-us.sitecorecloud.io/v1.2/ Frame 0
0 123ms
122ms Preflight
text/plain 2606:4700:4400::6812:2ab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-engage-us.sitecorecloud.io/v1.2/events

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2ab7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-library-version
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version,X-Client-Software-ID
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: POST,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c572243ec9e4d6e-FRA
content-length: 13
content-type: text/plain
date: Thu, 19 Sep 2024 05:21:43 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-robots-tag: noindex

GET
H2 200 web-version.min.js Show response
d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/ 1 KB
2 KB 146ms
123ms Script
application/javascript 2600:9000:235a:1800:3:35f2:c540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/web-version.min.js
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1800:3:35f2:c540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2af84b1dd864ab11bd66ed82a8a338a34ad078136753c1b51c1aeb46c018ddf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

x-amz-cf-pop: FRA60-P9
cache-control: no-cache, no-store
etag: "07489c84b9edf98b862b8569d833fc39"
via: 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1244
x-amz-cf-id: eQ9GAcobzzzpw_Pq5KztEBFMEnNcln73g35MNBk-v7nzjzpb5wl8ag==
date: Thu, 19 Sep 2024 05:21:44 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
server: AmazonS3
last-modified: Thu, 29 Aug 2024 20:10:38 GMT
x-amz-server-side-encryption: AES256

POST
H3 201 events Show response
api-engage-us.sitecorecloud.io/v1.2/ 124 B
298 B 128ms
127ms Fetch
application/json 2606:4700:4400::6812:2ab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-engage-us.sitecorecloud.io/v1.2/events

Requested by

Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2ab7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c25f56a0700e3bae5f6ff26255f5881317d99a9620e7f8f4d93a7852450b1dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

Referer: https://www.geha.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
X-Library-Version: 1.3.0

Response headers

strict-transport-security: max-age=2592000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
cf-ray: 8c572244adaf4d6e-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 124
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
vary: Origin
server: cloudflare

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 167ms
165ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_e9klljEUcZhtwjz&Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

932ad5bf32b2c79ed89f5d13800109b5e9f163bbca009b8430d3e2f6ed827c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: 7ce87e12dd249a98
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722440cb6670b-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://www.geha.com
server: cloudflare

POST
H2 204 /
684dd325.akstat.io/ 0
224 B 112ms
108ms Ping
image/gif 2a02:26f0:e300:186::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd325.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:186::11a6 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.geha.com/

Response headers

cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 05:21:43 GMT
access-control-allow-origin: https://www.geha.com
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: image/gif

POST
H3 200 p
tr.snapchat.com/ 0
15 B 28ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.geha.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.geha.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 05:21:43 GMT
server: API Gateway

GET
H2 200 integrations.js Show response
perfalytics.com/static/js/ 388 KB
94 KB 7ms
7ms Script
text/javascript 65.9.66.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/integrations.js
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18b6950257b6495aaa5ed01184ca60fa0ac0517c57fab17a395e2f2a657d1f0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-version-id: D3T66N57CN6GRwI0be1iEvorL7tjzSjq
etag: W/"8ed8eaba125f015032b22bded04b5d78"
age: 19102
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: a8F8f7c_zW5vXUyEe78WEgtpeuuUGo9NywMVRVk59ep0JDT4FNpNcQ==
date: Thu, 19 Sep 2024 00:03:22 GMT
content-type: text/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Thu, 21 Mar 2024 17:42:41 GMT

