member-portal.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://login.geha.com/
Effective URL:
https://member-portal.geha.com/login
Submission: On January 09 via api (January 9th 2024, 7:07:25 am UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 44 HTTP transactions. The main IP is 2a02:26f0:ab00::214:8e59, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is member-portal.geha.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 23rd 2023. Valid for: a year.

This is the only time member-portal.geha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.189.110 3.33.189.110	16509 (AMAZON-02) (AMAZON-02)
1 7	15.197.181.212 15.197.181.212	16509 (AMAZON-02) (AMAZON-02)
17	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::210:a419	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:170... 2a02:26f0:1700:38a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
9	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	12

1 3.33.189.110 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com

login.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 15.197.181.212 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com

login.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:26f0:ab00::214:8e59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

member-portal.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a419 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:38a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd32a.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	geha.com 2 redirects login.geha.com member-portal.geha.com	638 KB
9	qualtrics.com znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 1531	71 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	150 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1998 c.go-mpulse.net — Cisco Umbrella Rank: 850	50 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 1107 p.typekit.net — Cisco Umbrella Rank: 1464	1 KB
1	akstat.io 684dd32a.akstat.io — Cisco Umbrella Rank: 80186	207 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	259 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
44	9

	Domain	Requested by
17	member-portal.geha.com	member-portal.geha.com
8	siteintercept.qualtrics.com	znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com
8	login.geha.com	2 redirects member-portal.geha.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	member-portal.geha.com www.googletagmanager.com
1	684dd32a.akstat.io	s.go-mpulse.net
1	znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com	member-portal.geha.com
1	region1.google-analytics.com	www.googletagmanager.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	member-portal.geha.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	member-portal.geha.com
1	use.typekit.net	member-portal.geha.com
44	13

This site contains links to these domains. Also see Links.

Domain
www.geha.com
geha.okta.com

Subject Issuer	Validity	Valid
*.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-23` - `2024-09-22`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://member-portal.geha.com/login
Frame ID: 5CA335988637718D897EF12043691F97
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | GEHA | Member Portal

Page URL History Show full URLs

http://login.geha.com/ HTTP 302
https://login.geha.com// HTTP 302
https://member-portal.geha.com/login Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

958 kB
Transfer

3224 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.geha.com/
Title: Navigate to geha.com in a new browser tab<img alt="logo" srcSet="/GEHA_Logo.svg 1x, /GEHA_Logo.svg 2x" src="/GEHA_Logo.svg" decoding="async" data-nimg="intrinsic" style="position:absolute;top:0;left:0;bottom:0;right:0;box-sizing:border-box;padding:0;border:none;margin:auto;display:block;width:0;height:0;min-width:100%;max-width:100%;min-height:100%;max-height:100%" loading="lazy"/>

Search URL Search Domain Scan URL

URL: https://www.geha.com/~/media93/Project/GEHA/GEHA/documents-files/other/geha-member-login-resource-document.pdf?fromURI=%2Fhelp%2Flogin
Title: Click here for help.

Search URL Search Domain Scan URL

URL: https://geha.okta.com/help/login
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://login.geha.com/ HTTP 302
https://login.geha.com// HTTP 302
https://member-portal.geha.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
member-portal.geha.com/
Redirect Chain

http://login.geha.com/
https://login.geha.com//
https://member-portal.geha.com/login

8 KB
5 KB

521ms
398ms

Document
text/html

2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Next.js

Resource Hash

15fa341736dab447482d69fc66237eb67d774b5eb422b3f61beafadb3bb4e37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 3881
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 07:07:21 GMT
server-timing: cdn-cache; desc=MISS edge; dur=353 origin; dur=30 ak_p; desc="1704784040698_34901589_160908939_38295_8457_5_19_255";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 1859 0 pmb=mRUM,1
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 09 Jan 2024 07:07:20 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
content-security-policy: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
location: https://member-portal.geha.com/login
p3p: CP="HONK"
x-okta-request-id: ZZzwqCBKLn4CqzXNvDfVOQAAAKg
x-xss-protection: 0

