member-portal.geha.com Open in urlscan Pro
2a02:26f0:7100::210:173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://member-portal.geha.com/
Effective URL:
https://member-portal.geha.com/
Submission: On August 31 via api (August 31st 2023, 7:02:41 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 60 HTTP transactions. The main IP is 2a02:26f0:7100::210:173, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is member-portal.geha.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 12th 2022. Valid for: a year.

This is the only time member-portal.geha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	2a02:26f0:710... 2a02:26f0:7100::210:173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:981::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.33.189.110 3.33.189.110	16509 (AMAZON-02) (AMAZON-02)
1	23.218.208.116 23.218.208.116	16625 (AKAMAI-AS) (AKAMAI-AS)
60	14

26 2a02:26f0:7100::210:173 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

member-portal.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0217991e.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:981::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.33.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com

login.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.116 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-116.deploy.static.akamaitechnologies.com

sjc1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	geha.com 1 redirects member-portal.geha.com login.geha.com	721 KB
17	qualtrics.com zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com — Cisco Umbrella Rank: 311708 znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 883 sjc1.qualtrics.com — Cisco Umbrella Rank: 9601	84 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2547	313 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	128 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1322 c.go-mpulse.net — Cisco Umbrella Rank: 605	50 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 477 p.typekit.net — Cisco Umbrella Rank: 588	1 KB
1	akstat.io 0217991e.akstat.io — Cisco Umbrella Rank: 82521	207 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	2 KB
60	9

	Domain	Requested by
26	member-portal.geha.com	1 redirects member-portal.geha.com
14	siteintercept.qualtrics.com	znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
6	login.geha.com	member-portal.geha.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	member-portal.geha.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
1	sjc1.qualtrics.com
1	0217991e.akstat.io	s.go-mpulse.net
1	znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com	member-portal.geha.com
1	zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	member-portal.geha.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	member-portal.geha.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	member-portal.geha.com
1	use.typekit.net	member-portal.geha.com
60	15

This site contains links to these domains. Also see Links.

Domain
www.geha.com
geha.okta.com

Subject Issuer	Validity	Valid
*.geha.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-12` - `2023-09-26`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://member-portal.geha.com/
Frame ID: 1848EC03F2DCBB06EB442BFAA42AA5C8
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GEHA | Member Portal

Page URL History Show full URLs

http://member-portal.geha.com/ HTTP 301
https://member-portal.geha.com/ Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

60
Requests

100 %
HTTPS

69 %
IPv6

9
Domains

15
Subdomains

14
IPs

3
Countries

1019 kB
Transfer

3441 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.geha.com/
Title: Navigate to geha.com in a new browser tab

Search URL Search Domain Scan URL

URL: https://www.geha.com/~/media93/Project/GEHA/GEHA/documents-files/other/geha-member-login-resource-document.pdf?fromURI=%2Fhelp%2Flogin
Title: Click here for help.

Search URL Search Domain Scan URL

URL: https://geha.okta.com/help/login
Title: Help

Search URL Search Domain Scan URL

URL: https://www.geha.com/why-geha/customer-care/contact-us
Title: secure online form

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://member-portal.geha.com/ HTTP 301
https://member-portal.geha.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
member-portal.geha.com/
Redirect Chain

http://member-portal.geha.com/
https://member-portal.geha.com/

16 KB
6 KB

353ms
332ms

Document
text/html

2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Next.js

Resource Hash

4141092ae24eb52a8690e70ba9f4e9afcaf29c59bf5aa39eeaea2287c3dde14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 5472
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 07:02:34 GMT
server-timing: cdn-cache; desc=MISS edge; dur=109 origin; dur=201 ak_p; desc="1693465354247_34603375_296714003_31018_11966_6_17_255";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 3439 0 pmb=mRUM,1
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 31 Aug 2023 07:02:34 GMT
Location: https://member-portal.geha.com/
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1693465354210_34603375_296713930_17_22906_6_0_-";dur=1

GET
H2 200 9d6c5a1349473de2.css
member-portal.geha.com/_next/static/css/ 139 KB
20 KB 18ms
18ms Stylesheet
text/css 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/css/9d6c5a1349473de2.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1c4d889de806e7356aca914b8a55c9aad0da9935819320166666df34bad264b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"22bbe-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=3490
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354730_34603375_296714555_60_7904_6_0_255";dur=1
accept-ranges: bytes
content-length: 20558

GET
H2 200 webpack-603c1c2060012116.js Show response
member-portal.geha.com/_next/static/chunks/ 5 KB
3 KB 17ms
17ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

