www.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.info.geha.com/?qs=734d68f3a2697a149722136e49d417ed09b775fb7614d362de2439ef4532001cb35676f6853046907e41201ffa51...
Effective URL:
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Pr...
Submission: On April 10 via manual (April 10th 2024, 9:53:01 am UTC) from US — Scanned from DE

Summary HTTP 129 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 26 domains to perform 129 HTTP transactions. The main IP is 2a02:26f0:ab00::214:8e59, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.geha.com. The Cisco Umbrella rank of the primary domain is 615103.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 23rd 2023. Valid for: a year.

This is the only time www.geha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.100.248 13.111.100.248	14340 (SALESFORCE) (SALESFORCE)
25	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.92.5 18.66.92.5	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:100a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.111.118.55 13.111.118.55	14340 (SALESFORCE) (SALESFORCE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:235... 2600:9000:235a:9c00:3:35f2:c540:21	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:585::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:46::67 2620:1ec:46::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a01:111:202c... 2a01:111:202c::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	34.245.244.146 34.245.244.146	16509 (AMAZON-02) (AMAZON-02)
3	20.120.124.64 20.120.124.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1901:0:7... 2600:1901:0:7628::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.200.61.87 23.200.61.87	16625 (AKAMAI-AS) (AKAMAI-AS)
129	37

1 13.111.100.248 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.info.geha.com

click.info.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:26f0:ab00::214:8e59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.92.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-5.fra56.r.cloudfront.net

d1mj578wat5n4o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:100a (United States)

ASN13335 (CLOUDFLARENET, US)

api-engage-us.sitecorecloud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179911.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.111.118.55 (United States)

ASN14340 (SALESFORCE, US)
PTR: cloud.info.geha.com

cloud.info.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:235a:9c00:3:35f2:c540:21 (United States)

ASN16509 (AMAZON-02, US)

d35vb5cccm4xzp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

13916293.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:585::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:111:202c::237 (United Kingdom) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.245.244.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-244-146.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.120.124.64 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

m.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.61.87 (Tempe, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-61-87.deploy.static.akamaitechnologies.com

sjc1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	geha.com 1 redirects click.info.geha.com www.geha.com — Cisco Umbrella Rank: 615103 cloud.info.geha.com Failed	813 KB
15	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3326 ka-p.fontawesome.com — Cisco Umbrella Rank: 5751	373 KB
12	qualtrics.com zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 1478 sjc1.qualtrics.com — Cisco Umbrella Rank: 16002	75 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1180 c.clarity.ms — Cisco Umbrella Rank: 1852 m.clarity.ms — Cisco Umbrella Rank: 13479	28 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 99 region1.google-analytics.com — Cisco Umbrella Rank: 1879	21 KB
6	sitecorecloud.io api-engage-us.sitecorecloud.io — Cisco Umbrella Rank: 181065	862 B
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	9 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 984 tr6.snapchat.com — Cisco Umbrella Rank: 1424	679 B
5	doubleclick.net 1 redirects 13916293.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195	2 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 623 c.bing.com — Cisco Umbrella Rank: 373	16 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	444 KB
4	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 9690 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 8834	6 KB
4	gstatic.com fonts.gstatic.com	91 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4622	189 B
3	google.com www.google.com — Cisco Umbrella Rank: 5	189 B
3	cloudfront.net d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net	81 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2522 insight.adsrvr.org — Cisco Umbrella Rank: 985	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 248	70 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1982 c.go-mpulse.net — Cisco Umbrella Rank: 845	51 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 1014 p.typekit.net — Cisco Umbrella Rank: 1457	1 KB
1	akstat.io 02179911.akstat.io — Cisco Umbrella Rank: 94438	224 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	274 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1340	393 B
1	t.co t.co — Cisco Umbrella Rank: 794	377 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1104	19 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1259	15 KB
129	26

	Domain	Requested by
25	www.geha.com	www.geha.com
12	ka-p.fontawesome.com	kit.fontawesome.com www.geha.com
10	siteintercept.qualtrics.com	zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com
6	api-engage-us.sitecorecloud.io	d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net
6	fonts.googleapis.com	www.geha.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagmanager.com	www.geha.com www.googletagmanager.com
4	tr.snapchat.com	sc-static.net
4	bat.bing.com	www.googletagmanager.com bat.bing.com www.geha.com
4	fonts.gstatic.com	fonts.googleapis.com
3	m.clarity.ms	www.clarity.ms
3	www.google.de	www.geha.com
3	www.google.com	www.geha.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	kit.fontawesome.com	www.geha.com kit.fontawesome.com
2	rum-collector-2.pingdom.net	rum-static.pingdom.net
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	region1.google-analytics.com	www.googletagmanager.com
2	13916293.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	d35vb5cccm4xzp.cloudfront.net	d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net
2	connect.facebook.net	www.geha.com connect.facebook.net
2	rum-static.pingdom.net	www.googletagmanager.com
2	cloud.info.geha.com	www.geha.com
1	sjc1.qualtrics.com
1	02179911.akstat.io	s.go-mpulse.net
1	tr6.snapchat.com	sc-static.net
1	insight.adsrvr.org	js.adsrvr.org
1	c.bing.com	1 redirects
1	zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	www.geha.com
1	www.facebook.com	www.geha.com
1	c.go-mpulse.net	s.go-mpulse.net
1	analytics.twitter.com	www.geha.com
1	t.co	www.geha.com
1	sc-static.net	www.geha.com
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	s.go-mpulse.net	www.geha.com
1	d1mj578wat5n4o.cloudfront.net	www.geha.com
1	p.typekit.net	use.typekit.net
1	use.typekit.net	www.geha.com
1	click.info.geha.com	1 redirects
129	42

This site contains links to these domains. Also see Links.

Domain
calendly.com
member-portal.geha.com
www.gehadentaldiscount.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-23` - `2024-09-22`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sitecorecloud.io E1	`2024-02-22` - `2024-05-22`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
cloud.info.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-12-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-10` - `2024-06-27`	3 months	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2023-10-14` - `2024-10-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-14`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Frame ID: A025722855A344A06189DA87F80ABCF5
Requests: 120 HTTP requests in this frame

Frame: https://cloud.info.geha.com/draft?utm_source=S24WTE0GINAP&utm_campaign=Partnerships%20-%2024%20-%20Brand%20Awareness%20-%20Email%20-%20NFL%20Draft%20Giveaway%20-%20Prospects%20-%20National_S24WTE0GINAP&utm_medium=Email
Frame ID: E500E73D2A102E433AE6F8D4EA344F27
Requests: 2 HTTP requests in this frame

Frame: https://cloud.info.geha.com/openseasonplanreminders
Frame ID: F88E3D2A8E13C2A2F7333A8CC3E35412
Requests: 1 HTTP requests in this frame

Frame: https://13916293.fls.doubleclick.net/activityi;dc_pre=CMuvuoWwt4UDFVVVHgIdzskMYQ;src=13916293;type=gehac0;cat=gehaa0;ord=6051717544551;npa=1;auiddc=1870718802.1712742774;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_
Frame ID: 3A5439C4A8B191C431C198A6D1D838F5
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=29a50b68-d5e7-4019-8575-7fea0adbb21f&u_scsid=b1d8fdbb-e7e0-4763-9311-fcc3468fe549&u_sclid=2763fb5c-b527-4e7d-b0ad-012a8d647b2e
Frame ID: 56F7796597D23644CB569B0DB66DB04D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=iu2zbne&ref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&upid=ms4t6e7&upv=1.1.0
Frame ID: 25430B842106F5771B85D25F64A9E7D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Draft Giveaway | GEHA

Page URL History Show full URLs

https://click.info.geha.com/?qs=734d68f3a2697a149722136e49d417ed09b775fb7614d362de2439ef4532001cb35676f6... HTTP 302
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

129
Requests

98 %
HTTPS

58 %
IPv6

26
Domains

42
Subdomains

37
IPs

6
Countries

2121 kB
Transfer

7805 kB
Size

38
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://calendly.com/d/3s7-qqm-xsd
Title: Schedule a Benefits Session

