www.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.info.geha.com/?qs=ad9f06f3f4dba9e765d78d4bb731b4b24e18248f4bed70bfc255e17fd7046f3e8d3b4915a02759e28b56fb38a3d7...
Effective URL:
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Pr...
Submission: On April 12 via manual (April 12th 2024, 9:13:09 am UTC) from US — Scanned from DE

Summary HTTP 129 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 27 domains to perform 129 HTTP transactions. The main IP is 2a02:26f0:ab00::214:8e63, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.geha.com. The Cisco Umbrella rank of the primary domain is 205940.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 23rd 2023. Valid for: a year.

This is the only time www.geha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.100.248 13.111.100.248	14340 (SALESFORCE) (SALESFORCE)
25	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.92.121 18.66.92.121	16509 (AMAZON-02) (AMAZON-02)
6	104.18.17.10 104.18.17.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:170... 2a02:26f0:1700:391::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.111.118.55 13.111.118.55	14340 (SALESFORCE) (SALESFORCE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1 5	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:235... 2600:9000:235a:aa00:3:35f2:c540:21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::63 2620:1ec:bdf::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	216.58.212.164 216.58.212.164	15169 (GOOGLE) (GOOGLE)
3	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
11	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
2	34.245.244.146 34.245.244.146	16509 (AMAZON-02) (AMAZON-02)
2	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1901:0:7... 2600:1901:0:7628::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2.21.74.113 2.21.74.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.19.217.177 2.19.217.177	16625 (AKAMAI-AS) (AKAMAI-AS)
129	39

1 13.111.100.248 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.info.geha.com

click.info.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:26f0:ab00::214:8e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.92.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-121.fra56.r.cloudfront.net

d1mj578wat5n4o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.17.10 (None, )

ASN13335 (CLOUDFLARENET, US)

api-engage-us.sitecorecloud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:391::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd313.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.111.118.55 (United States)

ASN14340 (SALESFORCE, US)
PTR: cloud.info.geha.com

cloud.info.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:235a:aa00:3:35f2:c540:21 (United States)

ASN16509 (AMAZON-02, US)

d35vb5cccm4xzp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

13916293.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.164 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.245.244.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-244-146.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.74.113 (Prague, Czech Republic) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-74-113.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.217.177 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-177.deploy.static.akamaitechnologies.com

sjc1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	geha.com 1 redirects click.info.geha.com www.geha.com — Cisco Umbrella Rank: 205940 cloud.info.geha.com — Cisco Umbrella Rank: 361284 Failed	813 KB
15	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1784 ka-p.fontawesome.com — Cisco Umbrella Rank: 3249	242 KB
12	qualtrics.com zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com — Cisco Umbrella Rank: 335595 siteintercept.qualtrics.com — Cisco Umbrella Rank: 915 sjc1.qualtrics.com — Cisco Umbrella Rank: 10322	75 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 751 c.clarity.ms — Cisco Umbrella Rank: 1390 i.clarity.ms — Cisco Umbrella Rank: 6082	28 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33 region1.google-analytics.com — Cisco Umbrella Rank: 2548	21 KB
6	sitecorecloud.io api-engage-us.sitecorecloud.io — Cisco Umbrella Rank: 67613	862 B
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	9 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 877 tr6.snapchat.com — Cisco Umbrella Rank: 1310	679 B
5	doubleclick.net 1 redirects 13916293.fls.doubleclick.net — Cisco Umbrella Rank: 378961 stats.g.doubleclick.net — Cisco Umbrella Rank: 87	2 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 335 c.bing.com — Cisco Umbrella Rank: 233	16 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	447 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2640 kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2641 fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net	1 KB
4	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6348 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5717	6 KB
4	gstatic.com fonts.gstatic.com	91 KB
3	google.de www.google.de — Cisco Umbrella Rank: 7551	189 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	189 B
3	cloudfront.net d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net	81 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1586 insight.adsrvr.org — Cisco Umbrella Rank: 611	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1395 c.go-mpulse.net — Cisco Umbrella Rank: 625	52 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 462 p.typekit.net — Cisco Umbrella Rank: 566	1 KB
1	akstat.io 684dd313.akstat.io — Cisco Umbrella Rank: 84999	224 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	273 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 838	394 B
1	t.co t.co — Cisco Umbrella Rank: 678	375 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1149	19 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 788	15 KB
129	27