31879de5c5dea263fd9f3100eb994df1282022502cd0b1dd0e75615089f16ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1430-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=19533
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354730_34603375_296714556_26_8146_6_0_146";dur=1
accept-ranges: bytes
content-length: 2286

GET
H2 200 framework-5f4595e5518b5600.js Show response
member-portal.geha.com/_next/static/chunks/ 127 KB
42 KB 26ms
26ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1fbbb-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=4715
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354749_34603375_296714581_124_8195_6_0_146";dur=1
accept-ranges: bytes
content-length: 42152

GET
H2 200 main-87526a1b46f1f2b9.js Show response
member-portal.geha.com/_next/static/chunks/ 106 KB
32 KB 17ms
17ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/main-87526a1b46f1f2b9.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbef9805b9b6d501b4e09e51b6ff067b4b28e2335fe088ceb978d53128f252b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1a95d-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=67117
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354749_34603375_296714582_110_8193_6_0_146";dur=1
accept-ranges: bytes
content-length: 31960

GET
H2 200 _app-145c2897cca0b552.js Show response
member-portal.geha.com/_next/static/chunks/pages/ 584 KB
175 KB 18ms
18ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/pages/_app-145c2897cca0b552.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6a4ea42815d46b3c139dc0fa04c76152b284ff1fe5c27f8202f1986be631c59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"9207d-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=75408
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354887_34603375_296714733_32_8502_6_0_146";dur=1
accept-ranges: bytes
content-length: 178418

GET
H2 200 af13d906-a33cb8860219c2d8.js Show response
member-portal.geha.com/_next/static/chunks/ 4 KB
2 KB 16ms
16ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/af13d906-a33cb8860219c2d8.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a4a305b7a41dd30c0a4ab038b30c4d95725c81c14d874ce074cafd721d651386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"118f-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=75517
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354932_34603375_296714798_51_7772_6_0_146";dur=1
accept-ranges: bytes
content-length: 1960

GET
H2 200 536-393930c3d4553e93.js Show response
member-portal.geha.com/_next/static/chunks/ 21 KB
8 KB 15ms
15ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/536-393930c3d4553e93.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

60c69dc1f42f861e3723311f887cd188973680800b7ad02967a1ba6ca5a0a7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"52e5-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=36402
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354948_34603375_296714820_24_8216_6_0_146";dur=1
accept-ranges: bytes
content-length: 7956

GET
H2 200 521-edda6995e1bc01d8.js Show response
member-portal.geha.com/_next/static/chunks/ 56 KB
16 KB 16ms
16ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/521-edda6995e1bc01d8.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8ba2af729a603a682abfcab9b9475ad47918b837f8ad600810b0764cff5bade5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"e1d1-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=27849
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354966_34603375_296714845_21_8859_6_0_146";dur=1
accept-ranges: bytes
content-length: 16050

GET
H2 200 124-a060090d5bdcd845.js Show response
member-portal.geha.com/_next/static/chunks/ 20 KB
6 KB 16ms
15ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/124-a060090d5bdcd845.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66c0d17081ece393548b540e5860b9e3d282e6dc4ab6482cda3d0332586ce7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"51bf-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=75464
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465354985_34603375_296714862_18_8665_6_0_146";dur=1
accept-ranges: bytes
content-length: 5685

GET
H2 200 495-b688982acc926dea.js Show response
member-portal.geha.com/_next/static/chunks/ 8 KB
3 KB 16ms
16ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/495-b688982acc926dea.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f6613ec75a72e4a4d41be2b9cc1fc04e6675fd148a7eee1ba126fbece0195276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1e34-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=75468
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465355002_34603375_296714880_21_8305_5_0_146";dur=1
accept-ranges: bytes
content-length: 2348

GET
H2 200 13-7414e93cbbb8b127.js Show response
member-portal.geha.com/_next/static/chunks/ 8 KB
3 KB 16ms
15ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/13-7414e93cbbb8b127.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a4845f4c299f7e4a79c4e601d4f251ced66f015d631ac53f4ded2ef76e2342b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"206f-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=85215
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465355020_34603375_296714911_22_8382_6_0_146";dur=1
accept-ranges: bytes
content-length: 2985

GET
H2 200 index-3e3e2fadfe0dc290.js Show response
member-portal.geha.com/_next/static/chunks/pages/ 34 KB
9 KB 57ms
56ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/pages/index-3e3e2fadfe0dc290.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9c47e38bf3c503853a22558a2b7401be745ad585d673569585e4bb7cef13f68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"8949-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=75444
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1693465355076_34603375_296714959_2658_8848_6_0_146";dur=1
accept-ranges: bytes
content-length: 8960