GET
H2 200 aeca52be18ae5345.css
member-portal.geha.com/_next/static/css/ 154 KB
22 KB 50ms
50ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/css/aeca52be18ae5345.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9ad16b26514f48c9aae132bfe5959fff4db2958a26737ee2e7caacbba25ea55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"26889-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=20208
server-timing: cdn-cache; desc=HIT, edge; dur=24, origin; dur=0, ak_p; desc="1704784041133_34901589_160909186_2658_6014_6_0_255";dur=1
accept-ranges: bytes
content-length: 21924

GET
H2 200 webpack-af999479304b69de.js Show response
member-portal.geha.com/_next/static/chunks/ 5 KB
3 KB 46ms
46ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/webpack-af999479304b69de.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fd6fa81d373c739f01f9385a3764f25b6f4a6277f0205ecfa3a93909fb7d517a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"143c-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=602
server-timing: cdn-cache; desc=HIT, edge; dur=20, origin; dur=0, ak_p; desc="1704784041134_34901589_160909187_2261_5901_6_0_146";dur=1
accept-ranges: bytes
content-length: 2287

GET
H2 200 framework-5f4595e5518b5600.js Show response
member-portal.geha.com/_next/static/chunks/ 127 KB
42 KB 40ms
40ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"1fbbb-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=4977
server-timing: cdn-cache; desc=HIT, edge; dur=28, origin; dur=0, ak_p; desc="1704784041167_34901589_160909193_2792_5986_5_0_146";dur=1
accept-ranges: bytes
content-length: 42152

GET
H2 200 main-4b34a71725809718.js Show response
member-portal.geha.com/_next/static/chunks/ 109 KB
32 KB 16ms
16ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/main-4b34a71725809718.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2aedac1adaee43f450505512dae0a132d3b0813fcc21bfb27bc2969cb31e139b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"1b4b5-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=22281
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704784041174_34901589_160909201_102_5790_6_0_146";dur=1
accept-ranges: bytes
content-length: 32834

GET
H2 200 _app-2a787d3027421e3f.js Show response
member-portal.geha.com/_next/static/chunks/pages/ 450 KB
137 KB 15ms
15ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/pages/_app-2a787d3027421e3f.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d28ed333d77f6e14a841b8304ada3fa81f1059119c85144bdf1a516a3cc84bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"707e1-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=58319
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704784041213_34901589_160909231_35_8120_6_0_146";dur=1
accept-ranges: bytes
content-length: 139907

GET
H2 200 login-9b461d263f7821ce.js Show response
member-portal.geha.com/_next/static/chunks/pages/ 8 KB
3 KB 13ms
13ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/pages/login-9b461d263f7821ce.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0e4bf0b617847668f9d97fe859989710ec0e0fa29378b9b4c9beb34de27f637

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"1fa9-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=6813
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704784041241_34901589_160909249_32_5806_6_0_146";dur=1
accept-ranges: bytes
content-length: 3161

GET
H2 200 _buildManifest.js Show response
member-portal.geha.com/_next/static/HSpifISuw3DDjiOn-YnOA/ 3 KB
1 KB 12ms
12ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/HSpifISuw3DDjiOn-YnOA/_buildManifest.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a0bd67bb177438ac3b335bdc32e6039df203320855de4096edf104807748dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"ae0-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=21560
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704784041255_34901589_160909259_24_6058_6_0_146";dur=1
accept-ranges: bytes
content-length: 983

GET
H2 200 _ssgManifest.js Show response
member-portal.geha.com/_next/static/HSpifISuw3DDjiOn-YnOA/ 77 B
390 B 13ms
13ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/HSpifISuw3DDjiOn-YnOA/_ssgManifest.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"4d-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=22100
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704784041268_34901589_160909272_24_6498_6_0_146";dur=1
accept-ranges: bytes
content-length: 61