	Domain	Requested by
25	www.geha.com	www.geha.com
12	ka-p.fontawesome.com	kit.fontawesome.com www.geha.com
10	siteintercept.qualtrics.com	zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com
6	api-engage-us.sitecorecloud.io	d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net
6	fonts.googleapis.com	www.geha.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagmanager.com	www.geha.com www.googletagmanager.com
4	tr.snapchat.com	sc-static.net
4	bat.bing.com	www.googletagmanager.com bat.bing.com www.geha.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google.de	www.geha.com
3	www.google.com	www.geha.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	kit.fontawesome.com	www.geha.com kit.fontawesome.com
2	i.clarity.ms	www.clarity.ms
2	rum-collector-2.pingdom.net	rum-static.pingdom.net
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	13916293.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	d35vb5cccm4xzp.cloudfront.net	d1mj578wat5n4o.cloudfront.net d35vb5cccm4xzp.cloudfront.net
2	connect.facebook.net	www.geha.com connect.facebook.net
2	rum-static.pingdom.net	www.googletagmanager.com
2	cloud.info.geha.com	www.geha.com
1	sjc1.qualtrics.com
1	fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	tr6.snapchat.com	sc-static.net
1	684dd313.akstat.io	s.go-mpulse.net
1	insight.adsrvr.org	js.adsrvr.org
1	c.bing.com	1 redirects
1	zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	www.geha.com
1	www.facebook.com	www.geha.com
1	c.go-mpulse.net	s.go-mpulse.net
1	analytics.twitter.com	www.geha.com
1	t.co	www.geha.com
1	region1.google-analytics.com	www.googletagmanager.com
1	sc-static.net	www.geha.com
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	s.go-mpulse.net	www.geha.com
1	d1mj578wat5n4o.cloudfront.net	www.geha.com
1	p.typekit.net	use.typekit.net
1	use.typekit.net	www.geha.com
1	click.info.geha.com	1 redirects
129	46

This site contains links to these domains. Also see Links.

Domain
calendly.com
member-portal.geha.com
www.gehadentaldiscount.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-23` - `2024-09-22`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sitecorecloud.io E1	`2024-02-22` - `2024-05-22`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
cloud.info.geha.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-12-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-04-11` - `2024-06-27`	3 months	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2023-10-14` - `2024-10-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Frame ID: B7225E26A86FC9E7A2BC507656B59F99
Requests: 120 HTTP requests in this frame

Frame: https://cloud.info.geha.com/draft?utm_source=S24WTE0GINAP&utm_campaign=Partnerships%20-%2024%20-%20Brand%20Awareness%20-%20Email%20-%20NFL%20Draft%20Giveaway%20-%20Prospects%20-%20National_S24WTE0GINAP&utm_medium=Email
Frame ID: 1470547D1FE2447A3CFA7F6FC264868C
Requests: 2 HTTP requests in this frame

Frame: https://cloud.info.geha.com/openseasonplanreminders
Frame ID: F77903A113FE3C92EA156749AF913681
Requests: 1 HTTP requests in this frame

Frame: https://13916293.fls.doubleclick.net/activityi;dc_pre=CNjK9-6qvIUDFWtZHgIdku4HRQ;src=13916293;type=gehac0;cat=gehaa0;ord=6050097214947;npa=1;auiddc=700159189.1712913183;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_
Frame ID: 6552D6AFB12D845F773833FA92DA2592
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=29a50b68-d5e7-4019-8575-7fea0adbb21f&u_scsid=3927d8e1-7d51-4652-b6d4-d4f9c709c9cd&u_sclid=b4d86b46-4786-4adb-98d0-e163df604054
Frame ID: E5C7ACBAD4D468ADCA9F3161E2749E72
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=iu2zbne&ref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&upid=ms4t6e7&upv=1.1.0
Frame ID: A0EA7953171A196AFAFE1DA05698E0D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Draft Giveaway | GEHA

Page URL History Show full URLs

https://click.info.geha.com/?qs=ad9f06f3f4dba9e765d78d4bb731b4b24e18248f4bed70bfc255e17fd7046f3e8d3b4915... HTTP 302
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

129
Requests

97 %
HTTPS

48 %
IPv6

27
Domains

46
Subdomains

39
IPs

6
Countries

1995 kB
Transfer

7815 kB
Size

39
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://calendly.com/d/3s7-qqm-xsd
Title: Schedule a Benefits Session