Search URL Search Domain Scan URL

URL: https://member-portal.geha.com/login?utm_medium=Email&utm_source=S24WTE0GINAP&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_content=_
Title: Member

Search URL Search Domain Scan URL

URL: https://www.gehadentaldiscount.com/
Title: Connection Dental Discount

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GEHAhealth

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gehahealth

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gehahealth

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gehahealth

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.info.geha.com/?qs=734d68f3a2697a149722136e49d417ed09b775fb7614d362de2439ef4532001cb35676f6853046907e41201ffa51487104dc189f7b595971ecdfcd6003add99c HTTP 302
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://13916293.fls.doubleclick.net/activityi;src=13916293;type=gehac0;cat=gehaa0;ord=6051717544551;npa=1;auiddc=1870718802.1712742774;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_ HTTP 302
https://13916293.fls.doubleclick.net/activityi;dc_pre=CMuvuoWwt4UDFVVVHgIdzskMYQ;src=13916293;type=gehac0;cat=gehaa0;ord=6051717544551;npa=1;auiddc=1870718802.1712742774;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_

Request Chain 103

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C233DA8B03DF49A6BB1C0C19B16F257E&RedC=c.clarity.ms&MXFR=34C8D04B4E546B74097BC4164A54657F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C233DA8B03DF49A6BB1C0C19B16F257E&MUID=2BF5FE67ABAF66C700B6EA3AAAC4679F

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request draftgiveaway Show response
www.geha.com/
Redirect Chain

https://click.info.geha.com/?qs=734d68f3a2697a149722136e49d417ed09b775fb7614d362de2439ef4532001cb35676f6853046907e41201ffa51487104dc189f7b595971ecdfcd6003add99c
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_key...

70 KB
14 KB

1181ms
1092ms

Document
text/html

2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a03bf7ced19a69e890c91f9da53453fb0f4d6ef8c366383cacd2f510794aba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 12916
content-type: text/html; charset=utf-8
date: Wed, 10 Apr 2024 09:52:52 GMT
expires: -1
pragma: no-cache
server-timing: cdn-cache; desc=MISS edge; dur=791 origin; dur=166 ak_p; desc="1712742771398_34901589_100573261_95751_9505_5_41_255";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 67446 0 pmb=mRUM,1
x-content-type-options: 'nosniff'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 553
Content-Type: text/html; charset=utf-8
Date: Wed, 10 Apr 2024 09:52:50 GMT
Location: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/ 29 KB
4 KB 17ms
14ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/optimized-min.css?t=20200827T195652Z

Requested by

Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772539_34901589_100574906_33_7123_5_0_255";dur=1
content-length: 3484
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Aug 2020 19:56:52 GMT
etag: 71297b75a810417dbeaa71ed60eeb6e1
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=13751
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/ 132 KB
22 KB 27ms
24ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/optimized-min.css?t=20221109T053533Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772539_34901589_100574907_39_7063_5_0_255";dur=1
content-length: 22078
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Nov 2022 05:35:33 GMT
etag: cddcbd79bda84976b39a43a487bdbebf
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=25985
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/Main-Theme/styles/ 5 KB
2 KB 17ms
15ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Main-Theme/styles/optimized-min.css?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772541_34901589_100574908_181_5765_5_0_255";dur=1
content-length: 1636
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: ffd03de852da41deb27b87223721ff9a
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2919
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Styles/ 1 KB
964 B 18ms
15ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Styles/optimized-min.css?t=20220715T021623Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

286dc7cf3eb0c6c06c2fb54d779f82bf342bbf766861f7aba001408bcb391828

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772540_34901589_100574909_38_7065_5_0_255";dur=1
content-length: 538
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:16:23 GMT
etag: bb86af52b3144400b8d0333da683b1db
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=38876
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/ 1 MB
137 KB 28ms
26ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b65ecc819f4b7a1056b90009ae39134cd681a53a70c845104ec132820a37630b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 15 Mar 2024 01:27:54 GMT
etag: c92ec30f3da24c8b97fc8632523f220f
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=77824
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772540_34901589_100574910_46_6997_5_0_255";dur=1
accept-ranges: bytes
content-length: 140066
x-xss-protection: 1; mode=block

GET
H2 200 VisitorIdentification.js Show response
www.geha.com/layouts/system/ 2 KB
1 KB 18ms
16ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/layouts/system/VisitorIdentification.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: 'nosniff'
date: Wed, 10 Apr 2024 09:52:52 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772540_34901589_100574911_48_6958_5_0_219";dur=1
content-length: 732
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 10 Sep 2018 14:56:14 GMT
server: Microsoft-IIS/10.0
etag: "0bb5d6b1649d41:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-stackifyid: V2|376ba7d2-d6e1-4c98-9e22-59ecbdf6884c|C57524|CD4989
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 57591c2ee3.js Show response
kit.fontawesome.com/ 12 KB
4 KB 219ms
182ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3.js
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277b8bd1952e82623693dc9123e1c2186cf0ac9436d4059dffe4ad732d2da5a3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8721d8b8abc8bb9d-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8Tf67L9vXqaqmYBpOFi

GET
H2 200 57591c2ee3.css
kit.fontawesome.com/ 399 B
511 B 179ms
142ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3.css
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf99991359fbb6e575a809280eb26d7f2408710608ccb222788324c6c1ac753f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=300, public, stale-while-revalidate=30
cf-ray: 8721d8b8abc6bb9d-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8KJUM53a9DZRTAAV4hB

GET
H2 200 geha.png
www.geha.com/~/media93/Project/GEHA/shared/ 9 KB
10 KB 39ms
38ms Image
image/png 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/shared/geha.png?h=135&w=550&la=en&hash=6A9419DEDA474BA8DF91728302A3ACB2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3487c89cbf4176ba31dee9f3fb221bab9b05753f689e372d9c03e71c78b8e3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 30 Jul 2021 17:58:46 GMT
etag: cdfed84458664cc398ac12b335feb876
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=74803
content-disposition: inline; filename="geha.png"
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1712742772550_34901589_100574924_825_7108_6_0_182";dur=1
accept-ranges: bytes
content-length: 9374
x-xss-protection: 1; mode=block
x-datastream-cache-status: 1

GET
H2 200 database-white.png
www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/ 1 KB
2 KB 40ms
39ms Image
image/png 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/database-white.png?h=100&w=100&la=en&hash=521DCE033E36C28C1312246F6B57E917

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e43974dcd89e9262d9c19ddfc9ce50400414c01abbe784eebf8e8d785503d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Wed, 16 Dec 2020 17:05:29 GMT
etag: c359242c1555453b8bddae1659745e71
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=49832
content-disposition: inline; filename="database-white.png"
server-timing: cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, ak_p; desc="1712742772550_34901589_100574925_1216_7590_5_0_182";dur=1
accept-ranges: bytes
content-length: 1293
x-xss-protection: 1; mode=block

GET
H2 200 info-white.png
www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/ 1 KB
1 KB 19ms
18ms Image
image/png 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/info-white.png?h=100&w=100&la=en&hash=2E8B9E0473DCE0A6C2B76FF3F8D6E1F0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d2594afe30fbd3142c9ec683a95629cd01010be1de052e5d1f55843cb073961

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Wed, 16 Dec 2020 17:06:18 GMT
etag: b79bcdbd88ed4aa2a54b55a750503ef7
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=6204
content-disposition: inline; filename="info-white.png"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772581_34901589_100574966_46_7609_6_0_182";dur=1
accept-ranges: bytes
content-length: 1142
x-xss-protection: 1; mode=block

GET
H2 200 draft-giveaway-registration-page.jpg
www.geha.com/~/media93/Project/GEHA/GEHA/draft-giveaway/ 119 KB
119 KB 120ms
119ms Image
image/jpeg 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/draft-giveaway/draft-giveaway-registration-page.jpg?h=42%25&w=100%25&hash=75B25ADEE1C1B1CCC30276E00614EA43