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 187ms
150ms Preflight
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Thu, 19 Sep 2024 05:21:43 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-apigw-id: eVk0LETIvHcEq8g=
x-amz-cf-id: f1Y9yPXiag9HzGzKYh2GwF0CUplwOBHGxbIQQdwBRz5Bk-q2fyMolw==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 6b73b0b6-e8d8-4686-b04a-5efe4809422b
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 185ms
151ms Preflight
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Thu, 19 Sep 2024 05:21:43 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-apigw-id: eVk0LHR2vHcEA9g=
x-amz-cf-id: JpBQ95rqyZycCyEQvRaXqTZ0TMv7Ou5QtN-Zq6_GbTrqYbkUyi8EIQ==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 0a297043-018c-4275-9b92-aaffdd069308
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 458ms
429ms Preflight
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Thu, 19 Sep 2024 05:21:43 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-apigw-id: eVk0OHcwPHcEZmQ=
x-amz-cf-id: M7BYbkh7gdT4EOVrd737QPv59OEwWtohbhJm04LGiwYf6cfxZiKr6g==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: c91d2e0d-5130-4392-8563-f3050b862322
x-cache: Miss from cloudfront

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
652 B 586ms
584ms XHR
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash: f257916a3cc3ca0e3093007943e38de052095ab6038a1a50cc61731171f5bc2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/

Response headers

x-amz-apigw-id: eVk0REdlvHcEq_w=
x-amzn-trace-id: Root=1-66ebb4e7-5b6fd9cc7206e16204404e6a
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: 1e23d8d6-99bb-48a7-a5c2-7d435c966301
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 133
x-amz-cf-id: AbczWYnVYHphC7tT-Bc3W6MWObdB2tLgJiraEyOq3Y1TPnC7PgwLXw==
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P1
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 beacon
freshpaint-impression.com/ 0
404 B 72ms
35ms Ping
text/plain 18.173.205.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freshpaint-impression.com/beacon?cke=1&env_id=6424a885-8a84-4052-a1f3-0dae4f1ee50b&fp_device_id=19208baa6d6898-09926161c68d91-1e462c6f-1d4c00-19208baa6d719cf
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-17.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

access-control-expose-headers: *
via: 1.1 b542963649ffc3f71c6540a2347be55a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: o2Qobbqh0pkSXifQKs6zX0umWvnLUDP4jWnNf96XB7msw1a2T6gSjA==
date: Thu, 19 Sep 2024 05:21:43 GMT
x-amz-cf-pop: FRA56-P12
server: CloudFront

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
653 B 573ms
572ms XHR
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash: 7277f149953248ced788854ee61c57fefea7400a163beab1137147610cb43a50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/

Response headers

x-amz-apigw-id: eVk0RGCkPHcEK5A=
x-amzn-trace-id: Root=1-66ebb4e7-3ec1cad07a69b6157ab6136d
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: 63aa0335-6b4a-44a0-9f7e-3b2be07bd36c
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 133
x-amz-cf-id: hJiobD-uWgnfkfmpHyZD69jiqiz3VykJ6ZxPv76aSdOY11FeZd-AfQ==
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P1
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
651 B 565ms
565ms XHR
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash: 619daea94fb618b5ee1c5e92737585de5e9a8006295d227dd62c433c0d143ada

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/

Response headers

x-amz-apigw-id: eVk0TGrIvHcEMnw=
x-amzn-trace-id: Root=1-66ebb4e8-64934ec56636b90246d63e5d
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: f1393850-837f-4ed6-ac5f-0a50cdc1c4a8
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 133
x-amz-cf-id: 1Zs3rpXwdows81wxv1gUueUVbj3TbtQlhesMfaE8-BtArxSiovbC1g==
date: Thu, 19 Sep 2024 05:21:44 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P1
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
651 B 579ms
578ms XHR
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash: 3f10c746ba32d25740e0ba4ebb8fd97538ad95ac7b208b52064c8fa57d0123c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/

Response headers

x-amz-apigw-id: eVk0RFSyPHcEjGA=
x-amzn-trace-id: Root=1-66ebb4e7-7c72e1910c25968b623b08a7
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: 2770ee83-5e66-43e8-8125-5db1929d77c7
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 133
x-amz-cf-id: StUDUdrGXiJ0vd5hdK0s7YUVScgaso1Z4CXHxUaDn9ki26wYn5_6-w==
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P1
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
652 B 439ms
438ms XHR
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash: ea3216eedc7f489eecb16a1692449af9f0ab95ee2ff9aff5e5ccc9c8ea2c2ae2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/

