urlscan.io logo urlscan.io
SecurityTrails logo

www.geha.com Open in urlscan Pro
2a02:26f0:f1::48f7:b369  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.info.geha.com/?qs=61707e9bab9e5f3758420e5039433d3f938291d346d8bf51c924f81bc8c922e9b89295da5aadba871de64633e5d8...
Effective URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=...
Submission: On November 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 5 countries across 20 domains to perform 82 HTTP transactions. The main IP is 2a02:26f0:f1::48f7:b369, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is www.geha.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 14th 2020. Valid for: 2 years.
This is the only time www.geha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.100.248 22606 (EXACT-7)
1 26 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.111.118.55 22606 (EXACT-7)
4 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 199.232.56.157 54113 (FASTLY)
1 216.58.205.226 15169 (GOOGLE)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2 172.217.21.230 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 143.204.206.235 16509 (AMAZON-02)
2 3.12.179.184 16509 (AMAZON-02)
2 52.21.0.32 14618 (AMAZON-AES)
1 104.244.42.69 13414 (TWITTER)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
10 104.17.209.240 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
1 63.34.37.82 16509 (AMAZON-02)
2 99.80.130.108 16509 (AMAZON-02)
1 92.122.106.46 16625 (AKAMAI-AS)
82 27
1    13.111.100.248 (United States)

ASN22606 (EXACT-7, US)
PTR: click.info.geha.com
click.info.geha.com
26    2a02:26f0:f1::48f7:b369 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
www.geha.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.111.118.55 (United States)

ASN22606 (EXACT-7, US)
PTR: cloud.info.geha.com
cloud.info.geha.com
4    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    199.232.56.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net
www.googleadservices.com
2    2a02:26f0:10c:582::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    172.217.21.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f6.1e100.net
10009673.fls.doubleclick.net
2    2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    143.204.206.235 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-206-235.fra53.r.cloudfront.net
js.adsrvr.org
2    3.12.179.184 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-179-184.us-east-2.compute.amazonaws.com
collector-8199.tvsquared.com
2    52.21.0.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-0-32.compute-1.amazonaws.com
100004105.collect.igodigital.com
nova.collect.igodigital.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
3    2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    63.34.37.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-37-82.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
2    99.80.130.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-130-108.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
1    92.122.106.46 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-106-46.deploy.static.akamaitechnologies.com
sjc1.qualtrics.com
Domain Requested by
26 www.geha.com 1 redirects www.geha.com
cloud.info.geha.com
9 siteintercept.qualtrics.com zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
siteintercept.qualtrics.com
4 www.facebook.com www.geha.com
4 www.google.de www.geha.com
4 www.google.com www.geha.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 stats.g.doubleclick.net www.google-analytics.com
3 connect.facebook.net www.geha.com
connect.facebook.net
2 rum-collector-2.pingdom.net rum-static.pingdom.net
2 px.ads.linkedin.com 1 redirects www.geha.com
2 collector-8199.tvsquared.com www.geha.com
2 rum-static.pingdom.net www.googletagmanager.com
2 10009673.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 bat.bing.com www.googletagmanager.com
www.geha.com
2 cloud.info.geha.com www.geha.com
cloud.info.geha.com
1 sjc1.qualtrics.com
1 insight.adsrvr.org js.adsrvr.org
1 analytics.twitter.com static.ads-twitter.com
1 zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com www.geha.com
1 nova.collect.igodigital.com cloud.info.geha.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.linkedin.com 1 redirects
1 t.co www.geha.com
1 100004105.collect.igodigital.com cloud.info.geha.com
1 js.adsrvr.org www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.googletagmanager.com www.geha.com
1 click.info.geha.com 1 redirects
82 30
Subject Issuer Validity Valid
*.geha.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2022-02-15		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
cloud.info.geha.com
DigiCert SHA2 Secure Server CA		 2019-01-07 -
2021-01-11		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2020-10-27 -
2021-04-27		 6 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.pingdom.net
DigiCert SHA2 High Assurance Server CA		 2019-11-08 -
2021-01-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.tvsquared.com
Amazon		 2020-10-16 -
2021-11-14		 a year crt.sh
*.collect.igodigital.com
DigiCert SHA2 Secure Server CA		 2020-02-14 -
2021-02-18		 a year crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
www.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Frame ID: 6080A0309278AD713564AE3B479A453B
Requests: 71 HTTP requests in this frame

Frame: https://cloud.info.geha.com/openseasonplanreminders
Frame ID: DD1F327C0E0C340A37F25229E79CC3C1
Requests: 5 HTTP requests in this frame

Frame: https://www.geha.com/TSPD/?type=21
Frame ID: 320135A337BC817213CB335D330DC771
Requests: 4 HTTP requests in this frame

Frame: https://10009673.fls.doubleclick.net/activityi;dc_pre=CKaqiZTXh-0CFQvquwgdufoGBQ;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378
Frame ID: FCE254F7BA44A5FE26F5BE8ACE2043E5
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=uduech0&ref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&upid=opjy0g4&upv=1.1.0
Frame ID: EDC738D1B7A70DA860FD58194B430F02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.info.geha.com/?qs=61707e9bab9e5f3758420e5039433d3f938291d346d8bf51c924f81bc8c922e9b89295da... HTTP 302
    https://www.geha.com/about-us/privacy-and-security/privacy-policy?utm_medium=email&utm_campaign=P... HTTP 302
    https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_sour... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

82
Requests

100 %
HTTPS

52 %
IPv6

20
Domains

30
Subdomains

27
IPs

5
Countries

1217 kB
Transfer

4788 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.info.geha.com/?qs=61707e9bab9e5f3758420e5039433d3f938291d346d8bf51c924f81bc8c922e9b89295da5aadba871de64633e5d8c5f1f25e615d833a545627ef6dc85720b195 HTTP 302
    https://www.geha.com/about-us/privacy-and-security/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378 HTTP 302
    https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://10009673.fls.doubleclick.net/activityi;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378 HTTP 302
  • https://10009673.fls.doubleclick.net/activityi;dc_pre=CKaqiZTXh-0CFQvquwgdufoGBQ;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378
Request Chain 47
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1805946&time=1605550890707&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1805946%26time%3D1605550890707%26url%3Dhttps%253A%252F%252Fwww.geha.com%252Flegal%252Fprivacy-policy%253Futm_medium%253Demail%2526utm_campaign%253DProspect%252BEmail%252B2%2526utm_source%253DSFMC%2526utm_content%253DPrivacy%252BPolicy%2526utm_term%253D20201028_464492_181348378%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1805946&time=1605550890707&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&liSync=true