GET
H2 200 _buildManifest.js Show response
member-portal.geha.com/_next/static/KBQVAvLv1aQf8Bs0CTEtO/ 3 KB
1 KB 43ms
43ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/KBQVAvLv1aQf8Bs0CTEtO/_buildManifest.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

313592f08d48e847f5e9e94118cfa1bfbacc02a65c6d16910b188d675189bd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"a14-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=5637
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465355051_34603375_296714960_191_9217_6_0_146";dur=1
accept-ranges: bytes
content-length: 924

GET
H2 200 _ssgManifest.js Show response
member-portal.geha.com/_next/static/KBQVAvLv1aQf8Bs0CTEtO/ 77 B
390 B 17ms
16ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/KBQVAvLv1aQf8Bs0CTEtO/_ssgManifest.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"4d-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2629
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465355097_34603375_296715027_29_8865_6_0_146";dur=1
accept-ranges: bytes
content-length: 61

GET
H2 200 vxe3lkg.css
use.typekit.net/ 7 KB
1 KB 300ms
256ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vxe3lkg.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/9d6c5a1349473de2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

add5a4ae4344dd616f6599ff1538b07f2a8d18fd1cc05340f76cc3441050c2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 31 Aug 2023 07:02:35 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 972

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 137ms
47ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/9d6c5a1349473de2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 31 Aug 2023 07:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 05:46:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Aug 2023 07:02:34 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 46ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vxe3lkg&ht=tk&f=24537.24538.24539.24540.24545.24546.24547.24548.24549.24552&a=90735096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vxe3lkg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 X77L2-P4WA5-BTDAF-6LY7Y-GULYJ Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 43ms
8ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ
Requested by: Host: member-portal.geha.com
URL: https://member-portal.geha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: br
last-modified: Wed, 09 Aug 2023 08:27:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 115ms
35ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 528943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 04:06:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
50 KB 140ms
61ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZC9G3J

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf9cde761e99d0cfd4d137e0ba16d2637034863c78e6cdac0f406b2d8ce753da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50581
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 31 Aug 2023 07:02:35 GMT

GET
H2 200 login-d80ebb727a6ef888.js Show response
member-portal.geha.com/_next/static/chunks/pages/ 8 KB
3 KB 107ms
107ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/pages/login-d80ebb727a6ef888.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/main-87526a1b46f1f2b9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f0a0f0f2209974dfe1faf49c1aebbe48af23b557dc92d514f870cf2e9930f4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1fa8-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=26005
server-timing: cdn-cache; desc=HIT, edge; dur=91, origin; dur=0, ak_p; desc="1693465355210_34603375_296715175_9118_8255_6_0_146";dur=1
accept-ranges: bytes
content-length: 3161

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 624 B
897 B 263ms
233ms XHR
application/json 2a02:26f0:3500:981::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=X77L2-P4WA5-BTDAF-6LY7Y-GULYJ&d=member-portal.geha.com&t=5644885&v=1.720.0&sl=0&si=113405d5-22da-4315-a664-75dad52ee278-s08u8a&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=819765
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:981::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c3f732f894ff2455fd80622686eb8501c4a60b7a5d731404a0c1991c39dd0c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 31 Aug 2023 07:02:35 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 624
Content-Type: application/json

GET
H2 200 login.json Show response
member-portal.geha.com/_next/data/KBQVAvLv1aQf8Bs0CTEtO/en/ 53 B
699 B 109ms
108ms Fetch
application/json 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/data/KBQVAvLv1aQf8Bs0CTEtO/en/login.json

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/main-87526a1b46f1f2b9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5ebc2cd02aacb80da5275c7843d490f10dfde96db0f92c7dd4848cea50f9472a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
x-nextjs-matched-path: /en/login
strict-transport-security: max-age=15768000 ; includeSubDomains
etag: "3schnuitqn1h"
x-frame-options: DENY
content-type: application/json
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, ak_p; desc="1693465355330_34603375_296715315_9261_8638_6_0_219";dur=1
content-length: 53

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
79 KB 75ms
74ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X5XQCNY2FN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZC9G3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bba18468d9845d131e70cb9aeff7636c976a0975cb2b14120fd60292b23ce3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 31 Aug 2023 07:02:35 GMT

GET
H2 200 be5ea0027c648323.css
member-portal.geha.com/_next/static/css/ 206 KB
30 KB 181ms
180ms Stylesheet
text/css 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a78244eaaca474e76c68634a0a766d5ec506c9410707d71e68bb11445d6f330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"338d0-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=67204
server-timing: cdn-cache; desc=HIT, edge; dur=159, origin; dur=0, ak_p; desc="1693465355451_34603375_296715482_15958_8521_11_0_255";dur=1
accept-ranges: bytes
content-length: 30645