Response headers

x-amz-apigw-id: eVk0PHH6vHcEU9g=
x-amzn-trace-id: Root=1-66ebb4e7-087c30843c3b977e5d4cef18
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: d0aa152f-b60a-4384-80da-c4ffb5c9dff9
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 133
x-amz-cf-id: i3W3HhrUUoNs1WfK7iINcuCU-Z7A3A-CstKdnJml7bIMPaQVcHgzMg==
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P1
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
652 B 439ms
438ms XHR
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash: 9b1b47a7bc1a78ba85aec1dcad05ef3f77a74b80e443c70748358accc8f2561e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/

Response headers

x-amz-apigw-id: eVk0PHkmvHcETdg=
x-amzn-trace-id: Root=1-66ebb4e7-0490a7a82726582f4a2bb1e3
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: 51860b37-b80e-4c0a-b04e-414b8c092b03
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 133
x-amz-cf-id: nKofGgiZXDSX-5LWlA1-WtpKCdE41AY-IcqJbCN4g1ZGrYj6Zrzpbw==
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P1
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 180ms
153ms Preflight
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Thu, 19 Sep 2024 05:21:43 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-apigw-id: eVk0LFlSPHcEU7A=
x-amz-cf-id: KsohTbDkMBuXBvpZeOEOOetC0AbIiPfkBau_VWGk5kMvWmKa2zfUtQ==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 6ae7cb31-354f-4d99-8cea-80efd7a4a66b
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 177ms
152ms Preflight
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Thu, 19 Sep 2024 05:21:43 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-apigw-id: eVk0LGK8vHcEt_g=
x-amz-cf-id: FYhCgzgvZ02NeaxXmAsmwf3TUAVJiKcKk3I6Gi4AXy2fCmvyU_T9Tg==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 33b878e9-1a2b-4c76-9691-42095e5bdcc8
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 170ms
149ms Preflight
application/json 13.32.121.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-13.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Thu, 19 Sep 2024 05:21:43 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-apigw-id: eVk0LFP6PHcEUew=
x-amz-cf-id: SypEvbff_v3HiToY7W53xRnptaj7ega3d-6XqNH4q88G4msFgWla7w==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: c4eb15ce-2490-4c1b-8dcf-9ba9ab6964e3
x-cache: Miss from cloudfront

GET
H2 200 web-lib.min.js Show response
d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/12/ 128 KB
35 KB 7ms
7ms Script
application/javascript 2600:9000:235a:1800:3:35f2:c540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/12/web-lib.min.js
Requested by: Host: d35vb5cccm4xzp.cloudfront.net
URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/web-version.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1800:3:35f2:c540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21a3bc0cb8d61644fd61bfe5a48391e2b130ebed3657fc10595c1847ce83fea5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

x-amz-cf-pop: FRA60-P9
content-encoding: br
etag: W/"fd6a27c3cae88f3b85b799ccbe0198cc"
age: 1760727
via: 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: mikR0kbpTGhgBy76W1T4iB8aZmK6p7BF65KI5e3U19YOR4qOOspM6g==
date: Thu, 29 Aug 2024 20:16:17 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Thu, 29 Aug 2024 20:10:37 GMT
x-amz-server-side-encryption: AES256

OPTIONS
H3 200 getBucket
api-engage-us.sitecorecloud.io/v2/ Frame 0
0 302ms
302ms Preflight
text/plain 2606:4700:4400::6812:2ab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-engage-us.sitecorecloud.io/v2/getBucket

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2ab7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version
access-control-allow-methods: HEAD,GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1800
allow: POST,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c572244fdf04d6e-FRA
content-length: 13
content-type: text/plain
date: Thu, 19 Sep 2024 05:21:43 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-correlation-id: 05fa75b0-545b-4a19-9c0e-0860790ac6f7
x-robots-tag: noindex

POST
H3 200 getBucket Show response
api-engage-us.sitecorecloud.io/v2/ 63 B
299 B 451ms
451ms Fetch
application/json 2606:4700:4400::6812:2ab7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-engage-us.sitecorecloud.io/v2/getBucket