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request privacy-policy
www.geha.com/legal/
Redirect Chain
  • https://click.info.geha.com/?qs=61707e9bab9e5f3758420e5039433d3f938291d346d8bf51c924f81bc8c922e9b89295da5aadba871de64633e5d8c5f1f25e615d833a545627ef6dc85720b195
  • https://www.geha.com/about-us/privacy-and-security/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
  • https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
73 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
0c19be07401cf8091d1c0bf9b3a42e2f90508da5fac76ae6a1a4123046ca4e9f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.geha.com
:scheme
https
:path
/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
'nosniff'
vary
Accept-Encoding
content-encoding
gzip
date
Mon, 16 Nov 2020 18:21:29 GMT
content-length
12676
set-cookie
utm=Prospect Email 2; expires=Thu, 19-Nov-2020 18:21:28 GMT; path=/;Domain=geha.com gw2_ck_1=rv22camf2sl3re4ahi2w31zx; path=/; HttpOnly; SameSite=Lax;Domain=geha.com SC_ANALYTICS_GLOBAL_COOKIE=feefb1b54ca64145ae66348f2ffafdea|False; expires=Thu, 14-Nov-2030 18:21:28 GMT; path=/; HttpOnly;Domain=geha.com sxa_site=GEHA-CD; path=/;Domain=geha.com BIGipServergehaweb-prd-pool=!MEMqBgZb6kzu+D8D5DdGsCFeo2GSyCMIp5O6wfOAOS7/ZU0hSSvElEIistAg5ezc/Zes/37oWOUzCxI=; path=/; Httponly; Secure;Domain=geha.com TS87aa08af027=0823751556ab2000d8d84757b38726ef2e9e69532a919ed5c90dd17fe1b3fd6ec141b309990f2238085533b597113000b8ff3c2f0e99ce8a8d941850edb2797ed7845ec45e447f79acc5db848b193abb94dd5ab1c6790aef160460c850113a5b;Path=/
strict-transport-security
max-age=15768000 ; includeSubDomains

Redirect headers

status
302
location
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
server
BigIP
content-length
0
date
Mon, 16 Nov 2020 18:21:28 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains
/
www.geha.com/TSPD/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/TSPD/?type=18
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
49cd1fdd08b7c2927ea54048a04255d7668682a1db997371034ca2203a9f2c8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=15768000 ; includeSubDomains
content-length
2447
optimized-min.css
www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/optimized-min.css?t=20200827T195651Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Thu, 27 Aug 2020 19:56:52 GMT
etag
71297b75a810417dbeaa71ed60eeb6e1
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=22651
content-disposition
inline; filename="optimized-min.css"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
3484
x-xss-protection
1; mode=block
optimized-min.css
www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/ 		132 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/optimized-min.css?t=20200827T195655Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Thu, 27 Aug 2020 19:56:55 GMT
etag
ce6ee85a7b12434db7432b07e23a3fb3
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=2953
content-disposition
inline; filename="optimized-min.css"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
22078
x-xss-protection
1; mode=block
optimized-min.css
www.geha.com/~/media93/Base-Themes/Main-Theme/styles/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/Main-Theme/styles/optimized-min.css?t=20200827T195655Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Thu, 27 Aug 2020 19:56:55 GMT
etag
6372475ce6d84be89cb6f802e93a10b4
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=22630
content-disposition
inline; filename="optimized-min.css"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
1636
x-xss-protection
1; mode=block
optimized-min.css
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/ 		710 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20201113T191946Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
43b2d6dfa9e793a4cfedc82e1a1697906b59f88d87d3a48430e2ba9a664c1b68
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Fri, 13 Nov 2020 19:19:46 GMT
etag
1f92f75ea7ab4beab6ac11f956d5bd3e
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=72265
content-disposition
inline; filename="optimized-min.css"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
102599
x-xss-protection
1; mode=block
VisitorIdentification.js
www.geha.com/layouts/system/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/layouts/system/VisitorIdentification.js
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
'nosniff'
status
200
vary
Accept-Encoding
content-length
732
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
last-modified
Mon, 10 Sep 2018 14:56:14 GMT
x-frame-options
SAMEORIGIN
date
Mon, 16 Nov 2020 18:21:29 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains
content-type
application/javascript
x-stackifyid
V2|a5d99e04-232b-48f8-88b7-1ced1196c33c|C57524|CD4989
etag
"0bb5d6b1649d41:0"
accept-ranges
bytes
geha.png
www.geha.com/~/media93/Project/GEHA/shared/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geha.com/~/media93/Project/GEHA/shared/geha.png?h=135&w=550&la=en&hash=6A9419DEDA474BA8DF91728302A3ACB2
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6ee63129187222048f035c8334888843c8e97982524fde76ff06ac9ac0ef4da5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
x-content-type-options
'nosniff'
last-modified
Fri, 15 May 2020 22:34:33 GMT
etag
ca5381eaabb642f98ac47f4c2eb4bc87
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
public, max-age=22634
content-disposition
inline; filename="geha.png"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
content-length
9339
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/ 		1 MB
306 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20200827T195654Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Aug 2020 19:56:55 GMT
etag
8baf0bdc49704848a6471ebdc846f458
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=74088
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
312095
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Base-Themes/XA-API/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/XA-API/Scripts/optimized-min.js?t=20200827T195655Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Aug 2020 19:56:55 GMT
etag
5be653ac78744f7d97cba1608449bcba
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=51535
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
855
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/optimized-min.js?t=20200827T195655Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Thu, 27 Aug 2020 19:56:55 GMT
etag
22022d7a42a74551a993fc029672e573
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=30969
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
962
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/optimized-min.js?t=20200827T195656Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Thu, 27 Aug 2020 19:56:56 GMT
etag
750b73c7979149ac890e2076ccec9c55
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=30984
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
1930
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Base-Themes/Maps/Scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/Maps/Scripts/optimized-min.js?t=20200827T195656Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Thu, 27 Aug 2020 19:56:56 GMT
etag
377a801b28b74d74afb8acef00213774
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=51592
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
3035
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/ 		76 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/optimized-min.js?t=20200827T195656Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
4d6bfadf55c321ce0c42fa677d14d2d2e86c6662fdb5de760616ec407723e1ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Thu, 27 Aug 2020 19:56:56 GMT
etag
62f3088b3e4443d2b142d3ab5b75ba8f
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=30908
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
18147
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/optimized-min.js?t=20200827T195657Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Aug 2020 19:56:57 GMT
etag
b6ebb8b7f6cf47eb801a71804e059fd7
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=30915
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
14937
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/ 		19 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/optimized-min.js?t=20200827T195657Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Aug 2020 19:56:57 GMT
etag
50d3cc32172d4498840c7914860c4029
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=30980
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
content-length
19
x-xss-protection
1; mode=block
optimized-min.js
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/ 		328 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/optimized-min.js?t=20201113T191944Z
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ba9dc31b0f6ab38657d353f50bb99eadb9ce5d6d7f83501d97d0faa43d2619c6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Fri, 13 Nov 2020 19:19:44 GMT
etag
ce006f05f4764a9dae8389bfaaa01bc2
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
status
200
cache-control
public, max-age=72207
content-disposition
inline; filename="optimized-min.js"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
91664
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		384 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76cb2e52b9e4249d2e67db670cf19086afb508febee0e00fda321d1e0656431f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68293
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Nov 2020 18:21:29 GMT
openseasonplanreminders
cloud.info.geha.com/ Frame DD1F 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cloud.info.geha.com/openseasonplanreminders
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.118.55 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
cloud.info.geha.com
Software
/
Resource Hash
ae9f6a305bef21d57a2741110388254c95e96403b00469a1474042d8938ae7db