GET
H2 200 b637e9a5.4d22b99d59d0a400.js Show response
member-portal.geha.com/_next/static/chunks/ 89 KB
31 KB 169ms
168ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/b637e9a5.4d22b99d59d0a400.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

24e2c787dd5a9faf99c308d660a53a4b6ff8051e77df3311d1d57484da97067b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"16219-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=67247
server-timing: cdn-cache; desc=HIT, edge; dur=126, origin; dur=0, ak_p; desc="1693465355462_34603375_296715499_12705_13624_11_0_146";dur=1
accept-ranges: bytes
content-length: 31209

GET
H2 200 412.03afb1f3bf8890e9.js Show response
member-portal.geha.com/_next/static/chunks/ 1 MB
257 KB 164ms
163ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/412.03afb1f3bf8890e9.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

062df4685c3665f2fe72e33eb09eb485f2815b06da3ef79a2b9c694a7ab99f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"108560-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=67258
server-timing: cdn-cache; desc=HIT, edge; dur=115, origin; dur=0, ak_p; desc="1693465355462_34603375_296715500_11616_20836_11_0_146";dur=1
accept-ranges: bytes
content-length: 262739

GET
H2 200 63.8413e0d300561376.js Show response
member-portal.geha.com/_next/static/chunks/ 2 KB
1 KB 174ms
173ms Script
application/javascript 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/63.8413e0d300561376.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6868c33019be03f377ae7a9848545c6cc86a5afeeb517fc69219b757f4defa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"837-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=67228
server-timing: cdn-cache; desc=HIT, edge; dur=147, origin; dur=0, ak_p; desc="1693465355462_34603375_296715501_14731_11302_11_0_146";dur=1
accept-ranges: bytes
content-length: 1107

GET
DATA 200
OK truncated
/ 81 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dbc584b36c2dadc91666a4aba780bf708b52a3ebf56216a752f3d18ddea2685

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 448046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 02:35:09 GMT

GET
H2 200 GEHA_Logo.svg
member-portal.geha.com/ 4 KB
2 KB 17ms
17ms Image
image/svg+xml 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member-portal.geha.com/GEHA_Logo.svg

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ba6e2db53813ce06f2e7cc09e6ac476f5306c87452023f1008d8d67feac7dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:00:05 GMT
etag: W/"f0f-18940befa08"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693465355502_34603375_296715553_70_8709_6_0_146";dur=1
accept-ranges: bytes
content-length: 1740

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 56ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X5XQCNY2FN&gtm=45je38u0&_p=728961619&cid=1026418334.1693465356&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693465355&sct=1&seg=0&dl=https%3A%2F%2Fmember-portal.geha.com%2Flogin&dt=GEHA%20%7C%20Member%20Portal&en=page_view&_fv=2&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X5XQCNY2FN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 07:02:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/SIE/ 9 KB
4 KB 154ms
94ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_e9klljEUcZhtwjz

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4073a57d9d13460fa8e0bdce3633a56ec10764ee779dda9f91416bf48e99b2b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"23be-2cS1rLJc8+Ym0OXHVVIJpBRK5tc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368aa5f9b1d8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 / Show response
znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 85ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f3d882505585b1605d4e7badb93396f7cd4b146829375f02e387af0e16cd86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 84099
cf-polished: origSize=9150
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23be-LerLO5e2Ya8QcHZQLLeA49/shZo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368aa5aae1e51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

OPTIONS
H/1.1 200
OK openid-configuration
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/ 0
0 430ms
121ms Preflight
application/octet-stream 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/openid-configuration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://member-portal.geha.com
Access-Control-Max-Age: 3600
Connection: Keep-Alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Thu, 31 Aug 2023 07:02:36 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Vary: Origin
X-Okta-Request-Id: ZPA7DJYfjGIIMIS0DDneJgAABsQ

GET
H/1.1 200
OK openid-configuration Show response
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/ 3 KB
5 KB 121ms
121ms Fetch
application/json 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/openid-configuration

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.03afb1f3bf8890e9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

bc691dc824cd13ba929d5e8bd7972588491755a0e1ff7737fd70e2f2be9ddcb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

X-Okta-Request-Id: ZPA7DJYfjGIIMIS0DDneKAAABsQ
Date: Thu, 31 Aug 2023 07:02:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
Server: nginx
vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://member-portal.geha.com
cache-control: max-age=86400, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99
expires: Fri, 01 Sep 2023 07:02:18 GMT