Requested by

Host: d35vb5cccm4xzp.cloudfront.net
URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/12/web-lib.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2ab7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3816ee8b3fe62d0d3101d8cc12ee3d75c73d6f954f69f2a42d545337d5a247cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains; preload
x-robots-tag: noindex
x-correlation-id: 8f471c6b-3e6d-4661-8950-40be0e057589
cf-cache-status: DYNAMIC
content-encoding: gzip
cf-ray: 8c572246df704d6e-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 26ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa575ea757c7d27e4c1ec33c28d8af39570e53d85a6cacf8d82de04aff8419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1977f-191e386ffa8"
age: 8255
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722451d85670b-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H/1.1

200
OK

results.txt Show response
fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pd32o0psw
https://fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

102ms
13ms

XHR
text/plain

193.108.153.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 193.108.153.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-20.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8
Date: Thu, 19 Sep 2024 05:21:43 GMT
Content-Type: text/plain
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage

Redirect headers

Access-Control-Allow-Origin: *
Location: https://fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net/eum/results.txt
Content-Length: 0
Date: Thu, 19 Sep 2024 05:21:43 GMT
Server: AkamaiGHost
Connection: keep-alive

GET
H/1.1

200
OK

results.txt Show response
eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pd32o0psw
https://eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

152ms
14ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8
Date: Thu, 19 Sep 2024 05:21:43 GMT
Content-Type: text/plain
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage

Redirect headers

Access-Control-Allow-Origin: *
Location: https://eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net/eum/results.txt
Content-Length: 0
Date: Thu, 19 Sep 2024 05:21:43 GMT
Server: AkamaiGHost
Connection: keep-alive

GET
H2 200 7.ceffb52fd15d9edebb86.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 28ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.ceffb52fd15d9edebb86.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1726723302905

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de113b3a951c8f72e2cae5bcb5ce482ffa79b53ac353deae859d9620ef01bd43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b55-191e386ffa8"
age: 8255
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722455db5670b-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1.560a1707e927ff25da07.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 41ms
40ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.560a1707e927ff25da07.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1726723302905

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d236439dd0ef488fe4ae5f8ec3e9cfd8c43506f0505678342787250d441ef22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"7421-191e386ffa8"
age: 8212
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722455db7670b-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
2 KB 30ms
29ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e74809dede6d1ea36eacaec76d20818679ef70e85efe8aa737fe8a6cc549cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"dd9-191e386ffa8"
age: 599142
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722455db8670b-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 EmbeddedTargetModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 8 KB
3 KB 28ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8691d8e914a767c49775c8974ecdc2eeed548f0e0b458ae7d871d39ce42e8ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2111-191e386ffa8"
age: 4514
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722455dba670b-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 26 KB
2 KB 60ms
26ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_235GQw7FfA9GcHH&Version=41&Q_ORIGIN=https://www.geha.com&Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BrandTier=RQqcwhV2J1&Q_ARCACHEVERSION=21&Q_BRANDDC=pdx1

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea428556379ab0d653def44e853bdd54c80512f34d8917c6458d2514f3c4818c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

x-request-id: 69adecbf-fcb3-4b18-88a2-c7ef0d97cbac
x-transaction-id: 282c88a6-6556-471f-9356-d0261f429477
content-encoding: gzip
cf-cache-status: HIT
etag: W/"692b-jvVhHw1UlmGCUw69Bc2m1ETMV+c"
age: 286331
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722458aff6694-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 325 B
392 B 63ms
30ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9ALP9yWEj1lFJyJ&Version=4&Q_InterceptID=SI_235GQw7FfA9GcHH&Q_ORIGIN=https://www.geha.com&Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BrandTier=RQqcwhV2J1&Q_ARCACHEVERSION=21&Q_BRANDDC=pdx1