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36cbe98f9a9327afce4c79a1c0a9d43e076d3b2ae36e68f7c40b7cbc41d95931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 29 Mar 2024 16:40:21 GMT
etag: b3e3fdc7d3974ccd9d46595cd18c23ff
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=76977
content-disposition: inline; filename="draft-giveaway-registration-page.jpg"
server-timing: cdn-cache; desc=HIT, edge; dur=96, origin; dur=0, ak_p; desc="1712742772581_34901589_100574967_9602_7528_6_0_182";dur=1
accept-ranges: bytes
content-length: 121778
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/ 1 MB
305 KB 17ms
17ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772612_34901589_100575011_45_8988_6_0_182";dur=1
content-length: 312095
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Nov 2022 05:35:31 GMT
etag: 5f8a850d7d5d40faa8d832fe2c37e52d
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=9933
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/XA-API/Scripts/ 2 KB
1 KB 18ms
18ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/XA-API/Scripts/optimized-min.js?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772685_34901589_100575114_82_8148_6_0_182";dur=1
content-length: 855
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: c38298f3b90349549796d730a6e8ff40
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=54327
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/ 3 KB
1 KB 28ms
27ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/optimized-min.js?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: 574f88811b0947e08eb6c1deb05b1ab4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=75606
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772727_34901589_100575154_886_8052_8_0_182";dur=1
accept-ranges: bytes
content-length: 962
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/ 5 KB
2 KB 28ms
28ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/optimized-min.js?t=20220715T021537Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772719_34901589_100575156_41_7596_8_0_182";dur=1
content-length: 1930
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:37 GMT
etag: 62f4e07c5ee3471187fee95f1034f7cb
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=76641
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Maps/Scripts/ 9 KB
3 KB 16ms
15ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Maps/Scripts/optimized-min.js?t=20220715T021537Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772745_34901589_100575194_44_7826_8_0_182";dur=1
content-length: 3035
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:37 GMT
etag: 13b4e978e32648de9f455492b56e0de2
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=6725
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/ 76 KB
18 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/optimized-min.js?t=20221028T013215Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

91af8f8604e6cbcb00a3ff4056f9fce3090c1ffca25400650895832c03b34ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772745_34901589_100575195_43_7626_8_0_182";dur=1
content-length: 18181
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Oct 2022 01:32:15 GMT
etag: aeae65fdf10e405a819820b86851dd8d
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=1994
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/ 52 KB
15 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/optimized-min.js?t=20220715T021538Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772765_34901589_100575221_46_8031_6_0_182";dur=1
content-length: 14937
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:38 GMT
etag: 5ca53ec515f5411bacbd3a615d251007
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=6934
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/ 19 B
474 B 27ms
27ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/optimized-min.js?t=20220715T021538Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772776_34901589_100575241_144_9020_6_0_182";dur=1
content-length: 39
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:38 GMT
etag: e8bf1b6ff51942bfac73dfb8ec9beddf
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=36378
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Scripts/ 253 B
644 B 21ms
20ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Scripts/optimized-min.js?t=20220715T021621Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5fd7281dafc44afbbb34847a7c8dfff204d017418103d96eb401ade5c1f6012c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772788_34901589_100575262_105_8027_6_0_182";dur=1
content-length: 210
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:16:21 GMT
etag: faf71ebe50fd45198d26fa25699a92d9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=32220
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/ 523 KB
142 KB 24ms
24ms Script
application/x-javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/optimized-min.js?t=20240315T012754Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

71e970680812d5265281f05a10ae287a5739c582d03a027ef3b3f2e02166ec21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742772799_34901589_100575282_138_9174_6_0_182";dur=1
content-length: 144408
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Mar 2024 01:27:54 GMT
server: Microsoft-IIS/10.0
etag: 2c979c38fa4d45c684fb5b7bef965839
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=74595
accept-ranges: bytes

GET
H2 200 vxe3lkg.css
use.typekit.net/ 7 KB
1 KB 863ms
544ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vxe3lkg.css

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

91885b79eafb9db3b3b6bccd7d3927f3cea7bc0a006fe3a6b625787d413fc412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 10 Apr 2024 09:52:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 972

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 49ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:17:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 09:52:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 81 KB
3 KB 52ms
22ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@500;600;700&family=Nunito+Sans:opsz,wght@6..12,500;6..12,700&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5d59965fc50d217015f96f657880ade0fcbc85b9cc15b5fc20f097a25be9a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:52:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 09:52:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 77 KB
3 KB 51ms
21ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@500;600;700&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

166b640351aa645b6af02b1013bc7fbead2822e44d773deba0b35f4053d0e94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:52:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 09:52:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
697 B 54ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:opsz,wght@6..12,400;6..12,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a4bf8a4ca374508387fc27de382cbbe01a6ace9f7bb3c1618884b7b86dd6c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:52:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 09:52:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
494 B 51ms
21ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:52:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 09:52:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
724 B 50ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400,600,700,800,900

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43bf46697a74707dd319e2549eb7e7ad414d629c257da2dfc02e082a7a7290c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 09:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:52:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 09:52:52 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 132ms
103ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vxe3lkg&ht=tk&f=24537.24538.24539.24540.24545.24546.24547.24548.24549.24552&a=90735096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vxe3lkg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 418 KB
116 KB 82ms
55ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a744689eaea9c2297d24cc71eabc18ba8e0d0bede95af6c01af0b3d7376feddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117873
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 09:52:53 GMT

GET
H/1.1 200
OK sitecore-engage-v.1.3.0.min.js Show response
d1mj578wat5n4o.cloudfront.net/ 48 KB
49 KB 41ms
7ms Script
binary/octet-stream 18.66.92.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb56f17a4fe738143ac04ca01897e7ae5980eab0a5aaf0ebad8c6a2d09e39d90

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 07:40:02 GMT
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 May 2023 07:05:18 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 7978
x-amz-server-side-encryption: AES256
ETag: "f31e2f04c4696df590de7bcb24cebec2"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49153
X-Amz-Cf-Id: kgtrUnBJfAPeDXv6kD8wm-vLrrvlXkFb0GPh6sK042ITl-hm870Jhw==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 672 KB
118 KB 49ms
30ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:26 GMT
server: cloudflare
age: 555749
etag: "660c23a2-1d791"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8bf1987bb9d-FRA
content-length: 120721

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 27 KB
4 KB 56ms
38ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 661262
etag: "660c23a0-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8bf1985bb9d-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 50 KB
7 KB 46ms
28ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 661262
etag: "660c23a0-1c3b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8bf1984bb9d-FRA
content-length: 7227

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 7 KB
2 KB 55ms
37ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 471585
etag: "660c23a0-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8bf0980bb9d-FRA
content-length: 1738

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/57591c2ee3/93592551/ 0
157 B 23ms
22ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3/93592551/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
cf-cache-status: HIT
age: 2389740
content-length: 0
x-request-id: F7xlBcIjwYv1x4r5d89h
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 8721d8bef946bb9d-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 pro.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 672 KB
118 KB 56ms
21ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kit.fontawesome.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:26 GMT
server: cloudflare
age: 660984
etag: "660c23a2-1d791"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8bf2b5b9f54-FRA
content-length: 120721

GET
H2 200 pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 27 KB
4 KB 64ms
28ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kit.fontawesome.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 660985
etag: "660c23a0-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8bf2b5d9f54-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 50 KB
7 KB 64ms
28ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kit.fontawesome.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 660984
etag: "660c23a0-1c3b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8bf2b639f54-FRA
content-length: 7227

GET
H2 200 pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 7 KB
2 KB 64ms
28ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kit.fontawesome.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 660984
etag: "660c23a0-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8bf2b5e9f54-FRA
content-length: 1738

OPTIONS
H3 200 create.json
api-engage-us.sitecorecloud.io/v1.2/browser/ Frame 0
0 375ms
344ms Preflight
text/plain 2606:4700::6812:100a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/browser/create.json?client_key=b9c1f091c924864e2a26574bbef92243&message={}
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-library-version
Access-Control-Request-Method: GET
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version,X-Client-Software-ID
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8721d8bf7eca9162-FRA
content-length: 24
content-type: text/plain
date: Wed, 10 Apr 2024 09:52:54 GMT
server: cloudflare
x-robots-tag: noindex

GET
H3 201 create.json Show response
api-engage-us.sitecorecloud.io/v1.2/browser/ 178 B
333 B 130ms
130ms Fetch
application/json 2606:4700::6812:100a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/browser/create.json?client_key=b9c1f091c924864e2a26574bbef92243&message={}
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54663060575cba473bf32efae0bcc0f0d20f26d3f57987dc1fb62647a5a78d14