POST
H2 204 /
0217991e.akstat.io/ 0
207 B 221ms
219ms Ping
image/gif 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://0217991e.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 07:02:36 GMT
content-type: image/gif
access-control-allow-origin: https://member-portal.geha.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Thu, 31 Aug 2023 07:02:36 GMT

GET
H2 200 12.2158c5447122fa995560.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 69 KB
21 KB 34ms
31ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Requested by

Host: znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
URL: https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

697e541b2f182b24b7e56b9a1807fd0ce4241e0e1e289c64f16fc365643fe495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 110356
cf-polished: origSize=71575
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"11797-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368aa8af81e51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 223ms
223ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_ag9JfHFpVBLNPQW&Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7d80050aeb53b68c42aacf7b4406137a6ccb8417c07aa7da1c1b87445a023ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 68ebf38f2e6b2bda
cf-ray: 7ff368aacb991e51-FRA
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 46ms
45ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_e9klljEUcZhtwjz&Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f86db7eeb8d6c799e34cd8bc5efe2df9104e54c5d3cb51cf5370d683f4c337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 1aea23dd038ae834
cf-ray: 7ff368aaebf11e51-FRA
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 27ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

617795824f268204fce200417ba784cf0ad062c0c1613d5a114c457bc503ff8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 110289
cf-polished: origSize=105687
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19cd7-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368ab4c681e51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 7.41dc96447e48575a0cfd.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 47ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.41dc96447e48575a0cfd.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_e9klljEUcZhtwjz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c91945cdef5177fb2131a55ebb70b3ba5c56d640a71b351d20a5c335ef120a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 110242
cf-polished: origSize=2901
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b55-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368abad1a1e51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.e4bb9861ae9a0d936559.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 56ms
43ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.e4bb9861ae9a0d936559.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_e9klljEUcZhtwjz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f8cff2f1e205758621ca8a1b49253194e84a68d1af5a6fa94b4b159629ea9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 110323
cf-polished: origSize=29367
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72b7-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368abad1d1e51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 48ms
36ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 106450
cf-polished: origSize=3545
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"dd9-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368abad1f1e51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 EmbeddedTargetModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 8 KB
3 KB 46ms
35ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af3e17967103995189703522783318d0090ab03b34c8c504ad8c31498ea284b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 110082
cf-polished: origSize=8465
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2111-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368abad201e51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 94ms
24ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_2oDPmyCNELJeTg9&Version=19&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f3b592d5d9fec0a567a32412f44781a6174a209279495602c9a7f4004ddfb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

servershortname
date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 494283
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 25 Aug 2023 13:44:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368ac0e50360a-FRA
expires: Mon, 22 Aug 2033 13:44:33 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 325 B
739 B 92ms
23ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9ALP9yWEj1lFJyJ&Version=4&Q_InterceptID=SI_2oDPmyCNELJeTg9&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

servershortname
date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 494283
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 25 Aug 2023 13:44:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368ac0e52360a-FRA
expires: Mon, 22 Aug 2033 13:44:33 GMT

GET
H2 200 UserDefinedHTMLModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 7 KB
2 KB 35ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/UserDefinedHTMLModule.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9230295cadd808a698abddc0af90987e825aebe7a782ffe9193ea91daffdf587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 110173
cf-polished: origSize=7758
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1e4e-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368ac3dfe1e51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 24ms
24ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eVtI5lux3fUOtH8&Version=5&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfa66663be987c35d8709111800b6b7aa64db48c230251ab2b2680d249eae17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

servershortname
date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 332390
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 27 Aug 2023 10:42:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368ac3eb7360a-FRA
expires: Wed, 24 Aug 2033 10:42:46 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
718 B 24ms
24ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_0dinM9xAxIZNwfc&Version=6&Q_InterceptID=SI_eVtI5lux3fUOtH8&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab0a26f2850163c8217535acb3465cbcdd5e0642f97e70b2e2bc369262ed05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

servershortname
date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 332390
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 27 Aug 2023 10:42:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7ff368ac3eb9360a-FRA
expires: Wed, 24 Aug 2033 10:42:46 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
221 B 395ms
395ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9ALP9yWEj1lFJyJ&Q_SIID=SI_2oDPmyCNELJeTg9&Q_ASID=AS_5jpQ36tvT18uCz3&Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&r=1693465356216

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=geha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 4478727d897b88e8
cf-ray: 7ff368ac5ef4360a-FRA