Request headers

Host
cloud.info.geha.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
utm=Prospect Email 2; gw2_ck_1=rv22camf2sl3re4ahi2w31zx; SC_ANALYTICS_GLOBAL_COOKIE=feefb1b54ca64145ae66348f2ffafdea|False; sxa_site=GEHA-CD; BIGipServergehaweb-prd-pool=!MEMqBgZb6kzu+D8D5DdGsCFeo2GSyCMIp5O6wfOAOS7/ZU0hSSvElEIistAg5ezc/Zes/37oWOUzCxI=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Date
Mon, 16 Nov 2020 18:21:30 GMT
Connection
close
Content-Length
1850
3533db5f6d4bb62ec2d507557e99320f.woff2
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/3533db5f6d4bb62ec2d507557e99320f.woff2
Requested by
Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20201113T191946Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.geha.com
Referer
https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20201113T191946Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Aug 2020 21:10:35 GMT
status
200
etag
f33721c842cc40d69e9292a89010aaa8
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://www.geha.com
cache-control
public, max-age=51669
content-disposition
attachment; filename="3533db5f6d4bb62ec2d507557e99320f.woff2"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
content-length
75308
x-xss-protection
1; mode=block
/
www.geha.com/TSPD/ Frame 3201 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/TSPD/?type=21
Requested by
Host: www.geha.com
URL: https://www.geha.com/TSPD/?type=18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
59a95bf11890815b3ea9a98238d2e01a1b9e2ffca1a897e872529018161d5515
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

:method
GET
:authority
www.geha.com
:scheme
https
:path
/TSPD/?type=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
utm=Prospect Email 2; gw2_ck_1=rv22camf2sl3re4ahi2w31zx; SC_ANALYTICS_GLOBAL_COOKIE=feefb1b54ca64145ae66348f2ffafdea|False; sxa_site=GEHA-CD; BIGipServergehaweb-prd-pool=!MEMqBgZb6kzu+D8D5DdGsCFeo2GSyCMIp5O6wfOAOS7/ZU0hSSvElEIistAg5ezc/Zes/37oWOUzCxI=; TS87aa08af027=0823751556ab2000d8d84757b38726ef2e9e69532a919ed5c90dd17fe1b3fd6ec141b309990f2238085533b597113000b8ff3c2f0e99ce8a8d941850edb2797ed7845ec45e447f79acc5db848b193abb94dd5ab1c6790aef160460c850113a5b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378

Response headers

status
200
p3p
CP="{}"
cache-control
no-store, must-revalidate, no-cache, max-age=0
content-type
text/html
vary
Accept-Encoding
content-encoding
gzip
date
Mon, 16 Nov 2020 18:21:30 GMT
content-length
3055
set-cookie
TS87aa08af027=0823751556ab20005871294d9b2b893744e8fd1ac034a458c4eba352ded14e22d87f05a5290647d508cb3b0c4511300019719829799c49fafa654344c40ff0b89712613e66511a709572f2f59e7eade1ac7be4a60cfe5c04752332a9b8256495;Path=/
strict-transport-security
max-age=15768000 ; includeSubDomains
personalizedinfo
www.geha.com/api/personalizedinformation/ 		33 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation
Requested by
Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20200827T195654Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
'nosniff'
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
strict-transport-security
max-age=15768000 ; includeSubDomains
content-length
33
x-xss-protection
1; mode=block
expires
-1
personalizedinfo
www.geha.com/api/personalizedinformation/ 		33 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation
Requested by
Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20200827T195654Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
'nosniff'
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
strict-transport-security
max-age=15768000 ; includeSubDomains
content-length
33
x-xss-protection
1; mode=block
expires
-1
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3942
date
Mon, 16 Nov 2020 17:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 16 Nov 2020 19:15:48 GMT
bat.js
bat.bing.com/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:29 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref
Ref A: 9AEC30FA8C114D81AD7063ACB500D684 Ref B: FRAEDGE1213 Ref C: 2020-11-16T18:21:30Z
status
200
etag
"0b27f152fa7d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8454
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.56.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
age
52234
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1958
x-served-by
cache-lon4230-LON
last-modified
Wed, 21 Oct 2020 21:46:56 GMT
x-timer
S1605550891.656399,VS0,VE0
etag
"a4cc3f907681b24a3efd540acd5d2996+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
conversion_async.js
www.googleadservices.com/pagead/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f226.1e100.net
Software
cafe /
Resource Hash
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11761
x-xss-protection
0
server
cafe
etag
8854462785499610041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 18:21:30 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		965 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 16 Nov 2020 18:21:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=46978
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
activityi;dc_pre=CKaqiZTXh-0CFQvquwgdufoGBQ;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3F...
10009673.fls.doubleclick.net/ Frame FCE2
Redirect Chain
  • https://10009673.fls.doubleclick.net/activityi;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy...
  • https://10009673.fls.doubleclick.net/activityi;dc_pre=CKaqiZTXh-0CFQvquwgdufoGBQ;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10009673.fls.doubleclick.net/activityi;dc_pre=CKaqiZTXh-0CFQvquwgdufoGBQ;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.21.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s13-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10009673.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKaqiZTXh-0CFQvquwgdufoGBQ;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 16 Nov 2020 18:21:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
487
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 16-Nov-2020 18:36:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 16 Nov 2020 18:21:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10009673.fls.doubleclick.net/activityi;dc_pre=CKaqiZTXh-0CFQvquwgdufoGBQ;src=10009673;type=pagev0;cat=tm-ge0;ord=8874785652111;gtm=2wgb41;auiddc=662059637.1605550891;~oref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pa-5b8e94d0cea07b0016000061.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5b8e94d0cea07b0016000061.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
314f00abe329015dbe30b805bfc9c5e59cb260f6278a0425a428139a8ac6a35f