GET
H2 200 vxe3lkg.css
use.typekit.net/ 7 KB
1 KB 166ms
137ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vxe3lkg.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/aeca52be18ae5345.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

add5a4ae4344dd616f6599ff1538b07f2a8d18fd1cc05340f76cc3441050c2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 09 Jan 2024 07:07:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 972

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 38ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/aeca52be18ae5345.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 06:30:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 07:07:21 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 65ms
7ms Stylesheet
text/css 2a02:26f0:780::210:a419
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vxe3lkg&ht=tk&f=24537.24538.24539.24540.24545.24546.24547.24548.24549.24552&a=90735096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vxe3lkg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a419 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 X77L2-P4WA5-BTDAF-6LY7Y-GULYJ Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 39ms
9ms Script
application/javascript 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ
Requested by: Host: member-portal.geha.com
URL: https://member-portal.geha.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: br
last-modified: Wed, 20 Dec 2023 10:32:33 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
DATA 200
OK truncated
/ 81 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dbc584b36c2dadc91666a4aba780bf708b52a3ebf56216a752f3d18ddea2685

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 311280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:57:14 GMT
x-content-type-options: nosniff
age: 367807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 00:57:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
69 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZC9G3J

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8393561f58550a29e12989314e3f57eeb0841915cf66e38e9dce6ee6c149c80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69947
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 07:07:21 GMT

GET
H2 200 be5ea0027c648323.css
member-portal.geha.com/_next/static/css/ 206 KB
30 KB 23ms
21ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-af999479304b69de.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a78244eaaca474e76c68634a0a766d5ec506c9410707d71e68bb11445d6f330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"338d0-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=1757
server-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1704784041441_34901589_160909374_435_6139_6_0_255";dur=1
accept-ranges: bytes
content-length: 30645

GET
H2 200 b637e9a5.4d22b99d59d0a400.js Show response
member-portal.geha.com/_next/static/chunks/ 89 KB
31 KB 23ms
23ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/b637e9a5.4d22b99d59d0a400.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-af999479304b69de.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

24e2c787dd5a9faf99c308d660a53a4b6ff8051e77df3311d1d57484da97067b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"16219-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=20179
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1704784041442_34901589_160909375_461_5909_6_0_146";dur=1
accept-ranges: bytes
content-length: 31209

GET
H2 200 412.532a95292043e089.js Show response
member-portal.geha.com/_next/static/chunks/ 1 MB
257 KB 25ms
24ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/412.532a95292043e089.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-af999479304b69de.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

75a45f96a7bfc0a241b566b1435c81f168ed0168b423b66603c4e307c6357a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"10855f-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3931
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1704784041442_34901589_160909377_760_6068_6_0_146";dur=1
accept-ranges: bytes
content-length: 262739

GET
H2 200 63.67c857312c99fcae.js Show response
member-portal.geha.com/_next/static/chunks/ 2 KB
1 KB 31ms
31ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/63.67c857312c99fcae.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-af999479304b69de.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e01cb5efd28363a021d27c7b0583f0904d61f1735d343d453fe8ea7662d939f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"8c1-18c63df7898"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=24635
server-timing: cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1704784041441_34901589_160909378_1236_6044_6_0_146";dur=1
accept-ranges: bytes
content-length: 1164

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 48556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:38:05 GMT

GET
H2 200 GEHA_Logo.svg
member-portal.geha.com/ 4 KB
2 KB 22ms
22ms Image
image/svg+xml 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member-portal.geha.com/GEHA_Logo.svg

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ba6e2db53813ce06f2e7cc09e6ac476f5306c87452023f1008d8d67feac7dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:45:33 GMT
etag: W/"f0f-18c63dacd48"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704784041449_34901589_160909379_37_6753_6_0_146";dur=1
accept-ranges: bytes
content-length: 1740