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be212d0bf9b30c3b1e7189850564d56bdaaa05d6991280ad4e1fbe3f82209cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

x-request-id: 84c027d7-050d-4bc1-9308-803e6b88e927
x-transaction-id: 9ab06581-c387-4bd5-9bab-0074878a3230
content-encoding: br
cf-cache-status: HIT
etag: W/"145-Q8Qr68WKRljbpcKUjFUxSsSoECE"
age: 70215
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 05:21:43 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5722458b006694-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

POST
H2 200 p
tr6.snapchat.com/ 0
192 B 41ms
18ms Ping
text/plain 2600:1901:0:7628::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.geha.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 05:21:43 GMT
x-envoy-upstream-service-time: 0
server: API Gateway

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
225 B 115ms
115ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9ALP9yWEj1lFJyJ&Q_SIID=SI_235GQw7FfA9GcHH&Q_ASID=AS_59028053&Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&r=1726723303311

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.geha.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
trace-id: 703b93590340e01a
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c572245cb386694-AMS
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://www.geha.com
date: Thu, 19 Sep 2024 05:21:43 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report

GET
H2 200 Graphic.php
pdx1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 243ms
213ms Image
image/png 95.101.149.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pdx1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_elF0WfBnxSXZgMt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.149.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-149-99.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.geha.com/

Response headers

x-robots-tag: noindex
x-request-id: 2adb507b-0aa7-45e1-b30f-16dfaf0ed8d6
x-transaction-id: 4a5e80e6-46b4-4f6f-819f-4cdd14f6e10e
etag: "be2052dd6274e8cbe6a39a1838288fcf"
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 05:22:39 GMT
date: Thu, 19 Sep 2024 05:21:43 GMT
content-disposition: inline; filename=Feedback_Darker_Smaller.png
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=56
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
content-length: 1825

POST
H3 200 p
tr.snapchat.com/ 0
15 B 19ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.geha.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.geha.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 05:21:43 GMT
server: API Gateway