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 13 May 2020 13:49:07 GMT
server
cloudflare
status
200
etag
W/"5ebbfad3-1889"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5f333b6abcab05f5-FRA
cf-request-id
0673e376b2000005f566bfd000000001
expires
Mon, 16 Nov 2020 18:26:30 GMT
pa-555b6812abe53d462fed7a74.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-555b6812abe53d462fed7a74.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5173016dba14d47d273deac955b1869af4d4fa9eaa8df9f264c482e745701b

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 13 May 2020 13:49:07 GMT
server
cloudflare
status
200
etag
W/"5ebbfad3-1889"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5f333b6abcb205f5-FRA
cf-request-id
0673e376b6000005f57136c000000001
expires
Mon, 16 Nov 2020 18:26:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		89 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23272
x-xss-protection
0
pragma
public
x-fb-debug
D9axJ6bp5RmE2B9qlNXCtobKT9P+Dd6lHtCI7Dm8Rd6xU6kjsdTekmBGu1cx22ZnlbbJQnZejX328ZxCe2x+uA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Mon, 16 Nov 2020 18:21:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.206.235 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-206-235.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 16 Nov 2020 16:48:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
5565
ETag
"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
8xaLkLw0qMBipdHnNKulmqdJizfJG-2rp3eS7nFU_DjawKz8_mdsVw==
tv2track.js
collector-8199.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-8199.tvsquared.com/tv2track.js
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.179.184 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-179-184.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 16 Nov 2020 18:21:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Sep 2020 11:44:51 GMT
Server
nginx
ETag
"5f649db3-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
8499
Expires
Mon, 16 Nov 2020 18:31:31 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 16 Nov 2020 18:21:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=20851
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1799
collect
www.google-analytics.com/j/ 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=886312867&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&ul=en-us&de=UTF-8&dt=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=779949597&gjid=741983341&cid=2137304053.1605550891&tid=UA-18563403-14&_gid=437769495.1605550891&_r=1&gtm=2wgb41PCSXPND&z=599357682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.geha.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=886312867&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&ul=en-us&de=UTF-8&dt=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=1947930934&gjid=2069568808&cid=2137304053.1605550891&tid=UA-18563403-1&_gid=437769495.1605550891&_r=1&gtm=2wgb41PCSXPND&z=1937163807
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.geha.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=886312867&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&ul=en-us&de=UTF-8&dt=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=67311817&gjid=1361547963&cid=2137304053.1605550891&tid=UA-18563403-15&_gid=437769495.1605550891&_r=1&gtm=2wgb41PCSXPND&z=282220362
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.geha.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
0823751556ab20002aedea0d04f6f7891a40ea08ff8cfdba5ea02962ca138a334b0fe96a375f3c48
www.geha.com/TSPD/ Frame 3201 		295 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/TSPD/0823751556ab20002aedea0d04f6f7891a40ea08ff8cfdba5ea02962ca138a334b0fe96a375f3c48?type=8
Requested by
Host: www.geha.com
URL: https://www.geha.com/TSPD/?type=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
117c3b7c44cda795ba3626d49856e80ab16e71a1ee816016ba41f1dd66e88072
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

Referer
https://www.geha.com/TSPD/?type=21
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=15768000 ; includeSubDomains
content-length
90305
0823751556ab20002aedea0d04f6f7891a40ea08ff8cfdba5ea02962ca138a334b0fe96a375f3c48
www.geha.com/TSPD/ Frame 3201 		52 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/TSPD/0823751556ab20002aedea0d04f6f7891a40ea08ff8cfdba5ea02962ca138a334b0fe96a375f3c48?type=12
Requested by
Host: www.geha.com
URL: https://www.geha.com/TSPD/?type=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

Referer
https://www.geha.com/TSPD/?type=21
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=86400
strict-transport-security
max-age=15768000 ; includeSubDomains
content-length
37876
custom.css
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/ Frame DD1F 		523 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/custom.css
Requested by
Host: cloud.info.geha.com
URL: https://cloud.info.geha.com/openseasonplanreminders
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
30780fe1991f5d580b59f7169792d142ee39627a3afca43909c799efd9213f8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.info.geha.com/openseasonplanreminders
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
x-content-type-options
'nosniff'
last-modified
Fri, 13 Nov 2020 02:31:43 GMT
etag
092d0e000fae4b03af1a6d438b16f1a7
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=33318
content-disposition
inline; filename="custom.css"
strict-transport-security
max-age=15768000 ; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
63243
x-xss-protection
1; mode=block
_t
cloud.info.geha.com/openseasonplanreminders/ Frame DD1F 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.info.geha.com/openseasonplanreminders/_t?eventType=CLOUDPAGESVISIT
Requested by
Host: cloud.info.geha.com
URL: https://cloud.info.geha.com/openseasonplanreminders
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.118.55 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
cloud.info.geha.com
Software
/
Resource Hash
7a3829ab689107132e51a31a407eca7a4ecb7050d6b9ee83137b6b142c931a73