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 449ms
231ms Image
image/png 23.218.208.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_elF0WfBnxSXZgMt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-116.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 182
date: Thu, 31 Aug 2023 07:02:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
x-envoy-upstream-service-time: 27
content-disposition: inline; filename=Feedback_Darker_Smaller.png
content-length: 1825
x-request-id: 745a4e11-caf9-4be0-bdd0-14e446e1ad5a
referrer-policy: strict-origin-when-cross-origin
server: envoy
etag: "be2052dd6274e8cbe6a39a1838288fcf"
x-edgeconnect-cache-status: 1
content-type: image/png
access-control-allow-origin: *
x-transaction-id: adee0bb6-b6a5-4ac2-aca4-05f9b5869b3b
cache-control: public, max-age=46
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Thu, 31 Aug 2023 07:03:22 GMT

POST
H/1.1 200
OK interact Show response
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/ 1 KB
4 KB 404ms
175ms Fetch
application/json 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/interact

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.03afb1f3bf8890e9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

7f5c35e965cf496cf1a9343d92bbdf71101f97f92374bdf0fce4871476c3cce7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-okta-request-id: ZPA7DAqz7aGTpNg_u1b-AAAADPI
Date: Thu, 31 Aug 2023 07:02:36 GMT
content-security-policy: frame-ancestors 'self'
x-rate-limit-limit: 1200
x-content-type-options: nosniff
x-rate-limit-remaining: 1198
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://member-portal.geha.com
x-rate-limit-reset: 1693465414
access-control-allow-credentials: true
cache-control: no-cache, no-store
X-Robots-Tag: noindex,nofollow
access-control-allow-headers: Content-Type
Keep-Alive: timeout=5, max=100
expires: 0

OPTIONS
H/1.1 200
OK interact
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/ 0
0 135ms
135ms Preflight 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/interact

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-okta-user-agent-extended
Access-Control-Request-Method: POST
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Thu, 31 Aug 2023 07:02:36 GMT
Keep-Alive: timeout=5, max=98
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
access-control-allow-credentials: true
access-control-allow-headers: x-okta-user-agent-extended,Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://member-portal.geha.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: ZPA7DJYfjGIIMIS0DDneKQAABsQ
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9996
x-rate-limit-reset: 1693465411
x-xss-protection: 0

OPTIONS
H/1.1 200
OK introspect
login.geha.com/idp/idx/ 0
0 144ms
144ms Preflight 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/idp/idx/introspect

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: POST
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Thu, 31 Aug 2023 07:02:37 GMT
Keep-Alive: timeout=5, max=97
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://member-portal.geha.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: ZPA7DZYfjGIIMIS0DDneLQAABsQ
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9995
x-rate-limit-reset: 1693465411
x-xss-protection: 0

POST
H/1.1 200
OK introspect Show response
login.geha.com/idp/idx/ 10 KB
13 KB 191ms
191ms Fetch
application/ion+json 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/idp/idx/introspect

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.03afb1f3bf8890e9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b7becd1fd135c021e828d8e69a4188607db0cc0890e9459e201f8795197c45c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/ion+json; okta-version=1.0.0
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id: ZPA7DQqz7aGTpNg_u1b-AgAADPI
Date: Thu, 31 Aug 2023 07:02:37 GMT
content-security-policy: frame-ancestors 'self'
x-rate-limit-limit: 2000
x-content-type-options: nosniff
x-rate-limit-remaining: 1998
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/reportOnly; report-to csp
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
vary: Origin
Content-Type: application/ion+json;okta-version=1.0.0
access-control-allow-origin: https://member-portal.geha.com
x-rate-limit-reset: 1693465414
access-control-allow-credentials: true
cache-control: no-cache, no-store
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=5, max=99
expires: 0

GET
H2 200 checkbox-sign-in-widget.fed34083.png
member-portal.geha.com/_next/static/media/ 3 KB
3 KB 132ms
131ms Image
image/png 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member-portal.geha.com/_next/static/media/checkbox-sign-in-widget.fed34083.png

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:37 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"c45-18940c4d9f0"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=75424
server-timing: cdn-cache; desc=HIT, edge; dur=115, origin; dur=0, ak_p; desc="1693465357319_34603375_296717914_11502_9532_6_0_146";dur=1
accept-ranges: bytes
content-length: 3141

GET
H2 200 montserrat-okta-regular-webfont.691ec7ce.woff
member-portal.geha.com/_next/static/media/ 21 KB
22 KB 128ms
128ms Font
font/woff 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/media/montserrat-okta-regular-webfont.691ec7ce.woff