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
X-Library-Version: 1.3.0
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 8721d8c198ce9162-FRA
content-length: 178
alt-svc: h3=":443"; ma=86400

GET
H2 200 7JTKV-XPJV9-YRVS3-M2J45-ZYZNN Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 69ms
21ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Mon, 25 Mar 2024 04:55:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET draft
cloud.info.geha.com/ Frame E500 0
0

GET
H/1.1 404
Not Found openseasonplanreminders Show response
cloud.info.geha.com/ Frame F88E 1 KB
1 KB 641ms
143ms Document
text/html 13.111.118.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.info.geha.com/openseasonplanreminders
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.118.55 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.info.geha.com
Software: /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Connection: close
Content-Length: 1245
Content-Type: text/html
Date: Wed, 10 Apr 2024 09:52:53 GMT
X-Cache-Status: STORED

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 80ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 02:14:54 GMT
x-content-type-options: nosniff
age: 373079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 02:14:54 GMT

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 14 KB
14 KB 20ms
18ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-0.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:16 GMT
server: cloudflare
age: 660984
etag: "660c2974-3914"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8c04af7bb9d-FRA
content-length: 14612

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 14 KB
14 KB 20ms
19ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-12.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:22 GMT
server: cloudflare
age: 660984
etag: "660c297a-3878"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8c04afabb9d-FRA
content-length: 14456

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 72ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 07:36:31 GMT
x-content-type-options: nosniff
age: 353782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 07:36:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 77ms
11ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 04:10:19 GMT
x-content-type-options: nosniff
age: 106954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Apr 2025 04:10:19 GMT

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 39 KB
39 KB 30ms
29ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-1.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
age: 660984
etag: "660c2971-9d0c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8c04afbbb9d-FRA
content-length: 40204

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 37 KB
37 KB 21ms
20ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-0.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:53 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
age: 660984
etag: "660c2971-946c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8721d8c04afdbb9d-FRA
content-length: 37996

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 80ms
17ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 06:51:21 GMT
x-content-type-options: nosniff
age: 183692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 06:51:21 GMT

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
706 B 184ms
184ms XHR
application/json 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=82, ak_p; desc="1712742773968_34901589_100577025_16741_8205_6_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
706 B 168ms
167ms XHR
application/json 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=dentalRecommendation&PersonalizedInfoId=dentalRecommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=68, ak_p; desc="1712742774155_34901589_100577315_15289_7726_6_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
97 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T5EYR6VXJ8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69b5bf55d7810b68cf8c0a9b929581508d8924ebaf9bfd26ebbd094704bc10f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Apr 2024 09:52:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
85 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11398356872&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b25dad76fe59d69f4d9fa61b6b7ace7ab21c599b683280f27213cfae2ffa7d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86786
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 09:52:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Apr 2024 09:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 286
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 10 Apr 2024 11:48:08 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 38ms
8ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-eddf8230118-FRA

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-973793713&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b22e59a43368a038b4fa5030f5c0c00f7598b6cfb135e69aae52e7bacead1649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77175
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 09:52:54 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-13916293&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52d20221e2d19cdda8a7cc2bafb07fa61ee1759a15760ce5bfe09a9aa00e3237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72184
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 09:52:54 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 79ms
34ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 10 Apr 2024 09:52:53 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F02C1F261C54283819CE015F0859EAD Ref B: FRAEDGE1408 Ref C: 2024-04-10T09:52:54Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 pa-5b8e94d0cea07b0016000061.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 173ms
131ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5b8e94d0cea07b0016000061.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b635282e06504d447e9dd8fe4c90c5bd308a8ffdc2da080243d51a65df81bd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8721d8c44fcc3835-FRA
expires: Wed, 10 Apr 2024 09:57:54 GMT

GET
H2 200 pa-555b6812abe53d462fed7a74.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 174ms
132ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-555b6812abe53d462fed7a74.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486cb6639529a37f8755f3fda22b724e26ea0cfca10de5bae934da56e2d6022c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8721d8c44fcd3835-FRA
expires: Wed, 10 Apr 2024 09:57:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 34ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Apr 2024 09:52:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2782, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: taZ/HpKNZQ0wbz/kc5uFh3q17hL401kEOTh1eiuibaWtDNc9Q0JOVEtPVhtwZSpxX0C3KC6yjfRooWHgAdS8Ug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 9 KB
4 KB 47ms
6ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 04:57:49 GMT
Content-Encoding: gzip
Via: 1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Mar 2024 19:43:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 17706
x-amz-server-side-encryption: AES256
ETag: W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 3tFdObf65Qqu239NAcX0QcSkKcxtK0gil_tseND2hCkfkeYUi_PC9g==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 44 KB
19 KB 63ms
23ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
content-encoding: gzip
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19297
x-amz-cf-id: Cv87CdSvxSyv6naP9M6wt3qn0oANw7FjYrl6L0Fc79pOc-FYb_36qA==

GET
H/1.1 200
OK draft Show response
cloud.info.geha.com/ Frame E500 13 KB
3 KB 606ms
362ms Document
text/html 13.111.118.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.info.geha.com/draft?utm_source=S24WTE0GINAP&utm_campaign=Partnerships%20-%2024%20-%20Brand%20Awareness%20-%20Email%20-%20NFL%20Draft%20Giveaway%20-%20Prospects%20-%20National_S24WTE0GINAP&utm_medium=Email
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.118.55 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.info.geha.com
Software: /
Resource Hash: e3dd8f33992c58515312dbc2abd8620d0cca4e04f5a90e69f4dbfe7952dd771a

Request headers

Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Length: 2866
Content-Type: text/html; charset=utf-8
Date: Wed, 10 Apr 2024 09:52:54 GMT
Expires: -1
Pragma: no-cache

GET
H2 200 web-version.min.js Show response
d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/ 1 KB
2 KB 138ms
113ms Script
application/javascript 2600:9000:235a:9c00:3:35f2:c540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/web-version.min.js
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9c00:3:35f2:c540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8339750b4cf72003f5f74e7f645b822a44345c58d724e7e0c321daec71f31c68

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
via: 1.1 d9636724d333576f23b5fcfb40d7830c.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 18:21:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
etag: "72ffd03ca7a925392eb79f7d45faa457"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1242
x-amz-cf-id: Vozd_Zqh410ghErmJLI6UqL2vCjWpBeMy2UYpkphJvJbJcbihUYA7g==

POST
H3 201 events Show response
api-engage-us.sitecorecloud.io/v1.2/ 124 B
264 B 122ms
121ms Fetch
application/json 2606:4700::6812:100a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/events
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7882b2f752b919403760ad46b27766e083057a64521496c046a3b0cc9bf093

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/
X-Library-Version: 1.3.0
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 8721d8c50c199162-FRA
content-length: 124
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 events
api-engage-us.sitecorecloud.io/v1.2/ Frame 0
0 126ms
124ms Preflight
text/plain 2606:4700::6812:100a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-library-version
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version,X-Client-Software-ID
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: POST,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8721d8c44b549162-FRA
content-length: 13
content-type: text/plain
date: Wed, 10 Apr 2024 09:52:54 GMT
server: cloudflare
x-robots-tag: noindex

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
707 B 175ms
174ms XHR
application/json 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=70, ak_p; desc="1712742774447_34901589_100577740_15585_11797_6_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=299120672&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&ul=en-us&de=UTF-8&dt=Draft%20Giveaway%20%7C%20GEHA&sd=24-bit&sr=800x600&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=894688539&gjid=2070267327&cid=714657547.1712742775&tid=UA-18563403-14&_gid=727756623.1712742775&_r=1&_slc=1&gtm=45He4480n81PCSXPNDv79625355za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=756557722

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 17ms
17ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=299120672&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&ul=en-us&de=UTF-8&dt=Draft%20Giveaway%20%7C%20GEHA&sd=24-bit&sr=800x600&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=1959559207&gjid=918814915&cid=714657547.1712742775&tid=UA-18563403-1&_gid=727756623.1712742775&_r=1&_slc=1&gtm=45He4480n81PCSXPNDv79625355za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=695190311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 15ms
15ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=299120672&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&ul=en-us&de=UTF-8&dt=Draft%20Giveaway%20%7C%20GEHA&sd=24-bit&sr=800x600&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=341341757&gjid=1598377293&cid=714657547.1712742775&tid=UA-18563403-15&_gid=727756623.1712742775&_r=1&_slc=1&gtm=45He4480n81PCSXPNDv79625355za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=733729556

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CMuvuoWwt4UDFVVVHgIdzskMYQ;src=13916293;type=gehac0;cat=gehaa0;ord=6051717544551;npa=1;auiddc=1870718802.1712742774;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%25...
13916293.fls.doubleclick.net/ Frame 3A54
Redirect Chain

https://13916293.fls.doubleclick.net/activityi;src=13916293;type=gehac0;cat=gehaa0;ord=6051717544551;npa=1;auiddc=1870718802.1712742774;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot...
https://13916293.fls.doubleclick.net/activityi;dc_pre=CMuvuoWwt4UDFVVVHgIdzskMYQ;src=13916293;type=gehac0;cat=gehaa0;ord=6051717544551;npa=1;auiddc=1870718802.1712742774;uaa=x86;uab=64;uafvl=Google...