Request headers

Referer
https://cloud.info.geha.com/openseasonplanreminders
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 16 Nov 2020 18:21:31 GMT
Cache-Control
private
Connection
close
Content-Length
35
Content-Type
text/html
collect.js
100004105.collect.igodigital.com/ Frame DD1F 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://100004105.collect.igodigital.com/collect.js
Requested by
Host: cloud.info.geha.com
URL: https://cloud.info.geha.com/openseasonplanreminders
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.0.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-0-32.compute-1.amazonaws.com
Software
/
Resource Hash
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703

Request headers

Referer
https://cloud.info.geha.com/openseasonplanreminders
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 19:56:07 GMT
vary
Accept-Encoding
content-type
application/javascript
536137209881402
connect.facebook.net/signals/config/ 		236 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/536137209881402?v=2.9.28&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b0c5e0eda6b58ea89fd61ef466d43354ea3f4190479978350d446963ff194c0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
c+bag9atjMKPDuQwQ/yb8yFgZUS8wU/0QamraEA4RyujxfUXXFqkAzoj6QwwBzhdU6FDXSOEzEncMQWIfjtZTA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Mon, 16 Nov 2020 18:21:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/i/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o1swp&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
110
pragma
no-cache
last-modified
Mon, 16 Nov 2020 18:21:30 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f79d11ef2df360ce624ce12e233e5a93
x-transaction
000cd74700c3e5cb
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-18563403-14&cid=2137304053.1605550891&jid=779949597&gjid=741983341&_gid=437769495.1605550891&_u=YEBAAEAAAAAAAC~&z=1952285931
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 16 Nov 2020 18:21:30 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.geha.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-18563403-1&cid=2137304053.1605550891&jid=1947930934&gjid=2069568808&_gid=437769495.1605550891&_u=YGDACEABBAAAAC~&z=1745017294
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 16 Nov 2020 18:21:30 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.geha.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-18563403-15&cid=2137304053.1605550891&jid=67311817&gjid=1361547963&_gid=437769495.1605550891&_u=YGDACEABBAAAAC~&z=904057537
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 16 Nov 2020 18:21:30 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.geha.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1805946&time=1605550890707&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26ut...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1805946%26time%3D1605550890707%26url%3Dhttps%253A%252F%252Fwww.geha.com%252Flegal...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1805946&time=1605550890707&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26ut...
0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1805946&time=1605550890707&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&liSync=true
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
ORVjWwcQSBYgGO6GeisAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
qVAzVwcQSBZwhIMKEisAAA==
pragma
no-cache
x-li-pop
afd-prod-lva1
x-msedge-ref
Ref A: B31DF26B96DE438991FDFCB488AC7EBB Ref B: FRAEDGE0820 Ref C: 2020-11-16T18:21:30Z
x-frame-options
sameorigin
date
Mon, 16 Nov 2020 18:21:30 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1805946&time=1605550890707&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=23001708&Ver=2&mid=129051f2-3f9f-4e39-bd29-7fb9b96215aa&sid=8c9a0a40283811eb94ca718cabd32c49&vid=8c9a4b60283811ebbf49c12551205cee&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&p=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&r=&lt=2669&evt=pageLoad&msclkid=N&sv=1&rn=882798
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 16 Nov 2020 18:21:29 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 5E0F6A9BF63A4D0BA23818CD42D1B6CF Ref B: FRAEDGE1213 Ref C: 2020-11-16T18:21:30Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/973793713/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973793713/?random=1605550890716&cv=9&fst=1605550890716&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&tiba=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f30cc1492ba2acfd98067f206944247bd51f7276e9515e39ab6e3e9d5d468203
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-18563403-14&cid=2137304053.1605550891&jid=779949597&_u=YEBAAEAAAAAAAC~&z=461254790
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-18563403-14&cid=2137304053.1605550891&jid=779949597&_u=YEBAAEAAAAAAAC~&z=461254790
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-18563403-15&cid=2137304053.1605550891&jid=67311817&_u=YGDACEABBAAAAC~&z=2055432252
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-18563403-15&cid=2137304053.1605550891&jid=67311817&_u=YGDACEABBAAAAC~&z=2055432252
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-18563403-1&cid=2137304053.1605550891&jid=1947930934&_u=YGDACEABBAAAAC~&z=146553656
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-18563403-1&cid=2137304053.1605550891&jid=1947930934&_u=YGDACEABBAAAAC~&z=146553656
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/973793713/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/973793713/?random=1605550890716&cv=9&fst=1605549600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&tiba=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&async=1&fmt=3&is_vtc=1&random=4139873503&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/973793713/ 		42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/973793713/?random=1605550890716&cv=9&fst=1605549600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&tiba=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&async=1&fmt=3&is_vtc=1&random=4139873503&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 18:21:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2808013422617939
connect.facebook.net/signals/config/ 		236 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2808013422617939?v=2.9.28&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5340e71d5dc40369b79b62a74e57e50a3503e3b294e0352d4272a65014321780
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
m5WedsDezLanVfABJDFRBjeUx8rXj2EtL4o2Pj77KZ8AfSqWotmq4KBorCtJ5og5+dXnGq/yCGEiBWtSpnX5EQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Mon, 16 Nov 2020 18:21:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=536137209881402&ev=PageView&dl=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&rl=&if=false&ts=1605550890853&sw=1600&sh=1200&v=2.9.28&r=stable&ec=0&o=30&fbp=fb.1.1605550890852.435416229&it=1605550890700&coo=false&rqm=GET
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Nov 2020 18:21:30 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2808013422617939&ev=PageView&dl=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&rl=&if=false&ts=1605550890919&sw=1600&sh=1200&v=2.9.28&r=stable&ec=0&o=30&fbp=fb.1.1605550890852.435416229&it=1605550890700&coo=false&rqm=GET
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Nov 2020 18:21:30 GMT
track_page_view
nova.collect.igodigital.com/c2/100004105/ Frame DD1F 		43 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/100004105/track_page_view?payload=%7B%22title%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fcloud.info.geha.com%2Fopenseasonplanreminders%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378%22%7D
Requested by
Host: cloud.info.geha.com
URL: https://cloud.info.geha.com/openseasonplanreminders
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.0.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-0-32.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.info.geha.com/openseasonplanreminders
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime
0.004646
date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"db04c7b378cb2db912c3ba8a5a774ee3"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
6c35d06d-026b-4658-952a-f3aab86dde53
tv2track.php
collector-8199.tvsquared.com/ 		42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-8199.tvsquared.com/tv2track.php?action_name=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&idsite=TV-18810909-1&rec=1&r=746584&h=19&m=21&s=31&url=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&_id=0720521ab60181b0&_idts=1605550891&_idvc=0&_idn=1&_viewts=&cookie=1&res=1600x1200&gt_ms=686
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.179.184 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-179-184.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 16 Nov 2020 18:21:31 GMT
Server
nginx
Connection
keep-alive
Request-Id
f2912c2c-7db5-4704-9f7b-d26ea5bb1b51
P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length
42
Content-Type
image/gif
/
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Requested by
Host: www.geha.com
URL: https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1a0935e94b38c181486584ddb7b7fda69ac66582e8d2cc54f95aeceffeb32878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
215089
cf-polished
origSize=58033
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0673e379950000edf35a0f7000000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"e2b1-gNydvhwZYs+VPo04k5d0RcHzf7M"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
5f333b6f5d68edf3-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
adsct
analytics.twitter.com/i/ 		31 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o1swp&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Mon, 16 Nov 2020 18:21:31 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
76282e6ea0f799e187b281631f2ebad3
x-transaction
00bd845700559b53
expires
Tue, 31 Mar 1981 05:00:00 GMT
up
insight.adsrvr.org/track/ Frame EDC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=uduech0&ref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&upid=opjy0g4&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.37.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-37-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=uduech0&ref=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy%3Futm_medium%3Demail%26utm_campaign%3DProspect%2BEmail%2B2%26utm_source%3DSFMC%26utm_content%3DPrivacy%2BPolicy%26utm_term%3D20201028_464492_181348378&upid=opjy0g4&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378