Search URL Search Domain Scan URL

URL: https://member-portal.geha.com/login?utm_medium=Email&utm_source=S24WTE0GINAP&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_content=_
Title: Member

Search URL Search Domain Scan URL

URL: https://www.gehadentaldiscount.com/
Title: Connection Dental Discount

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GEHAhealth

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gehahealth

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gehahealth

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gehahealth

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.info.geha.com/?qs=ad9f06f3f4dba9e765d78d4bb731b4b24e18248f4bed70bfc255e17fd7046f3e8d3b4915a02759e28b56fb38a3d7f539a682af71e3ab58ccbb43f26bcf512dfb HTTP 302
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://13916293.fls.doubleclick.net/activityi;src=13916293;type=gehac0;cat=gehaa0;ord=6050097214947;npa=1;auiddc=700159189.1712913183;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_ HTTP 302
https://13916293.fls.doubleclick.net/activityi;dc_pre=CNjK9-6qvIUDFWtZHgIdku4HRQ;src=13916293;type=gehac0;cat=gehaa0;ord=6050097214947;npa=1;auiddc=700159189.1712913183;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_

Request Chain 103

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D6BAE2779CEE46B49365CF0D8FB30AD1&RedC=c.clarity.ms&MXFR=10816264B55267AF148A763BB15269A7 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D6BAE2779CEE46B49365CF0D8FB30AD1&MUID=1A7E888F4CF86485166B9CD04D736578

Request Chain 115

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=per116atr HTTP 302
https://kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 116

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=per116atr HTTP 302
https://fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net/eum/results.txt

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request draftgiveaway Show response
www.geha.com/
Redirect Chain

https://click.info.geha.com/?qs=ad9f06f3f4dba9e765d78d4bb731b4b24e18248f4bed70bfc255e17fd7046f3e8d3b4915a02759e28b56fb38a3d7f539a682af71e3ab58ccbb43f26bcf512dfb
https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_key...

70 KB
14 KB

1135ms
1032ms

Document
text/html

2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61045f858da73e2677d9c2ed4c4988d5ef9f4946c8a399cc46511ae9fdeff66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 12915
content-type: text/html; charset=utf-8
date: Fri, 12 Apr 2024 09:13:02 GMT
expires: -1
pragma: no-cache
server-timing: cdn-cache; desc=MISS edge; dur=727 origin; dur=144 ak_p; desc="1712913181307_34901599_152771429_87172_8685_6_38_255";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 67454 0 pmb=mRUM,1
x-content-type-options: 'nosniff'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 553
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Apr 2024 09:13:00 GMT
Location: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/ 29 KB
4 KB 37ms
35ms Stylesheet
text/css 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Feature/Experience-Accelerator/Bootstrap-4/Bootstrap-4/Styles/optimized-min.css?t=20200827T195652Z

Requested by

Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182385_34901599_152771933_36_7641_6_0_255";dur=1
content-length: 3484
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Aug 2020 19:56:52 GMT
etag: 71297b75a810417dbeaa71ed60eeb6e1
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=26650
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/ 132 KB
22 KB 38ms
36ms Stylesheet
text/css 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Core-Libraries/styles/optimized-min.css?t=20221109T053533Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182385_34901599_152771934_41_7251_6_0_255";dur=1
content-length: 22078
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Nov 2022 05:35:33 GMT
etag: cddcbd79bda84976b39a43a487bdbebf
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=30593
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/Main-Theme/styles/ 5 KB
2 KB 40ms
38ms Stylesheet
text/css 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Main-Theme/styles/optimized-min.css?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1712913182385_34901599_152771935_603_7202_6_0_255";dur=1
content-length: 1636
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: ffd03de852da41deb27b87223721ff9a
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=69009
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Styles/ 1 KB
964 B 16ms
15ms Stylesheet
text/css 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Styles/optimized-min.css?t=20220715T021623Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

286dc7cf3eb0c6c06c2fb54d779f82bf342bbf766861f7aba001408bcb391828

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182385_34901599_152771936_42_7099_6_0_255";dur=1
content-length: 538
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:16:23 GMT
etag: bb86af52b3144400b8d0333da683b1db
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=26899
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.css
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/ 1 MB
137 KB 42ms
40ms Stylesheet
text/css 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b65ecc819f4b7a1056b90009ae39134cd681a53a70c845104ec132820a37630b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 15 Mar 2024 01:27:54 GMT
etag: c92ec30f3da24c8b97fc8632523f220f
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=68942
content-disposition: inline; filename="optimized-min.css"
server-timing: cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1712913182385_34901599_152771937_1389_7077_6_0_255";dur=1
accept-ranges: bytes
content-length: 140066
x-xss-protection: 1; mode=block