0
0

48ms
46ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13916293.fls.doubleclick.net/activityi;dc_pre=CMuvuoWwt4UDFVVVHgIdzskMYQ;src=13916293;type=gehac0;cat=gehaa0;ord=6051717544551;npa=1;auiddc=1870718802.1712742774;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13916293&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 09:52:54 GMT
expires: Wed, 10 Apr 2024 09:52:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 09:52:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13916293.fls.doubleclick.net/activityi;dc_pre=CMuvuoWwt4UDFVVVHgIdzskMYQ;src=13916293;type=gehac0;cat=gehaa0;ord=6051717544551;npa=1;auiddc=1870718802.1712742774;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 50ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T5EYR6VXJ8&gtm=45je4480v884583046z879625355za200&_p=1712742773586&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=714657547.1712742775&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712742774&sct=1&seg=0&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&dt=Draft%20Giveaway%20%7C%20GEHA&en=page_view&_fv=1&_ss=1&tfd=4058
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5EYR6VXJ8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 65ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18563403-14&cid=714657547.1712742775&jid=894688539&gjid=2070267327&_gid=727756623.1712742775&npa=1&_u=YGBACEAABAAAACAAI~&z=1125650714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 65ms
21ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18563403-1&cid=714657547.1712742775&jid=1959559207&gjid=918814915&_gid=727756623.1712742775&npa=1&_u=YGDACEABBAAAACAAI~&z=1731777354

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 64ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18563403-15&cid=714657547.1712742775&jid=341341757&gjid=1598377293&_gid=727756623.1712742775&npa=1&_u=YGDACEABBAAAACAAI~&z=192121473

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 206ms
130ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=9e7464fb-ed92-4d0f-82ec-4a208bd4d704&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=191d19a6-6a6d-4d75-9417-6a264b3373c6&tw_document_href=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1swp&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 113
date: Wed, 10 Apr 2024 09:52:54 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 4633dfa4ca2ebb34
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: bc5fea957f0e8534b5bfe8d218cbb6383461ea9c150334c545f60d9bdf31cb1f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 221ms
134ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9e7464fb-ed92-4d0f-82ec-4a208bd4d704&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=191d19a6-6a6d-4d75-9417-6a264b3373c6&tw_document_href=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1swp&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 115
date: Wed, 10 Apr 2024 09:52:54 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 00c509ae595188ef
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 02a44a4de1a77990b9dd6404bd4e70db3e074421c8b1a969efe0bb4ba1087ebe
content-length: 43

GET
H2 200 web-lib.min.js Show response
d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/ 127 KB
31 KB 9ms
8ms Script
application/javascript 2600:9000:235a:9c00:3:35f2:c540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/web-lib.min.js
Requested by: Host: d35vb5cccm4xzp.cloudfront.net
URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/web-version.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9c00:3:35f2:c540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ae91a1dbaa74648b3a37a89b46257eebe9203f54ad4896f69a92f671c59b8d5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 Nov 2023 12:12:55 GMT
content-encoding: br
via: 1.1 d9636724d333576f23b5fcfb40d7830c.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 18:21:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 12519600
etag: W/"c2569cbe88bd4366de67e5ef15480614"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: h9usSbxU10zoXkufYRZ5qoD98IflGOwotiLcJgcNJOGWkDYe8O_7PQ==

GET
H2 200 275288828831386 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 154ms
153ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/275288828831386?v=2.9.153&r=stable&domain=www.geha.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a89224e3776513856c140c4f3f8a1d8da2c4978033d1bfd0d7363c0823e2591c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Apr 2024 09:52:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=62, mss=1326, tbw=63153, tp=-1, tpl=-1, uplat=145, ullat=0
pragma: public
x-fb-debug: RIOk6s1UjZNAZ/08I+yAUItgTzSX/U3AT20gqpKRsRaLnNfZ7oOaHt2EMqdGJVHCO6Mr9LxAWlV4gkM0wT2Gig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 343096952.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 33ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343096952.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4e2cdf9cca01d18c643530e9704e33d2f2f8d03bcf260ff6647e78d9129eaf65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 10 Apr 2024 09:52:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B70B183B8DF4FE0B1174CABED3C28FE Ref B: FRAEDGE1408 Ref C: 2024-04-10T09:52:54Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 42ms
41ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343096952&tm=gtm002&Ver=2&mid=4e681b9d-f7a7-4a9f-a840-5b4785a6f162&sid=1a607e30f72011ee93923fe28b9afee1&vid=1a60a360f72011eeb68055b81e909e62&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Draft%20Giveaway%20%7C%20GEHA&p=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&r=&lt=3695&evt=pageLoad&sv=1&rn=679000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Apr 2024 09:52:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 48F7DBC1995E4A31A47C8963B8C96B22 Ref B: FRAEDGE1408 Ref C: 2024-04-10T09:52:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 29a50b68-d5e7-4019-8575-7fea0adbb21f.js Show response
tr.snapchat.com/config/com/ 191 B
457 B 169ms
115ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/29a50b68-d5e7-4019-8575-7fea0adbb21f.js?v=3.14.1-2404091850

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

1ec56f04262e2768528f45618c5c0d9a23d1c4d0680a1b03ca4a2e6f23af98b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.geha.com
x-envoy-upstream-service-time: 97
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191

GET
H2 200 i
tr.snapchat.com/cm/ Frame 56F7 0
0 55ms
18ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=29a50b68-d5e7-4019-8575-7fea0adbb21f&u_scsid=b1d8fdbb-e7e0-4763-9311-fcc3468fe549&u_sclid=2763fb5c-b527-4e7d-b0ad-012a8d647b2e

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 10 Apr 2024 09:52:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 68ms
31ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-14&cid=714657547.1712742775&jid=894688539&npa=1&_u=YGBACEAABAAAACAAI~&z=603755575

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 76ms
32ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-14&cid=714657547.1712742775&jid=894688539&npa=1&_u=YGBACEAABAAAACAAI~&z=603755575

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 66ms
30ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-15&cid=714657547.1712742775&jid=341341757&npa=1&_u=YGDACEABBAAAACAAI~&z=1536986399

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 74ms
32ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-15&cid=714657547.1712742775&jid=341341757&npa=1&_u=YGDACEABBAAAACAAI~&z=1536986399

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 66ms
31ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-1&cid=714657547.1712742775&jid=1959559207&npa=1&_u=YGDACEABBAAAACAAI~&z=1844696951

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 73ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-1&cid=714657547.1712742775&jid=1959559207&npa=1&_u=YGDACEABBAAAACAAI~&z=1844696951

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 getBucket Show response
api-engage-us.sitecorecloud.io/v2/ 63 B
265 B 143ms
142ms Fetch
application/json 2606:4700::6812:100a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v2/getBucket
Requested by: Host: d35vb5cccm4xzp.cloudfront.net
URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/web-lib.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 603f0e22eb369c841830a46c051c5a127c01f2dc2422ab4de08f361451caab02