Response headers

status
200
date
Mon, 16 Nov 2020 18:21:31 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=536137209881402&ev=Microdata&if=false&ts=1605550891428&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GEHA%27s%20Privacy%20Policy%20%7C%20GEHA%22%2C%22meta%3Adescription%22%3A%22GEHA%20respects%20your%20privacy%20and%20your%20rights%20to%20control%20your%20personal%20data.%20We%20are%20committed%20to%20protecting%20your%20privacy%20through%20our%20compliance%20with%20this%20policy.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22GEHA%20respects%20your%20privacy%20and%20your%20rights%20to%20control%20your%20personal%20data.%20We%20are%20committed%20to%20protecting%20your%20privacy%20through%20our%20compliance%20with%20this%20policy.%22%2C%22og%3Atitle%22%3A%22GEHA%27s%20Privacy%20Policy%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.geha.comhttps%3A%2F%2Fwww.geha.com%2F%2Fen%2Flegal%2Fprivacy-policy%22%2C%22twitter%3Atitle%22%3A%22Privacy%20Policy%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.28&r=stable&ec=1&o=30&fbp=fb.1.1605550890852.435416229&it=1605550890700&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Nov 2020 18:21:31 GMT
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5b8e94d0cea07b0016000061&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1538&cE=1538&dLE=1538&dLS=1538&fS=1538&hS=-1&rE=-1&rS=-1&reS=1539&resS=2224&resE=2225&uEE=-1&uES=-1&dL=2228&dI=2662&dCLES=2662&dCLEE=2669&dC=3990&lES=3990&lEE=3994&s=nt&title=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&path=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy&ref=&sId=197vzwlt&sST=1605550891&sIS=1&rV=0&v=1.4.1
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5b8e94d0cea07b0016000061.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.130.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-130-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 16 Nov 2020 18:21:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=555b6812abe53d462fed7a74&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1538&cE=1538&dLE=1538&dLS=1538&fS=1538&hS=-1&rE=-1&rS=-1&reS=1539&resS=2224&resE=2225&uEE=-1&uES=-1&dL=2228&dI=2662&dCLES=2662&dCLEE=2669&dC=3990&lES=3990&lEE=3994&s=nt&title=GEHA%27s%20Privacy%20Policy%20%7C%20GEHA&path=https%3A%2F%2Fwww.geha.com%2Flegal%2Fprivacy-policy&ref=&sId=197vzwlt&sST=1605550891&sIS=2&rV=0&v=1.4.1
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-555b6812abe53d462fed7a74.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.130.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-130-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 16 Nov 2020 18:21:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2808013422617939&ev=Microdata&if=false&ts=1605550891431&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GEHA%27s%20Privacy%20Policy%20%7C%20GEHA%22%2C%22meta%3Adescription%22%3A%22GEHA%20respects%20your%20privacy%20and%20your%20rights%20to%20control%20your%20personal%20data.%20We%20are%20committed%20to%20protecting%20your%20privacy%20through%20our%20compliance%20with%20this%20policy.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22GEHA%20respects%20your%20privacy%20and%20your%20rights%20to%20control%20your%20personal%20data.%20We%20are%20committed%20to%20protecting%20your%20privacy%20through%20our%20compliance%20with%20this%20policy.%22%2C%22og%3Atitle%22%3A%22GEHA%27s%20Privacy%20Policy%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.geha.comhttps%3A%2F%2Fwww.geha.com%2F%2Fen%2Flegal%2Fprivacy-policy%22%2C%22twitter%3Atitle%22%3A%22Privacy%20Policy%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.28&r=stable&ec=1&o=30&fbp=fb.1.1605550890852.435416229&it=1605550890700&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Nov 2020 18:21:31 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_e9klljEUcZhtwjz&Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Requested by
Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f84106aa07107c867489c59ff5e48f874d8f06bbe3ee297874becc3898c06fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geha.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5f333b6fbe5aedf3-CDG
vary
Accept-Encoding
cf-request-id
0673e379d80000edf348187000000001
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		88 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Requested by
Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8de455aff7672cc42981291144d1c01ccc586a037fa7e89dfeea9146eac7a9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
408884
cf-polished
origSize=90897
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0673e37a950000edf35a111000000001
last-modified
Wed, 04 Nov 2020 18:43:58 GMT
server
cloudflare
x-powered-by
Express
etag
W/"16311-17594929db0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5f333b70e8e9edf3-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
13.8cd1bc517f738d563f23.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/13.8cd1bc517f738d563f23.chunk.js?Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Requested by
Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c984925243a284a30a519b7cee9e7d84d967f720d786ce0fc1f92c08681ed4f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
408883
cf-polished
origSize=2639
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0673e37ae00000edf339391000000001
last-modified
Wed, 04 Nov 2020 18:43:58 GMT
server
cloudflare
x-powered-by
Express
etag
W/"a4f-17594929db0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5f333b716a03edf3-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.24003007cd0c446c51a3.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.24003007cd0c446c51a3.chunk.js?Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Requested by
Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8f7048f7245ba84257628d8155aefa0aa70604b43dfe62d01080eb63dfa2e966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
408883
cf-polished
origSize=26983
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0673e37ae00000edf3f90f2000000001
last-modified
Wed, 04 Nov 2020 18:43:58 GMT
server
cloudflare
x-powered-by
Express
etag
W/"6967-17594929db0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5f333b716a07edf3-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackLinkModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Requested by
Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
408882
cf-polished
origSize=3600
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0673e37ae20000edf3e2816000000001
last-modified
Wed, 04 Nov 2020 18:43:58 GMT
server
cloudflare
x-powered-by
Express
etag
W/"e10-17594929db0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5f333b716a15edf3-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
EmbeddedTargetModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Requested by
Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
66f54c12a2365f4ea8f7fcadd49258d19d9a2dbe66771de0aa35695ff06cc3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
325627
cf-polished
origSize=8259
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0673e37ae20000edf3423fc000000001
last-modified
Wed, 04 Nov 2020 18:43:58 GMT
server
cloudflare
x-powered-by
Express
etag
W/"2043-17594929db0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5f333b716a17edf3-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		26 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_235GQw7FfA9GcHH&Version=39&Q_ORIGIN=https://www.geha.com&Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Requested by
Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c59e57b6f732329c3de5b976c38ed8320ed0a9fbab8c2d252a8529ad5234a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0673e37b0a000008a35eb29000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geha.com
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5f333b71ad5b08a3-CDG
servershortname
expires
Thu, 14 Nov 2030 18:21:31 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		325 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9ALP9yWEj1lFJyJ&Version=4&Q_InterceptID=SI_235GQw7FfA9GcHH&Q_ORIGIN=https://www.geha.com&Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Requested by
Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1605550891338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 18:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
371257
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0673e37b0b000008a3820ad000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.geha.com
expires
Sun, 10 Nov 2030 11:13:54 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5f333b71ad6008a3-CDG
servershortname
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9ALP9yWEj1lFJyJ&Q_SIID=SI_235GQw7FfA9GcHH&Q_ASID=AS_59028053&Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web&r=1605550891943
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.38.0&Q_CLIENTTYPE=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Nov 2020 18:21:32 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.geha.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5f333b72b86008a3-CDG
vary
Accept-Encoding
content-length
45
cf-request-id
0673e37bb3000008a3331f8000000001
Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_elF0WfBnxSXZgMt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.106.46 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-106-46.deploy.static.akamaitechnologies.com
Software
collect-platform-gateway /
Resource Hash
7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geha.com/legal/privacy-policy?utm_medium=email&utm_campaign=Prospect+Email+2&utm_source=SFMC&utm_content=Privacy+Policy&utm_term=20201028_464492_181348378
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
163, 163, 163
date
Mon, 16 Nov 2020 18:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0, 0, 0
status
200
content-disposition
inline; filename=Feedback_Darker_Smaller.png
vary
Accept-Encoding
content-length
1897
x-request-id
6c956bb9-b3ca-47d7-8ee3-6f604f6db16a
server
collect-platform-gateway
etag
"be2052dd6274e8cbe6a39a1838288fcf"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-transaction-id
74d5ac62-2a4f-497d-b050-ea93b6c936b5
cache-control
public, max-age=58
x-robots-tag
noindex
expires
Mon, 16 Nov 2020 18:22:30 GMT
0823751556ab28003625c9cc0fa36364e7fa03f80d91b2445d0f17ff6b8a1c3ebe4f779bf58855b8c36ba410d24bedc9
www.geha.com/TSPD/ Frame 3201 		566 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geha.com/TSPD/0823751556ab28003625c9cc0fa36364e7fa03f80d91b2445d0f17ff6b8a1c3ebe4f779bf58855b8c36ba410d24bedc9?type=13
Requested by
Host: www.geha.com
URL: https://www.geha.com/TSPD/0823751556ab20002aedea0d04f6f7891a40ea08ff8cfdba5ea02962ca138a334b0fe96a375f3c48?type=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1::48f7:b369 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
623000b4eee652bd756045c63fce7b9b1e37a713b6bdd2db67b70fdb27b449cb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

Referer
https://www.geha.com/TSPD/?type=21
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 16 Nov 2020 18:21:32 GMT
cache-control
no-store, must-revalidate, no-cache, max-age=0
content-length
566
strict-transport-security
max-age=15768000 ; includeSubDomains
content-type
text/html