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 23:40:09	Name: X-AB Value: fac5ecc1f9ad4f1cabf1ec2085b2d197
.geha.com/	1969-12-31 23:59:59	Name: sxa_site Value: GEHA-CD
.geha.com/	1969-12-31 23:59:59	Name: BIGipServer~external~gehaweb-prd-pool Value: !6Ahjd1meD9dTuGjwVolwB7OgiPYfT4+shd7uPRw/sxXWonx6Ye19uVisPfFCCH0hPN0ICcZwQ4lVK908xGXwl/jh30FxDFqWfzC5tfTu
.geha.com/	1970-01-20 23:38:50	Name: ak_bmsc Value: 7049E1BF257B2F9B8851EAEE51C84957~000000000000000000000000000000~YAAQnW7UFz0d8P+RAQAAoJ66CBnJj/AgHpLLAJRjzPAmPXHwoJ3TCMwh7XC+VL37loEz+MuNEA/7xjWNHqVr1iLJWTup0Lhh2WkYvsVAgilsIQf0E+7wqtO4E0nvPTOl/yzq3+lbwL6pgZuq1bwc7IaKTL59WLYSFugJ3lxf5WIctWp0FEemGUXUSrOvXtORgAJYQXjAMcYYXV3Ftj6uHVe76fbHl5ZF9t83Ds7U+N315KqkmYSqurwPqfk9GN29rKKRcBdROm1bqr3RWMnBg5A/o6vJeWGbOEzUqGHkFmnXoPc10P12eM95dv/CPPWZcWaRTphEwGXEwBGYxGfa71XNAlCyqGgY470YVABNE6EmQgQegvfhaCnAP1YX0cM3VemBlHT4NBLRHFvgRDny5e4rUP6V79A2w0j5LQxH
.geha.com/	1970-01-21 01:48:19	Name: _gcl_au Value: 1.1.2111031314.1726723303
.geha.com/	1970-01-20 23:38:50	Name: bm_sv Value: 1648FAA8DCF02B6770DF2F4163426AE2~YAAQnW7UF1cd8P+RAQAAnKW6CBlQDcqIxajsjDN6ABhUFAI37gU1Ji/EJjnDhGqjHk+PquyCvtGOTCsDtANaGALmTh15C9mz4k6bhMjPGrpiclcz2g3Rpz6TxVql32MmHiZhnYkRq4XE7TniK395d7YR3uOyJ9l3LocZ/r8VWehanXOe4WHwqkOCrp3js7hcaEUMjEGMUNgUQ0ybdMNrgBExXaOKv8+8vAz6YIhGUZ6itK2bxQb7KIxvZjICiA==~1
.geha.com/	1970-01-20 23:48:48	Name: RT Value: "z=1&dm=geha.com&si=fqox7uax3x5&ss=m18ugysu&sl=0&tt=0"
.geha.com/	1970-01-21 09:08:30	Name: _scid Value: X2Xlq9UCG5VpYxKvoNK7BWF6oSXq-gPF
.geha.com/	1970-01-21 09:08:30	Name: _scid_r Value: X2Xlq9UCG5VpYxKvoNK7BWF6oSXq-gPF
.geha.com/	1970-01-20 23:48:48	Name: _ScCbts Value: %5B%5D
.geha.com/	1970-01-21 08:24:19	Name: bid_b9c1f091c924864e2a26574bbef92243 Value: 9d538c16-2a43-438b-bd1b-3a1427aa7dd8
.geha.com/	1970-01-21 08:24:19	Name: ajs_anonymous_id Value: %2219208baa6d6898-09926161c68d91-1e462c6f-1d4c00-19208baa6d719cf%22
.geha.com/	1970-01-21 08:24:19	Name: mp_6424a885-8a84-4052-a1f3-0dae4f1ee50b_perfalytics Value: %7B%22distinct_id%22%3A%20%2219208baa6d6898-09926161c68d91-1e462c6f-1d4c00-19208baa6d719cf%22%2C%22%24device_id%22%3A%20%2219208baa6d6898-09926161c68d91-1e462c6f-1d4c00-19208baa6d719cf%22%2C%22%24auiddc%22%3A%20%22861929979.1726723303%22%2C%22%24gtm%22%3A%20true%2C%22__last_event_time%22%3A%201726723303148%2C%22%24session_id%22%3A%20%2219208baa6d96e8-0bd2816859cf9-1e462c6f-1d4c00-19208baa6da2a93%22%2C%22__first_pageview_in_session_has_occurred%22%3A%20true%2C%22__session_count%22%3A%201%2C%22%24debug_client_info%22%3A%20%7B%22ctr%22%3A%20%7B%22_sendEvent%22%3A%206%7D%7D%2C%22__initial_utm_props_set%22%3A%20true%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__last_pixel_sync%22%3A%201726723303134%2C%22%24pageview_id%22%3A%20%2219208baa6ea5e7-03ecc927fd31e6-1e462c6f-1d4c00-19208baa6eb1bdf%22%2C%22__first_pageview_occurred%22%3A%20true%2C%22__last_pageview_time%22%3A%201726723303148%7D
freshpaint-impression.com/	1970-01-21 08:24:19	Name: fp_impression_device_id Value: 19208baa707-0ab2c71f20faeae02a-07ab781ec7ab68c3597a6c34f63fb08d0cea92812392da239ec6118de3e42340
www.geha.com/	1969-12-31 23:59:59	Name: bx_bucket_number Value: 70
www.geha.com/	1969-12-31 23:59:59	Name: bx_guest_ref Value: 938291d9-ba16-4975-a86f-cfed63177cf4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloud.info.geha.com/openseasonplanreminders Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd325.akstat.io