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 624 B
897 B 83ms
55ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=X77L2-P4WA5-BTDAF-6LY7Y-GULYJ&d=member-portal.geha.com&t=5682613&v=1.720.0&sl=0&si=3cd8211e-5e96-46b6-9bba-3e364baf4ba4-s6zfs8&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=819765
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8a963f587a174dbe5747edf7e73896605f9039bca5e05b2b9bc443643a24a65f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Jan 2024 07:07:21 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 624
Content-Type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
81 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X5XQCNY2FN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZC9G3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f56670feb97febe27a44bb49996b8fed1bfac070879c5fe3a3425d8b05536dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 07:07:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X5XQCNY2FN&gtm=45je4130v890959265z8866071191&_p=1704784041430&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=824695747.1704784042&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704784041&sct=1&seg=0&dl=https%3A%2F%2Fmember-portal.geha.com%2Flogin&dt=Login%20%7C%20GEHA%20%7C%20Member%20Portal&en=page_view&_fv=2&_nsi=1&_ss=1&tfd=1683
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X5XQCNY2FN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 07:07:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK openid-configuration Show response
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/ 3 KB
5 KB 134ms
134ms Fetch
application/json 15.197.181.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/openid-configuration

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.532a95292043e089.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.181.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

3a52545e38cd6498d51421bd567fe2505c3b08a05471f11e81174c2fa3106441

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' geha.okta.com login.geha.com .oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com geha.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com .oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

X-Okta-Request-Id: ZZzwqYI26FKYHtxE3G8vbQAAAlo
Date: Tue, 09 Jan 2024 07:07:22 GMT
content-security-policy: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-content-type-options: nosniff
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
Server: nginx
vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://member-portal.geha.com
cache-control: max-age=86400, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99
expires: Wed, 10 Jan 2024 07:07:21 GMT

OPTIONS
H/1.1 200
OK openid-configuration
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/ 0
0 323ms
112ms Preflight
application/octet-stream 15.197.181.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/openid-configuration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.181.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://member-portal.geha.com
Access-Control-Max-Age: 3600
Connection: Keep-Alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Tue, 09 Jan 2024 07:07:21 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Vary: Origin
X-Okta-Request-Id: ZZzwqYI26FKYHtxE3G8vbAAAAlo

GET
H2 200 / Show response
znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 64ms
26ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d2a8fc1129dabfa9cb716c56040d09f0c7b72fad3206f6c765cd087675fa799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312809
cf-polished: origSize=9155
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23c3-UUbFNdrikA7cs3vOCG19Htqaxdc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 842ad7c44b315d3d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 204 /
684dd32a.akstat.io/ 0
207 B 55ms
55ms Ping
image/gif 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd32a.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 07:07:21 GMT
content-type: image/gif
access-control-allow-origin: https://member-portal.geha.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Tue, 09 Jan 2024 07:07:21 GMT

GET
H2 200 12.d4c11cd65f6f6fc513bb.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 72 KB
22 KB 39ms
38ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.d4c11cd65f6f6fc513bb.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Requested by

Host: znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
URL: https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680fcd85850906013938750127753f37f17bf6c45b49e7a58a5ade0fd0e84377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18600
cf-polished: origSize=74611
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"12373-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 842ad7c47b4a5d3d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 44ms
44ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_ag9JfHFpVBLNPQW&Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d4c11cd65f6f6fc513bb.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9bbd702729ed5503c5f25b75e34d112eeef3f38ca1c9a859e8c023a6f895afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: b0268c8d6ce345c5
cf-ray: 842ad7c4bb815d3d-FRA
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 101 KB
31 KB 26ms
26ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dd246d6240a7d156830950a9bbee2121c5e62fdb76dd84d82d838fbf143cc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18598
cf-polished: origSize=103878
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"195c6-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 842ad7c50baf5d3d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 7.c677f83c9eec0bfd12b3.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 24ms
24ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.c677f83c9eec0bfd12b3.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
URL: https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92e4432090d41a6444853dfc63091062a38ce4bea2fd35efa8f394c66a3f2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18599
cf-polished: origSize=2904
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b58-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 842ad7c53bca5d3d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.222db855180bcd258b60.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 30ms
30ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.222db855180bcd258b60.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
URL: https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55054dcedfeacfa6740438956a10cb1c7a8acfcdc642ea9cf91131ca4b93f3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18597
cf-polished: origSize=29694
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"73fe-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 842ad7c53bcc5d3d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 UserDefinedHTMLModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 7 KB
2 KB 26ms
26ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/UserDefinedHTMLModule.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9230295cadd808a698abddc0af90987e825aebe7a782ffe9193ea91daffdf587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18439
cf-polished: origSize=7759
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1e4f-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 842ad7c53bcd5d3d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
2 KB 37ms
20ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eVtI5lux3fUOtH8&Version=5&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfa66663be987c35d8709111800b6b7aa64db48c230251ab2b2680d249eae17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