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| loaderConfig undefined| ie9rgb4 boolean| qLlE function| runLoader function| subscribeEvent function| unsubscribeEvent function| startActivityHandler function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent object| dataLayer undefined| $ function| jQuery function| $xa function| moment function| _ object| html5 object| Modernizr function| Galleria object| FullCalendar function| Hammer object| Backbone function| SearchIndex function| Bloodhound boolean| mCustomScrollbar object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| dmAsyncInit object| XA string| facetName function| closeDrawer object| geha function| showFormSubmissionMessage function| validateRequestServicesRecaptcha function| submitAboUpdateInfoForm function| validateFormFieldsOnUiChange function| validateUpdateFormRecaptcha function| emailRegex function| stringValidate function| currencyValidate function| dateValidate function| redirect function| isObject function| isValidValue function| isNotUIValue function| formatVariableNames function| dynamicStringBuilder function| sendEmail function| verify object| google_tag_manager boolean| initialzied object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq function| twq string| _linkedin_data_partner_id function| fbq function| _fbq object| _tvq function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| twttr function| lintrk boolean| _already_called_lintrk function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| ttd_dom_ready function| TTDUniversalPixelApi object| JSON2 object| TV2Track object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.38.0 object| _qsie

17 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.geha.com/ Name: _tq_id.TV-18810909-1.cfae
Value: 0720521ab60181b0.1605550891.0.1605550891..
.geha.com/ Name: _gat_UA-18563403-15
Value: 1
.geha.com/ Name: _gat_UA-18563403-1
Value: 1
.geha.com/ Name: _gat_UA-18563403-14
Value: 1
.geha.com/ Name: sxa_site
Value: GEHA-CD
.geha.com/ Name: _uetvid
Value: 8c9a4b60283811ebbf49c12551205cee
.geha.com/ Name: _gid
Value: GA1.2.437769495.1605550891
.geha.com/ Name: BIGipServergehaweb-prd-pool
Value: !MEMqBgZb6kzu+D8D5DdGsCFeo2GSyCMIp5O6wfOAOS7/ZU0hSSvElEIistAg5ezc/Zes/37oWOUzCxI=
.geha.com/ Name: _ga
Value: GA1.2.2137304053.1605550891
www.geha.com/ Name: TS87aa08af027
Value: 0823751556ab2000ede34231304f40bb868904c467474f41509787541bc9d09134737e8fe0e127e308c099c573113000ce5f0afd926d3867fa654344c40ff0b89712613e66511a709572f2f59e7eade1ac7be4a60cfe5c04752332a9b8256495
.geha.com/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: feefb1b54ca64145ae66348f2ffafdea|False
.geha.com/ Name: _fbp
Value: fb.1.1605550890852.435416229
.geha.com/ Name: _uetsid
Value: 8c9a0a40283811eb94ca718cabd32c49
.geha.com/ Name: gw2_ck_1
Value: rv22camf2sl3re4ahi2w31zx
.geha.com/ Name: _gcl_au
Value: 1.1.662059637.1605550891
.geha.com/ Name: utm
Value: Prospect Email 2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options 'nosniff'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100004105.collect.igodigital.com
10009673.fls.doubleclick.net
analytics.twitter.com
bat.bing.com
click.info.geha.com
cloud.info.geha.com
collector-8199.tvsquared.com
connect.facebook.net
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
nova.collect.igodigital.com
px.ads.linkedin.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
siteintercept.qualtrics.com
sjc1.qualtrics.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.geha.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
104.17.209.240
104.244.42.195
104.244.42.69
13.111.100.248
13.111.118.55
143.204.206.235
172.217.21.230
199.232.56.157
216.58.205.226
2606:4700:10::6814:14ef
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:809::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:824::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c03::9b
2a02:26f0:10c:582::25ea
2a02:26f0:f1::48f7:b369
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
3.12.179.184
52.21.0.32
63.34.37.82
92.122.106.46
99.80.130.108
0c19be07401cf8091d1c0bf9b3a42e2f90508da5fac76ae6a1a4123046ca4e9f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
117c3b7c44cda795ba3626d49856e80ab16e71a1ee816016ba41f1dd66e88072
1a0935e94b38c181486584ddb7b7fda69ac66582e8d2cc54f95aeceffeb32878
1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae
2f84106aa07107c867489c59ff5e48f874d8f06bbe3ee297874becc3898c06fc
30780fe1991f5d580b59f7169792d142ee39627a3afca43909c799efd9213f8f
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
314f00abe329015dbe30b805bfc9c5e59cb260f6278a0425a428139a8ac6a35f
416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c
427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f
43b2d6dfa9e793a4cfedc82e1a1697906b59f88d87d3a48430e2ba9a664c1b68
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56
49cd1fdd08b7c2927ea54048a04255d7668682a1db997371034ca2203a9f2c8f
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703
4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d
4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385
4d6bfadf55c321ce0c42fa677d14d2d2e86c6662fdb5de760616ec407723e1ef
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
5340e71d5dc40369b79b62a74e57e50a3503e3b294e0352d4272a65014321780
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3
59a95bf11890815b3ea9a98238d2e01a1b9e2ffca1a897e872529018161d5515
623000b4eee652bd756045c63fce7b9b1e37a713b6bdd2db67b70fdb27b449cb
66f54c12a2365f4ea8f7fcadd49258d19d9a2dbe66771de0aa35695ff06cc3c6
6ee63129187222048f035c8334888843c8e97982524fde76ff06ac9ac0ef4da5
7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e
76cb2e52b9e4249d2e67db670cf19086afb508febee0e00fda321d1e0656431f
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
7a3829ab689107132e51a31a407eca7a4ecb7050d6b9ee83137b6b142c931a73
7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b
8de455aff7672cc42981291144d1c01ccc586a037fa7e89dfeea9146eac7a9d4
8f7048f7245ba84257628d8155aefa0aa70604b43dfe62d01080eb63dfa2e966
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b0c5e0eda6b58ea89fd61ef466d43354ea3f4190479978350d446963ff194c0
a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae9f6a305bef21d57a2741110388254c95e96403b00469a1474042d8938ae7db
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
ba9dc31b0f6ab38657d353f50bb99eadb9ce5d6d7f83501d97d0faa43d2619c6
babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f
c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5
c984925243a284a30a519b7cee9e7d84d967f720d786ce0fc1f92c08681ed4f0
cb5173016dba14d47d273deac955b1869af4d4fa9eaa8df9f264c482e745701b
d0c59e57b6f732329c3de5b976c38ed8320ed0a9fbab8c2d252a8529ad5234a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f30cc1492ba2acfd98067f206944247bd51f7276e9515e39ab6e3e9d5d468203
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02