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
x-correlation-id: 3aef84f7-1323-434e-a66e-c0e312802464
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 8721d8c7df459162-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 624 B
788 B 301ms
265ms XHR
application/json 2a02:26f0:7100:585::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=7JTKV-XPJV9-YRVS3-M2J45-ZYZNN&d=www.geha.com&t=5709143&v=1.632.0&sl=0&si=qcotwznatag-sbq0s6&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=624528
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:585::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 52191ecde7930076e7bc9a9d07929d77bde3e770e2386d061d41fefbb735dc25

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 10 Apr 2024 09:52:55 GMT
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 624
content-type: application/json

GET
H2 200 343096952 Show response
www.clarity.ms/tag/uet/ 846 B
1 KB 148ms
101ms Script
application/x-javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343096952
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343096952.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a01b5d82a5c926ebf8730c2c74080a86cc3dadc6036dab5b2467071a9bf108a7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Wed, 10 Apr 2024 09:52:55 GMT
x-azure-ref: 20240410T095254Z-164d799447dqrlc9v5eq7pzpxw00000005gg000000003u58
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 846
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

OPTIONS
H3 200 getBucket
api-engage-us.sitecorecloud.io/v2/ Frame 0
0 122ms
121ms Preflight
text/plain 2606:4700::6812:100a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v2/getBucket
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version
access-control-allow-methods: HEAD,GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1800
allow: POST,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8721d8c71e369162-FRA
content-length: 13
content-type: text/plain
date: Wed, 10 Apr 2024 09:52:55 GMT
server: cloudflare
x-correlation-id: 3d6de4bc-3188-404b-8ec1-2efc407779cb
x-robots-tag: noindex

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 51ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=275288828831386&ev=PageView&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&rl=&if=false&ts=1712742775020&sw=800&sh=600&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1712742775019.595888291&ler=empty&cdl=API_unavailable&it=1712742774849&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1326, tbw=2775, tp=-1, tpl=-1, uplat=1, ullat=-1
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 Apr 2024 09:52:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.27/ 60 KB
25 KB 17ms
16ms Script
application/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.27/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343096952
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 23:38:07 GMT
etag: W/"0x8DC536DF2EAB768"
vary: Accept-Encoding
x-azure-ref: 20240410T095255Z-164d799447dqrlc9v5eq7pzpxw00000005gg000000003u5h
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f2934aaf-601e-0050-7740-89ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H3 200 p
tr.snapchat.com/ 0
15 B 34ms
23ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.geha.com
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 / Show response
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 10 KB
5 KB 127ms
25ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1712742775116

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280110c8e4930b538ef2ef65a94c1d4b19722ed07108e74ed38031fbcd34bfda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 493125
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"26bb-QMvWo0ATYtXMnuRBXMbMvYjBdak"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8721d8c91f03365c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C233DA8B03DF49A6BB1C0C19B16F257E&RedC=c.clarity.ms&MXFR=34C8D04B4E546B74097BC4164A54657F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C233DA8B03DF49A6BB1C0C19B16F257E&MUID=2BF5FE67ABAF66C700B6EA3AAAC4679F

42 B
466 B

128ms
126ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C233DA8B03DF49A6BB1C0C19B16F257E&MUID=2BF5FE67ABAF66C700B6EA3AAAC4679F
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:55 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 01DD9AC013BC45E5B9797ED142D8C24C Ref B: VIEEDGE2910 Ref C: 2024-04-10T09:52:55Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C233DA8B03DF49A6BB1C0C19B16F257E&MUID=2BF5FE67ABAF66C700B6EA3AAAC4679F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 up
insight.adsrvr.org/track/ Frame 2543 0
0 134ms
33ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=iu2zbne&ref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&upid=ms4t6e7&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Wed, 10 Apr 2024 09:52:55 GMT
server: Kestrel

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
13ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=299120672&t=event&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&ul=en-us&de=UTF-8&dt=Draft%20Giveaway%20%7C%20GEHA&sd=24-bit&sr=800x600&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fdraftgiveaway&el=25%25&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=714657547.1712742775&tid=UA-18563403-15&_gid=727756623.1712742775&gtm=45He4480n81PCSXPNDv79625355za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=497068140

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 07:52:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7220
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
www.geha.com/~/media93/Files/ 3 KB
3 KB 37ms
19ms Other
image/x-icon 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Files/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ec0bebf0577f413bd3cd829dc4880527f790f20f64620e1c03625feac77c8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 30 Jul 2021 18:25:22 GMT
etag: a4720147a38f42369ca54504a28cdeda
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: public, max-age=75597
content-disposition: inline; filename="favicon.ico"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712742775166_34901589_100578967_44_12140_6_0_219";dur=1
accept-ranges: bytes
content-length: 2967
x-xss-protection: 1; mode=block

GET
H2 204 0
bat.bing.com/action/ 0
236 B 40ms
26ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343096952&tm=gtm002&Ver=2&mid=4e681b9d-f7a7-4a9f-a840-5b4785a6f162&sid=1a607e30f72011ee93923fe28b9afee1&vid=1a60a360f72011eeb68055b81e909e62&vids=0&msclkid=N&gtm_tag_source=ua&ec=Scroll%20Depth&el=25%25&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway&sw=800&sh=600&sc=24&evt=custom&rn=448275

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Apr 2024 09:52:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 639A2D9177454759A987B41A09CB5934 Ref B: FRAEDGE1408 Ref C: 2024-04-10T09:52:55Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 158ms
29ms XHR
text/plain 34.245.244.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5b8e94d0cea07b0016000061&sAW=800&sAH=600&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=664&cE=711&dLE=664&dLS=664&fS=621&hS=671&rE=-1&rS=-1&reS=711&resS=1803&resE=1804&uEE=-1&uES=-1&dL=1807&dI=3695&dCLES=3695&dCLEE=3695&dC=4382&lES=4382&lEE=4387&s=nt&title=Draft%20Giveaway%20%7C%20GEHA&path=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway&ref=&sId=2bpmznml&sST=1712742775&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5b8e94d0cea07b0016000061.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.244.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-244-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 10 Apr 2024 09:52:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 191ms
33ms XHR
text/plain 34.245.244.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=555b6812abe53d462fed7a74&sAW=800&sAH=600&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=664&cE=711&dLE=664&dLS=664&fS=621&hS=671&rE=-1&rS=-1&reS=711&resS=1803&resE=1804&uEE=-1&uES=-1&dL=1807&dI=3695&dCLES=3695&dCLEE=3695&dC=4382&lES=4382&lEE=4387&s=nt&title=Draft%20Giveaway%20%7C%20GEHA&path=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway&ref=&sId=2bpmznml&sST=1712742775&sIS=2&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-555b6812abe53d462fed7a74.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.244.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-244-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 10 Apr 2024 09:52:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

POST
H/1.1 204
No Content collect Show response
m.clarity.ms/ 0
292 B 1157ms
662ms XHR
text/plain 20.120.124.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.124.64 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.geha.com
Date: Wed, 10 Apr 2024 09:52:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

POST
H2 200 p
tr6.snapchat.com/ 0
192 B 75ms
18ms Ping
text/plain 2600:1901:0:7628::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 12.00593e070a6f1562a8b4.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 73 KB
21 KB 45ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1712742775116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 120366
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"125c9-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8721d8c98f5e365c-FRA

POST
H2 204 /
02179911.akstat.io/ 0
224 B 141ms
138ms Ping
image/gif 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179911.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:52:55 GMT
content-type: image/gif
access-control-allow-origin: https://www.geha.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Wed, 10 Apr 2024 09:52:55 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 6 KB
2 KB 140ms
140ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_e9klljEUcZhtwjz&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

144ec558a262a9455c1c8887490af6d31a8eeb774346865bf027cf112aaaff07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 6a15c79bb8b7db14
timing-allow-origin: *
cf-ray: 8721d8c9df90365c-FRA

POST
H3 200 p
tr.snapchat.com/ 0
15 B 24ms
20ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.geha.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 28ms
28ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 120366
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"19639-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8721d8cab886365c-FRA

GET
H2 200 7.7f92166a279ec8ccbb92.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 40ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.7f92166a279ec8ccbb92.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1712742775116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 120366
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"b52-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8721d8cb2906365c-FRA