servershortname
date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 306330
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Jan 2024 18:01:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 842ad7c55f36365a-FRA
expires: Mon, 02 Jan 2034 18:01:51 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
771 B 38ms
21ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_0dinM9xAxIZNwfc&Version=6&Q_InterceptID=SI_eVtI5lux3fUOtH8&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab0a26f2850163c8217535acb3465cbcdd5e0642f97e70b2e2bc369262ed05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

servershortname
date: Tue, 09 Jan 2024 07:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 588173
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jan 2024 11:44:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 842ad7c55f39365a-FRA
expires: Fri, 30 Dec 2033 11:44:28 GMT

POST
H/1.1 200
OK interact Show response
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/ 1 KB
4 KB 153ms
152ms Fetch
application/json 15.197.181.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/interact

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.532a95292043e089.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.181.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e7cbe8021e37b368c58d5262ad73e4f5d262643fa2a0ebd339323bd4cfc2ae83

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' geha.okta.com login.geha.com .oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com geha.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com .oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-okta-request-id: ZZzwqiBKLn4CqzXNvDfVRAAAAKg
Date: Tue, 09 Jan 2024 07:07:22 GMT
content-security-policy: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 1200
x-content-type-options: nosniff
x-rate-limit-remaining: 1197
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://member-portal.geha.com
x-rate-limit-reset: 1704784063
access-control-allow-credentials: true
cache-control: no-cache, no-store
X-Robots-Tag: noindex,nofollow
access-control-allow-headers: Content-Type
Keep-Alive: timeout=5, max=99
expires: 0

OPTIONS
H/1.1 200
OK interact
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/ 0
0 122ms
122ms Preflight 15.197.181.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/interact

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.181.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' geha.okta.com login.geha.com .oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com geha.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com .oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-okta-user-agent-extended
Access-Control-Request-Method: POST
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Tue, 09 Jan 2024 07:07:22 GMT
Keep-Alive: timeout=5, max=98
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
access-control-allow-credentials: true
access-control-allow-headers: x-okta-user-agent-extended,Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://member-portal.geha.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: ZZzwqoI26FKYHtxE3G8vcAAAAlo
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9993
x-rate-limit-reset: 1704784063
x-xss-protection: 0

POST
H/1.1 200
OK introspect Show response
login.geha.com/idp/idx/ 10 KB
13 KB 343ms
343ms Fetch
application/ion+json 15.197.181.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/idp/idx/introspect

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.532a95292043e089.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.181.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

1a4835d9a3b29e3bb6ac5ff7063b70ac2d356c00e5599da680c4f55054fa6a92

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' geha.okta.com login.geha.com .oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com geha.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com .oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/ion+json; okta-version=1.0.0
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id: ZZzwqiBKLn4CqzXNvDfVRwAAAKg
Date: Tue, 09 Jan 2024 07:07:22 GMT
content-security-policy: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 2000
x-content-type-options: nosniff
x-rate-limit-remaining: 1997
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
vary: Origin
Content-Type: application/ion+json;okta-version=1.0.0
access-control-allow-origin: https://member-portal.geha.com
x-rate-limit-reset: 1704784064
access-control-allow-credentials: true
cache-control: no-cache, no-store
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=5, max=98
expires: 0