api-engage-us.sitecorecloud.io
api.perfalytics.com
c.go-mpulse.net
cloud.info.geha.com
d1mj578wat5n4o.cloudfront.net
d35vb5cccm4xzp.cloudfront.net
eaaqvsaaea6qakqce3ydkaaacztoxnhh-pd32o0-4226a9a15-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
freshpaint-cdn.com
freshpaint-impression.com
fwgzqsobnsmqyzxlwttq-pd32o0-b4929b23f-clientnsv4-s.akamaihd.net
ka-p.fontawesome.com
kit.fontawesome.com
p.typekit.net
pdx1.qualtrics.com
perfalytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.go-mpulse.net
sc-static.net
siteintercept.qualtrics.com
tr.snapchat.com
tr6.snapchat.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
use.typekit.net
www.geha.com
www.googletagmanager.com
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
104.17.208.240
13.111.118.55
13.32.121.13
13.33.216.185
18.173.205.17
193.108.153.12
193.108.153.20
2600:1901:0:7628::
2600:9000:235a:1800:3:35f2:c540:21
2606:4700:10::6816:3768
2606:4700:4400::6812:2ab7
2606:4700:4400::ac40:93bc
2a00:1450:4001:80e::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:4700:298::11a6
2a02:26f0:4700::17d4:6ed2
2a02:26f0:780::210:a419
2a02:26f0:e300:186::11a6
3.160.150.82
3.163.248.4
35.190.43.134
52.209.42.199
65.9.66.85
95.101.149.99
0165edaaa082a8854a37cc7aa117f1d80809437e41f6ca489f484bdf23e8d50b
0ec0bebf0577f413bd3cd829dc4880527f790f20f64620e1c03625feac77c8de
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
166b640351aa645b6af02b1013bc7fbead2822e44d773deba0b35f4053d0e94a
18b6950257b6495aaa5ed01184ca60fa0ac0517c57fab17a395e2f2a657d1f0a
1a4bf8a4ca374508387fc27de382cbbe01a6ace9f7bb3c1618884b7b86dd6c60
1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
21a3bc0cb8d61644fd61bfe5a48391e2b130ebed3657fc10595c1847ce83fea5
2668f9f36d59bee39f87277a925a109da82d31bb6d36a6ec08515b7c11df1dd6
286dc7cf3eb0c6c06c2fb54d779f82bf342bbf766861f7aba001408bcb391828
2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c
3487c89cbf4176ba31dee9f3fb221bab9b05753f689e372d9c03e71c78b8e3c1
3816ee8b3fe62d0d3101d8cc12ee3d75c73d6f954f69f2a42d545337d5a247cc
3e74809dede6d1ea36eacaec76d20818679ef70e85efe8aa737fe8a6cc549cfb
3f10c746ba32d25740e0ba4ebb8fd97538ad95ac7b208b52064c8fa57d0123c2
416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c
427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f
42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47
43bf46697a74707dd319e2549eb7e7ad414d629c257da2dfc02e082a7a7290c7
4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56
46fd84c0e7470ced1baafe177bae2c8add08ec57bab37d6f42b366a98235f295
486cb6639529a37f8755f3fda22b724e26ea0cfca10de5bae934da56e2d6022c
4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d
4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385
4d775c0468071fed4c4faaf09ae24df269af5c5e3663632d6d8731254fbc1a96
56023b60759e909c096e9ea4761cfcf56ad4bd5b4da4aa743fe01c235b3af4ce
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
5fd7281dafc44afbbb34847a7c8dfff204d017418103d96eb401ade5c1f6012c
6061afe2f61cd705a9877ac4211e86ee6a5f23767a6908ecc261d6c32d054249
619daea94fb618b5ee1c5e92737585de5e9a8006295d227dd62c433c0d143ada
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66c8eafe62c19ebb3bec60794bcf315091f95cb5a4c7ab30bff6da9c8ba030be
67a0b817dfea4caab2f044f9f57fed96ce0445d197aad5683f8c2f737389e486
69b635282e06504d447e9dd8fe4c90c5bd308a8ffdc2da080243d51a65df81bd
6a0f1dbe8152c495067a195c4302ebdc288d938ffad17a4fe1e0105e0e797b4f