GET
H2 200 1.2211346a24b96c334744.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 38ms
24ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.2211346a24b96c334744.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1712742775116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 120366
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"73f8-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8721d8cb2909365c-FRA

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
2 KB 37ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2187d3e1658333a52c71a3af9ae48d7827e7f8bc807933270f5c4e0e76d6841b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 113776
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"dd8-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8721d8cb290a365c-FRA

GET
H2 200 EmbeddedTargetModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 8 KB
3 KB 45ms
35ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a0926f2aa7b312c78c1a1d0a0d521de4e8041c84bd41e4011f61df90704141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 120335
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"2110-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8721d8cb290c365c-FRA

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 26 KB
1 KB 126ms
61ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_235GQw7FfA9GcHH&Version=41&Q_ORIGIN=https://www.geha.com&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b962aaf5db26038343e4476e43467e3bbbf712f1b3cef1315637b8424d3af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 533502
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Apr 2024 05:41:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8721d8cb78cb9119-FRA
expires: Sun, 02 Apr 2034 05:41:12 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 325 B
888 B 81ms
17ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9ALP9yWEj1lFJyJ&Version=4&Q_InterceptID=SI_235GQw7FfA9GcHH&Q_ORIGIN=https://www.geha.com&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 454556
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 03:36:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8721d8cb78cc9119-FRA
expires: Mon, 03 Apr 2034 03:36:59 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
206 B 41ms
32ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9ALP9yWEj1lFJyJ&Q_SIID=SI_235GQw7FfA9GcHH&Q_ASID=AS_59028053&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&r=1712742775678

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 10 Apr 2024 09:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 87b956a45fc0d6b7
cf-ray: 8721d8cc09429119-FRA

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 872ms
212ms Image
image/png 23.200.61.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_elF0WfBnxSXZgMt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.61.87 Tempe, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-200-61-87.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 09:52:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=Feedback_Darker_Smaller.png
content-length: 1825
x-request-id: dbe1ae32-3286-4a5e-ba09-e9bac1921184
referrer-policy: strict-origin-when-cross-origin
etag: "be2052dd6274e8cbe6a39a1838288fcf"
content-type: image/png
access-control-allow-origin: *
x-transaction-id: d3f0df7d-5d48-42f3-8a59-17a5f1c556d7
cache-control: public, max-age=9
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Wed, 10 Apr 2024 09:53:05 GMT

POST
H/1.1 204
No Content collect Show response
m.clarity.ms/ 0
292 B 409ms
286ms XHR
text/plain 20.120.124.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.124.64 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.geha.com
Date: Wed, 10 Apr 2024 09:52:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

POST
H/1.1 204
No Content collect Show response
m.clarity.ms/ 0
292 B 194ms
193ms XHR
text/plain 20.120.124.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.124.64 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.geha.com
Date: Wed, 10 Apr 2024 09:52:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T5EYR6VXJ8&gtm=45je4480v884583046z879625355za200&_p=1712742773586&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=714657547.1712742775&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1712742774&sct=1&seg=0&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&dt=Draft%20Giveaway%20%7C%20GEHA&en=scrollDepth&ep.ec=Scroll%20Depth&ep.ea=%2Fdraftgiveaway&ep.el=25%25&_et=357&tfd=9423
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5EYR6VXJ8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 09:53:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cloud.info.geha.com
URL: https://cloud.info.geha.com/draft

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 19:47:09	Name: X-AB Value: 38b33afdb36f494aa03f175381ce5c1b
.geha.com/	1970-01-20 19:50:01	Name: utm Value: Partnerships - 24 - Brand Awareness - Email - NFL Draft Giveaway - Prospects - National_S24WTE0GINAP
.geha.com/	1969-12-31 23:59:59	Name: gw2_ck_1 Value: tp5sfrgdw21uzbj13vnfsukm
.geha.com/	1970-01-21 05:21:42	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: b9e3dc57088d447f8a303e64e94efcef\|False
.geha.com/	1969-12-31 23:59:59	Name: sxa_site Value: GEHA-CD
.geha.com/	1970-01-20 19:45:49	Name: ak_bmsc Value: C7B8C1D5574F3032437947B7C21176DF~000000000000000000000000000000~YAAQVY4UAitrZcOOAQAAI69sxxfQlWWUFfcQy2/lT0sntJKojzYNiFycpRsozKhuT2Syl+j/s+AWimn62Qr0cfvK3JOGHiarL8X9clpXB90lp+RA7gBdb2ChkCvlSdGyaFLCzgRJVdBFVa4YN5DItTkX3j1eraKygJUPn8adbBvsJKrhfEfMfvGXxcMuPq+p2cmYr+QkOQQyFs40S0EdDRT9lNkHTqk1xYs0n8KJ2n9DM9kvq4hyDbA/cBMdqSTiC8jQxrTeu/Ldx1HXy0H0p6rDYWcI9HPfskGnaup17Lrxqw+X9bg6SVX1vgB/XQk2B1JlZqXu6hUyb437U1PZyKHpqGP+QNZQ8m4uEDkchKDu1ExL2S+RLAxmQMFyC0V4pt/PnCpUvVZ3c5YY21x56fkqv4lFhY7d/f4ddN5skA==
.geha.com/	1970-01-20 21:55:18	Name: _gcl_au Value: 1.1.1870718802.1712742774
.geha.com/	1970-01-20 19:55:47	Name: RT Value: "z=1&dm=geha.com&si=qcotwznatag&ss=lutmtq6a&sl=0&tt=0"
.geha.com/	1970-01-21 04:31:18	Name: bid_b9c1f091c924864e2a26574bbef92243 Value: feba8773-3003-4153-9e8f-435a314ac7f0
.geha.com/	1970-01-20 19:45:49	Name: bm_sv Value: 2F975D05B6DB555E3EFA825501D38225~YAAQVY4UAjprZcOOAQAAV7dsxxch1jQ6s7ymHckqmy6YhT86MWP8XlcDXch5qkAL7EOhmdOHrTh2cocr2vB5kWvaExPS2L4VRWfGKGCK7fHMuFoVWs/jatM2pZY1KRt2s05fskW4wMDJS6iXgCE9lpg1K8TK4X4y+3hFqDQqAtxghXmBIH6QgMRfDa9qGRlhuaF/tiDK7MHDJDxdahBt2DfEZlxN2YEG6qFQb+hFB6vDzt8RJWTV6aOIPHj3nQ==~1
.geha.com/	1970-01-20 19:47:09	Name: _gid Value: GA1.2.727756623.1712742775
.geha.com/	1970-01-20 19:45:42	Name: _gat_UA-18563403-14 Value: 1
.geha.com/	1970-01-20 19:45:42	Name: _gat_UA-18563403-1 Value: 1
.geha.com/	1970-01-20 19:45:42	Name: _gat_UA-18563403-15 Value: 1
.geha.com/	1970-01-21 05:15:29	Name: _scid Value: 5a05cec4-d002-46b8-b06b-a14b18901cd3
.geha.com/	1970-01-21 05:15:29	Name: _scid_r Value: 5a05cec4-d002-46b8-b06b-a14b18901cd3
.doubleclick.net/	1970-01-20 19:45:43	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 00:04:54	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 05:07:18	Name: MUID Value: 2BF5FE67ABAF66C700B6EA3AAAC4679F
.t.co/	1970-01-21 05:21:42	Name: muc_ads Value: 9ab034a0-fa5c-4d03-9c3f-c21d1a4d9ec1
.geha.com/	1970-01-20 21:55:18	Name: _fbp Value: fb.1.1712742775019.595888291
.twitter.com/	1970-01-21 05:21:42	Name: personalization_id Value: "v1_sqACUVno/ty/F+plNGsQGw=="
www.clarity.ms/	1970-01-21 04:31:18	Name: CLID Value: 61b81661373c4c02aabc5c9eca603e79.20240410.20250410
.geha.com/	1970-01-21 04:31:18	Name: _clck Value: 79x773%7C2%7Cfkt%7C0%7C1561
.geha.com/	1970-01-21 05:21:42	Name: _ga Value: GA1.2.714657547.1712742775
.geha.com/	1970-01-21 05:21:42	Name: _ga_T5EYR6VXJ8 Value: GS1.1.1712742774.1.0.1712742775.0.0.0
.geha.com/	1970-01-20 19:47:09	Name: _uetsid Value: 1a607e30f72011ee93923fe28b9afee1
.geha.com/	1970-01-21 05:07:18	Name: _uetvid Value: 1a60a360f72011eeb68055b81e909e62
www.geha.com/	1969-12-31 23:59:59	Name: bx_bucket_number Value: 42
www.geha.com/	1969-12-31 23:59:59	Name: bx_guest_ref Value: 58f26511-291b-47ca-979c-cf77ed845833
.bing.com/	1970-01-21 05:07:18	Name: MSPTC Value: r7fSc_GRGpLHM-65v_RXtfpjvhgrkKcrXTjWP6nT55o
.c.bing.com/	1970-01-20 19:55:47	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:07:18	Name: SRM_B Value: 2BF5FE67ABAF66C700B6EA3AAAC4679F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:07:18	Name: MUID Value: 2BF5FE67ABAF66C700B6EA3AAAC4679F
.c.clarity.ms/	1970-01-20 19:55:47	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:45:43	Name: ANONCHK Value: 0
.geha.com/	1970-01-20 19:47:09	Name: _clsk Value: 1iyt8cc%7C1712742776393%7C1%7C1%7Cm.clarity.ms%2Fcollect