OPTIONS
H/1.1 200
OK introspect
login.geha.com/idp/idx/ 0
0 125ms
125ms Preflight 15.197.181.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/idp/idx/introspect

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.181.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' geha.okta.com login.geha.com .oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com geha.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com .oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: POST
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Tue, 09 Jan 2024 07:07:22 GMT
Keep-Alive: timeout=5, max=97
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://member-portal.geha.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: ZZzwqoI26FKYHtxE3G8vcgAAAlo
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9992
x-rate-limit-reset: 1704784063
x-xss-protection: 0

GET
H2 200 checkbox-sign-in-widget.fed34083.png
member-portal.geha.com/_next/static/media/ 3 KB
3 KB 24ms
24ms Image
image/png 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member-portal.geha.com/_next/static/media/checkbox-sign-in-widget.fed34083.png

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:22 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"c45-18c63df7898"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14494
server-timing: cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1704784042827_34901589_160910049_1174_6407_6_0_146";dur=1
accept-ranges: bytes
content-length: 3141

GET
H2 200 montserrat-okta-regular-webfont.691ec7ce.woff
member-portal.geha.com/_next/static/media/ 21 KB
22 KB 25ms
24ms Font
font/woff 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/media/montserrat-okta-regular-webfont.691ec7ce.woff

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:22 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"55dc-18c63df7898"
x-frame-options: DENY
content-type: font/woff
cache-control: public, max-age=7514
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1704784042834_34901589_160910054_431_8284_6_0_255";dur=1
accept-ranges: bytes
content-length: 21980

GET
H2 200 montserrat-okta-light-webfont.4bb7d8d1.woff
member-portal.geha.com/_next/static/media/ 22 KB
22 KB 25ms
25ms Font
font/woff 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/media/montserrat-okta-light-webfont.4bb7d8d1.woff

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:07:22 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 13 Dec 2023 15:50:39 GMT
etag: W/"5660-18c63df7898"
x-frame-options: DENY
content-type: font/woff
cache-control: public, max-age=5110
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1704784042834_34901589_160910055_459_8202_6_0_255";dur=1
accept-ranges: bytes
content-length: 22112

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geha.com/	1970-01-20 17:33:11	Name: ak_bmsc Value: B6B185FECDF45EC0AD87B327EF19102A~000000000000000000000000000000~YAAQVY4UAlD5tNuMAQAAlRQM7RZx1EEn/LSX/Qg3O9QQQ/1HSqQ4FactWxBWydXJcOyihNS6eUAAW5+8eE5AMZbPJCM2/GWxcyzxlJkG6tjpd0r+DsJ2sPiypza7H4b7CBcffPaHQFWYC7kZb1yEKineXT48hFUmeWZvmUJa1Qui4ruRYL7xtAV+NFBkp1sSBePjVo4liG7fE+yEPMhXiag+IMKlKlzV1Qa2+ZKpyrW3up5t4MdIhDzazTPmewgE1N9NWvvYtNeNzXPANTx6xeh83br8H6W5B3DAaoseIs/UB2M/mA9ZHSvBBAnRmlXLxYoDDmOzjiOV9Kccs1WzYQ71QqLmSikDDu+wkHwwehrG5URyLzDMoTGYpmTWzTmhb/Icx03d/MXvpWfkeDr9vm/m0z4ntrwu8LzN8yIw
.geha.com/	1970-01-21 03:09:04	Name: _ga Value: GA1.1.824695747.1704784042
.geha.com/	1970-01-21 03:09:04	Name: _ga_X5XQCNY2FN Value: GS1.1.1704784041.1.0.1704784041.0.0.0
login.geha.com/	1970-01-21 03:09:04	Name: DT Value: DI1A9autv2tRj6JTuj4ckBQpw
login.geha.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: C6BFBDCBDE490769FC3325EBEF7F15BC