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:37 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"55dc-18940c4d9f0"
x-frame-options: DENY
content-type: font/woff
cache-control: public, max-age=67213
server-timing: cdn-cache; desc=HIT, edge; dur=97, origin; dur=0, ak_p; desc="1693465357333_34603375_296717934_10169_9266_6_0_255";dur=1
accept-ranges: bytes
content-length: 21980

GET
H2 200 montserrat-okta-light-webfont.4bb7d8d1.woff
member-portal.geha.com/_next/static/media/ 22 KB
22 KB 132ms
132ms Font
font/woff 2a02:26f0:7100::210:173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/media/montserrat-okta-light-webfont.4bb7d8d1.woff

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 07:02:37 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"5660-18940c4d9f0"
x-frame-options: DENY
content-type: font/woff
cache-control: public, max-age=67163
server-timing: cdn-cache; desc=HIT, edge; dur=109, origin; dur=0, ak_p; desc="1693465357329_34603375_296717935_10898_9224_6_0_255";dur=1
accept-ranges: bytes
content-length: 22112

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X5XQCNY2FN&gtm=45je38u0&_p=728961619&cid=1026418334.1693465356&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1693465355&sct=1&seg=0&dl=https%3A%2F%2Fmember-portal.geha.com%2Flogin&dt=GEHA%20%7C%20Member%20Portal&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X5XQCNY2FN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 07:02:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geha.com/	1970-01-20 14:24:32	Name: ak_bmsc Value: 50EEE305F3F524396B72076BB6F2EDCA~000000000000000000000000000000~YAAQbwEQApnCajiKAQAAW6FmShTEvYRH/H/SYR4KF5RDB/V7UgM6CT53K1Oye0/WFco4yHo5NXRyc8m89QPw5LzEC4QM2gwVPDu/iGqpn66AjcHZoZDrnybef4rbmVtpqfysMzgNKa+cUodgPGag/0Vs1KI0w+DwP8Vc/rRvlhiSOdUAr5UvrnM65bMflh/S24kr+Op2MCbX8cryqu/t35yrc7zBoJV88BZo4yCsspgRNOXDL7tP+d8aRhVAShjChsjKKd+if0S/9nQdFLDflzJNQ+3tz0jwWdsS4ZIai0mcEg6uHN5fblVbD9XjBs9WswMmlqWPWt77n+rgUZwi8ZiMwHxtbqnUU7JixK8gwlCoRO26E3emp/Ysop7WNcv18tc2JWttqvLgP7O+vEw=
.geha.com/	1970-01-20 14:24:32	Name: bm_sv Value: 96EC6BBD89023FA1876E865D5A277A2D~YAAQbwEQAhLDajiKAQAAp6RmShSOv+fR48xTQWrnSMWCv03r22VwSH4H0ZJd3KHFjtGzrGqWVnIe5fb2TPjgclVZSxscbXB9w0gXgWuBxulx69ZqZ8Up2pzIeb+HlsPFkELjdPF76Xz+XMZ6CNE0C64WEKjcKA31RHfzjkxqO8TpKwe+vSjLhrmxs057/a8QVFUIW4SQV5cN1zO2X0siNyMW20hZWewH1/Rm+bKuxj0qqbICNjsT/Pu2YzULGQ==~1
.geha.com/	1970-01-21 00:00:25	Name: _ga Value: GA1.1.1026418334.1693465356
.geha.com/	1970-01-21 00:00:25	Name: _ga_X5XQCNY2FN Value: GS1.1.1693465355.1.1.1693465355.0.0.0
login.geha.com/	1970-01-21 00:00:25	Name: DT Value: DI1psnpGuq1S1WWjqcG6iwR2A
login.geha.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 51F1A9641006EA0A20AEAED0DCC91FB0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991e.akstat.io
c.go-mpulse.net
fonts.googleapis.com
fonts.gstatic.com
login.geha.com
member-portal.geha.com
p.typekit.net
region1.google-analytics.com
s.go-mpulse.net
siteintercept.qualtrics.com
sjc1.qualtrics.com
use.typekit.net
www.googletagmanager.com
znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
2001:4860:4802:32::36
23.218.208.116
2a00:1450:4001:809::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a02:26f0:3100:782::11a6
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:981::11a6
2a02:26f0:7100::210:173
3.33.189.110
062df4685c3665f2fe72e33eb09eb485f2815b06da3ef79a2b9c694a7ab99f61
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ba6e2db53813ce06f2e7cc09e6ac476f5306c87452023f1008d8d67feac7dee
1ab0a26f2850163c8217535acb3465cbcdd5e0642f97e70b2e2bc369262ed05d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4d889de806e7356aca914b8a55c9aad0da9935819320166666df34bad264b3