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloud.info.geha.com/openseasonplanreminders Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/275288828831386?v=2.9.153&r=stable&domain=www.geha.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179911.akstat.io
13916293.fls.doubleclick.net
analytics.twitter.com
api-engage-us.sitecorecloud.io
bat.bing.com
c.bing.com
c.clarity.ms
c.go-mpulse.net
click.info.geha.com
cloud.info.geha.com
connect.facebook.net
d1mj578wat5n4o.cloudfront.net
d35vb5cccm4xzp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
js.adsrvr.org
ka-p.fontawesome.com
kit.fontawesome.com
m.clarity.ms
p.typekit.net
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.go-mpulse.net
sc-static.net
siteintercept.qualtrics.com
sjc1.qualtrics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
use.typekit.net
www.clarity.ms
www.facebook.com
www.geha.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
cloud.info.geha.com
104.17.208.240
104.244.42.197
104.244.42.67
13.111.100.248
13.111.118.55
142.250.184.198
143.204.207.250
146.75.120.157
18.172.103.101
18.66.92.5
20.120.124.64
2001:4860:4802:34::36
23.200.61.87
2600:1901:0:7628::
2600:9000:235a:9c00:3:35f2:c540:21
2606:4700:10::6816:3668
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2606:4700::6812:100a
2620:1ec:46::67
2620:1ec:c11::237
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a01:111:202c::237
2a02:26f0:3100:782::11a6
2a02:26f0:3500:16::215:1495
2a02:26f0:7100:585::11a6
2a02:26f0:ab00::214:8e59
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.33.220.150
34.245.244.146
35.190.43.134
68.219.88.97
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b
0ec0bebf0577f413bd3cd829dc4880527f790f20f64620e1c03625feac77c8de
144ec558a262a9455c1c8887490af6d31a8eeb774346865bf027cf112aaaff07
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71
166b640351aa645b6af02b1013bc7fbead2822e44d773deba0b35f4053d0e94a
1a4bf8a4ca374508387fc27de382cbbe01a6ace9f7bb3c1618884b7b86dd6c60
1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c7882b2f752b919403760ad46b27766e083057a64521496c046a3b0cc9bf093
1ec56f04262e2768528f45618c5c0d9a23d1c4d0680a1b03ca4a2e6f23af98b8
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593
2187d3e1658333a52c71a3af9ae48d7827e7f8bc807933270f5c4e0e76d6841b
277b8bd1952e82623693dc9123e1c2186cf0ac9436d4059dffe4ad732d2da5a3
280110c8e4930b538ef2ef65a94c1d4b19722ed07108e74ed38031fbcd34bfda
286dc7cf3eb0c6c06c2fb54d779f82bf342bbf766861f7aba001408bcb391828
3487c89cbf4176ba31dee9f3fb221bab9b05753f689e372d9c03e71c78b8e3c1
36cbe98f9a9327afce4c79a1c0a9d43e076d3b2ae36e68f7c40b7cbc41d95931
416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c
427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f
43bf46697a74707dd319e2549eb7e7ad414d629c257da2dfc02e082a7a7290c7
442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d
4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56
482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee
486cb6639529a37f8755f3fda22b724e26ea0cfca10de5bae934da56e2d6022c
4a03bf7ced19a69e890c91f9da53453fb0f4d6ef8c366383cacd2f510794aba9
4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d2594afe30fbd3142c9ec683a95629cd01010be1de052e5d1f55843cb073961
4e2cdf9cca01d18c643530e9704e33d2f2f8d03bcf260ff6647e78d9129eaf65
4e43974dcd89e9262d9c19ddfc9ce50400414c01abbe784eebf8e8d785503d64
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13
52191ecde7930076e7bc9a9d07929d77bde3e770e2386d061d41fefbb735dc25
52d20221e2d19cdda8a7cc2bafb07fa61ee1759a15760ce5bfe09a9aa00e3237
54663060575cba473bf32efae0bcc0f0d20f26d3f57987dc1fb62647a5a78d14
5fd7281dafc44afbbb34847a7c8dfff204d017418103d96eb401ade5c1f6012c
603f0e22eb369c841830a46c051c5a127c01f2dc2422ab4de08f361451caab02
66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b
69b5bf55d7810b68cf8c0a9b929581508d8924ebaf9bfd26ebbd094704bc10f6
69b635282e06504d447e9dd8fe4c90c5bd308a8ffdc2da080243d51a65df81bd
7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e
71e970680812d5265281f05a10ae287a5739c582d03a027ef3b3f2e02166ec21
773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73
7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
7ae91a1dbaa74648b3a37a89b46257eebe9203f54ad4896f69a92f671c59b8d5
7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82b962aaf5db26038343e4476e43467e3bbbf712f1b3cef1315637b8424d3af6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8339750b4cf72003f5f74e7f645b822a44345c58d724e7e0c321daec71f31c68
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109
8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b
91885b79eafb9db3b3b6bccd7d3927f3cea7bc0a006fe3a6b625787d413fc412
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91af8f8604e6cbcb00a3ff4056f9fce3090c1ffca25400650895832c03b34ac5
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
96a0926f2aa7b312c78c1a1d0a0d521de4e8041c84bd41e4011f61df90704141
984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a01b5d82a5c926ebf8730c2c74080a86cc3dadc6036dab5b2467071a9bf108a7
a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f
a5d59965fc50d217015f96f657880ade0fcbc85b9cc15b5fc20f097a25be9a63
a744689eaea9c2297d24cc71eabc18ba8e0d0bede95af6c01af0b3d7376feddf
a89224e3776513856c140c4f3f8a1d8da2c4978033d1bfd0d7363c0823e2591c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b22e59a43368a038b4fa5030f5c0c00f7598b6cfb135e69aae52e7bacead1649
b25dad76fe59d69f4d9fa61b6b7ace7ab21c599b683280f27213cfae2ffa7d9b
b65ecc819f4b7a1056b90009ae39134cd681a53a70c845104ec132820a37630b
babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf99991359fbb6e575a809280eb26d7f2408710608ccb222788324c6c1ac753f
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dd8f33992c58515312dbc2abd8620d0cca4e04f5a90e69f4dbfe7952dd771a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02
faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318
fb56f17a4fe738143ac04ca01897e7ae5980eab0a5aaf0ebad8c6a2d09e39d90

www.geha.com Open in urlscan Pro 2a02:26f0:ab00::214:8e59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

98 %HTTPS

58 %IPv6

26 Domains

42 Subdomains

37 IPs

6 Countries

2121 kBTransfer

7805 kBSize

38 Cookies

7 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e59 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

98 %
HTTPS

58 %
IPv6

26
Domains

42
Subdomains

37
IPs

6
Countries

2121 kB
Transfer

7805 kB
Size

38
Cookies

129 HTTP transactions
0 data transactions