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd32a.akstat.io
c.go-mpulse.net
fonts.googleapis.com
fonts.gstatic.com
login.geha.com
member-portal.geha.com
p.typekit.net
region1.google-analytics.com
s.go-mpulse.net
siteintercept.qualtrics.com
use.typekit.net
www.googletagmanager.com
znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
104.17.209.240
15.197.181.212
2001:4860:4802:34::36
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:831::200a
2a02:26f0:1700:38a::11a6
2a02:26f0:3500:16::215:1495
2a02:26f0:7100:59a::11a6
2a02:26f0:780::210:a419
2a02:26f0:ab00::214:8e59
3.33.189.110
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ba6e2db53813ce06f2e7cc09e6ac476f5306c87452023f1008d8d67feac7dee
15fa341736dab447482d69fc66237eb67d774b5eb422b3f61beafadb3bb4e37e
1a4835d9a3b29e3bb6ac5ff7063b70ac2d356c00e5599da680c4f55054fa6a92
1ab0a26f2850163c8217535acb3465cbcdd5e0642f97e70b2e2bc369262ed05d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
24e2c787dd5a9faf99c308d660a53a4b6ff8051e77df3311d1d57484da97067b
2aedac1adaee43f450505512dae0a132d3b0813fcc21bfb27bc2969cb31e139b
3a52545e38cd6498d51421bd567fe2505c3b08a05471f11e81174c2fa3106441
3d2a8fc1129dabfa9cb716c56040d09f0c7b72fad3206f6c765cd087675fa799
3f56670feb97febe27a44bb49996b8fed1bfac070879c5fe3a3425d8b05536dc
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
4a78244eaaca474e76c68634a0a766d5ec506c9410707d71e68bb11445d6f330
4dd246d6240a7d156830950a9bbee2121c5e62fdb76dd84d82d838fbf143cc5d
55054dcedfeacfa6740438956a10cb1c7a8acfcdc642ea9cf91131ca4b93f3a4
5cfa66663be987c35d8709111800b6b7aa64db48c230251ab2b2680d249eae17
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
680fcd85850906013938750127753f37f17bf6c45b49e7a58a5ade0fd0e84377
6dbc584b36c2dadc91666a4aba780bf708b52a3ebf56216a752f3d18ddea2685
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
75a45f96a7bfc0a241b566b1435c81f168ed0168b423b66603c4e307c6357a90
7a0bd67bb177438ac3b335bdc32e6039df203320855de4096edf104807748dd0
8393561f58550a29e12989314e3f57eeb0841915cf66e38e9dce6ee6c149c80d
8a963f587a174dbe5747edf7e73896605f9039bca5e05b2b9bc443643a24a65f
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
9230295cadd808a698abddc0af90987e825aebe7a782ffe9193ea91daffdf587
9ad16b26514f48c9aae132bfe5959fff4db2958a26737ee2e7caacbba25ea55c
add5a4ae4344dd616f6599ff1538b07f2a8d18fd1cc05340f76cc3441050c2ab
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
d28ed333d77f6e14a841b8304ada3fa81f1059119c85144bdf1a516a3cc84bf4
d9bbd702729ed5503c5f25b75e34d112eeef3f38ca1c9a859e8c023a6f895afb
e01cb5efd28363a021d27c7b0583f0904d61f1735d343d453fe8ea7662d939f0
e0e4bf0b617847668f9d97fe859989710ec0e0fa29378b9b4c9beb34de27f637
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cbe8021e37b368c58d5262ad73e4f5d262643fa2a0ebd339323bd4cfc2ae83
e92e4432090d41a6444853dfc63091062a38ce4bea2fd35efa8f394c66a3f2f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd6fa81d373c739f01f9385a3764f25b6f4a6277f0205ecfa3a93909fb7d517a
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

member-portal.geha.com Open in urlscan Pro 2a02:26f0:ab00::214:8e59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

75 %IPv6

9 Domains

13 Subdomains

12 IPs

3 Countries

958 kBTransfer

3224 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

member-portal.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e59 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

958 kB
Transfer

3224 kB
Size

5
Cookies

44 HTTP transactions
2 data transactions