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
22f3d882505585b1605d4e7badb93396f7cd4b146829375f02e387af0e16cd86
24e2c787dd5a9faf99c308d660a53a4b6ff8051e77df3311d1d57484da97067b
313592f08d48e847f5e9e94118cfa1bfbacc02a65c6d16910b188d675189bd20
31879de5c5dea263fd9f3100eb994df1282022502cd0b1dd0e75615089f16ae9
4073a57d9d13460fa8e0bdce3633a56ec10764ee779dda9f91416bf48e99b2b6
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
4141092ae24eb52a8690e70ba9f4e9afcaf29c59bf5aa39eeaea2287c3dde14c
4a78244eaaca474e76c68634a0a766d5ec506c9410707d71e68bb11445d6f330
5cfa66663be987c35d8709111800b6b7aa64db48c230251ab2b2680d249eae17
5ebc2cd02aacb80da5275c7843d490f10dfde96db0f92c7dd4848cea50f9472a
5f8cff2f1e205758621ca8a1b49253194e84a68d1af5a6fa94b4b159629ea9bf
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
60c69dc1f42f861e3723311f887cd188973680800b7ad02967a1ba6ca5a0a7f9
617795824f268204fce200417ba784cf0ad062c0c1613d5a114c457bc503ff8b
66c0d17081ece393548b540e5860b9e3d282e6dc4ab6482cda3d0332586ce7a0
6868c33019be03f377ae7a9848545c6cc86a5afeeb517fc69219b757f4defa69
697e541b2f182b24b7e56b9a1807fd0ce4241e0e1e289c64f16fc365643fe495
6a4ea42815d46b3c139dc0fa04c76152b284ff1fe5c27f8202f1986be631c59c
6dbc584b36c2dadc91666a4aba780bf708b52a3ebf56216a752f3d18ddea2685
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
77f3b592d5d9fec0a567a32412f44781a6174a209279495602c9a7f4004ddfb6
7a4845f4c299f7e4a79c4e601d4f251ced66f015d631ac53f4ded2ef76e2342b
7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f
7f5c35e965cf496cf1a9343d92bbdf71101f97f92374bdf0fce4871476c3cce7
8af3e17967103995189703522783318d0090ab03b34c8c504ad8c31498ea284b
8ba2af729a603a682abfcab9b9475ad47918b837f8ad600810b0764cff5bade5
8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
9230295cadd808a698abddc0af90987e825aebe7a782ffe9193ea91daffdf587
9c47e38bf3c503853a22558a2b7401be745ad585d673569585e4bb7cef13f68d
a4a305b7a41dd30c0a4ab038b30c4d95725c81c14d874ce074cafd721d651386
add5a4ae4344dd616f6599ff1538b07f2a8d18fd1cc05340f76cc3441050c2ab
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7becd1fd135c021e828d8e69a4188607db0cc0890e9459e201f8795197c45c9
bba18468d9845d131e70cb9aeff7636c976a0975cb2b14120fd60292b23ce3ff
bc691dc824cd13ba929d5e8bd7972588491755a0e1ff7737fd70e2f2be9ddcb4
c3f732f894ff2455fd80622686eb8501c4a60b7a5d731404a0c1991c39dd0c2b
c7d80050aeb53b68c42aacf7b4406137a6ccb8417c07aa7da1c1b87445a023ba
cf9cde761e99d0cfd4d137e0ba16d2637034863c78e6cdac0f406b2d8ce753da
d0c91945cdef5177fb2131a55ebb70b3ba5c56d640a71b351d20a5c335ef120a
dbef9805b9b6d501b4e09e51b6ff067b4b28e2335fe088ceb978d53128f252b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a0f0f2209974dfe1faf49c1aebbe48af23b557dc92d514f870cf2e9930f4e5
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f6613ec75a72e4a4d41be2b9cc1fc04e6675fd148a7eee1ba126fbece0195276
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f86db7eeb8d6c799e34cd8bc5efe2df9104e54c5d3cb51cf5370d683f4c337
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

member-portal.geha.com Open in urlscan Pro 2a02:26f0:7100::210:173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

69 %IPv6

9 Domains

15 Subdomains

14 IPs

3 Countries

1019 kBTransfer

3441 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

member-portal.geha.com Open in urlscan Pro
2a02:26f0:7100::210:173 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

69 %
IPv6

9
Domains

15
Subdomains

14
IPs

3
Countries

1019 kB
Transfer

3441 kB
Size

6
Cookies

60 HTTP transactions
2 data transactions