6be212d0bf9b30c3b1e7189850564d56bdaaa05d6991280ad4e1fbe3f82209cc
70102939d522ed5d709b30aa41e124938190434e62fba8387edb284257690768
70159909cf9a1df78dadf35e0bea44c9b8ab4bfa5b675ccdc28acfc5333151fc
7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e
7277f149953248ced788854ee61c57fefea7400a163beab1137147610cb43a50
72f23e2362324b5f4dbdf3819dfef0c829eb1142a7a9a99e1cb977111351e54b
79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5
7a1b7193829adf389b43d0a940cce925bd6a330eec563f40d00095ac9968109d
7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
8691d8e914a767c49775c8974ecdc2eeed548f0e0b458ae7d871d39ce42e8ba8
8973a5593f85db36a2afa7ff9d145ec026b8bc31219e4273ad0c7af98c7e7969
91885b79eafb9db3b3b6bccd7d3927f3cea7bc0a006fe3a6b625787d413fc412
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91af8f8604e6cbcb00a3ff4056f9fce3090c1ffca25400650895832c03b34ac5
932ad5bf32b2c79ed89f5d13800109b5e9f163bbca009b8430d3e2f6ed827c7d
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9b1b47a7bc1a78ba85aec1dcad05ef3f77a74b80e443c70748358accc8f2561e
9bdf81bf0ffae2df5e65fbc07d2b3d49a323963ea44470492b4b02a232b8ee7c
a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f
a5d59965fc50d217015f96f657880ade0fcbc85b9cc15b5fc20f097a25be9a63
a8adfc7e3ea1242af130314f1acb6adfdd9ed4ece01970eeddac8385d89bc228
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
b1ab594336bf1a463dbb4f3efc585c7cd97b8c64c4de1a735f99ba55b72a5f8f
baa575ea757c7d27e4c1ec33c28d8af39570e53d85a6cacf8d82de04aff8419a
babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
bf38dd7245e426d52544a5037e2bfeb452da37b75e7d075d62205cc38eb0cff4
c25f56a0700e3bae5f6ff26255f5881317d99a9620e7f8f4d93a7852450b1dfe
c2af84b1dd864ab11bd66ed82a8a338a34ad078136753c1b51c1aeb46c018ddf
c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c77ae12b1162a8d7a5fc8141fe5ef5f890b0d8367955bd7694dcd53deb3835f9
d236439dd0ef488fe4ae5f8ec3e9cfd8c43506f0505678342787250d441ef22c
d38da29826bf99b2fbd5650821c05cde1a223da8d6e67bb3a72366700cf5b9d2
d4b3d2315e78acb68f4dbf097f9ed2d8c1d6733bf745c5c893c15e9a52c1320a
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dc4ac291a13ea9d3d18b1fba70728d8a971db831e1bc418af7d479eb0708f18d
de113b3a951c8f72e2cae5bcb5ce482ffa79b53ac353deae859d9620ef01bd43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3216eedc7f489eecb16a1692449af9f0ab95ee2ff9aff5e5ccc9c8ea2c2ae2
ea428556379ab0d653def44e853bdd54c80512f34d8917c6458d2514f3c4818c
f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320
f11aacd9a0e6e97168559f00a1afb79e1b3c940df5a935bfa10483c8d48c01c2
f257916a3cc3ca0e3093007943e38de052095ab6038a1a50cc61731171f5bc2c
f303b092a93d6baf6ee475bbc579344f04200f349dd1d1d7a696be28158d3477
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02
fb56f17a4fe738143ac04ca01897e7ae5980eab0a5aaf0ebad8c6a2d09e39d90
fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

www.geha.com Open in urlscan Pro 2a02:26f0:4700::17d4:6ed2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

98 %HTTPS

52 %IPv6

18 Domains

31 Subdomains

26 IPs

5 Countries

1695 kBTransfer

7860 kBSize

16 Cookies

18 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geha.com Open in urlscan Pro
2a02:26f0:4700::17d4:6ed2 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

98 %
HTTPS

52 %
IPv6

18
Domains

31
Subdomains

26
IPs

5
Countries

1695 kB
Transfer

7860 kB
Size

16
Cookies

114 HTTP transactions
0 data transactions