GET
H2 200 VisitorIdentification.js Show response
www.geha.com/layouts/system/ 2 KB
1 KB 41ms
39ms Script
application/javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/layouts/system/VisitorIdentification.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: 'nosniff'
date: Fri, 12 Apr 2024 09:13:02 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1712913182386_34901599_152771938_668_6986_6_0_219";dur=1
content-length: 732
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 10 Sep 2018 14:56:14 GMT
server: Microsoft-IIS/10.0
etag: "0bb5d6b1649d41:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-stackifyid: V2|376ba7d2-d6e1-4c98-9e22-59ecbdf6884c|C57524|CD4989
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 57591c2ee3.js Show response
kit.fontawesome.com/ 12 KB
4 KB 546ms
527ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3.js
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277b8bd1952e82623693dc9123e1c2186cf0ac9436d4059dffe4ad732d2da5a3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8732191e08d030d6-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8V7wMb3DG2H5hCQHyQB

GET
H2 200 57591c2ee3.css
kit.fontawesome.com/ 399 B
511 B 465ms
445ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3.css
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf99991359fbb6e575a809280eb26d7f2408710608ccb222788324c6c1ac753f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=300, public, stale-while-revalidate=30
cf-ray: 8732191e08cd30d6-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8KJUM53a9DZRTAAV4hB

GET
H2 200 geha.png
www.geha.com/~/media93/Project/GEHA/shared/ 9 KB
10 KB 62ms
61ms Image
image/png 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/shared/geha.png?h=135&w=550&la=en&hash=6A9419DEDA474BA8DF91728302A3ACB2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3487c89cbf4176ba31dee9f3fb221bab9b05753f689e372d9c03e71c78b8e3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 30 Jul 2021 17:58:46 GMT
etag: cdfed84458664cc398ac12b335feb876
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=60162
content-disposition: inline; filename="geha.png"
server-timing: cdn-cache; desc=HIT, edge; dur=24, origin; dur=0, ak_p; desc="1712913182386_34901599_152771939_2464_7463_6_0_182";dur=1
accept-ranges: bytes
content-length: 9374
x-xss-protection: 1; mode=block
x-datastream-cache-status: 1

GET
H2 200 database-white.png
www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/ 1 KB
2 KB 63ms
62ms Image
image/png 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/database-white.png?h=100&w=100&la=en&hash=521DCE033E36C28C1312246F6B57E917

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e43974dcd89e9262d9c19ddfc9ce50400414c01abbe784eebf8e8d785503d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Wed, 16 Dec 2020 17:05:29 GMT
etag: c359242c1555453b8bddae1659745e71
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=35067
content-disposition: inline; filename="database-white.png"
server-timing: cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1712913182394_34901599_152771944_1249_8380_6_0_182";dur=1
accept-ranges: bytes
content-length: 1293
x-xss-protection: 1; mode=block

GET
H2 200 info-white.png
www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/ 1 KB
1 KB 18ms
18ms Image
image/png 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/alert-icons/info-white.png?h=100&w=100&la=en&hash=2E8B9E0473DCE0A6C2B76FF3F8D6E1F0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d2594afe30fbd3142c9ec683a95629cd01010be1de052e5d1f55843cb073961

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Wed, 16 Dec 2020 17:06:18 GMT
etag: b79bcdbd88ed4aa2a54b55a750503ef7
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=70346
content-disposition: inline; filename="info-white.png"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182463_34901599_152771972_30_7382_12_0_182";dur=1
accept-ranges: bytes
content-length: 1142
x-xss-protection: 1; mode=block

GET
H2 200 draft-giveaway-registration-page.jpg
www.geha.com/~/media93/Project/GEHA/GEHA/draft-giveaway/ 119 KB
119 KB 23ms
23ms Image
image/jpeg 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geha.com/~/media93/Project/GEHA/GEHA/draft-giveaway/draft-giveaway-registration-page.jpg?h=42%25&w=100%25&hash=75B25ADEE1C1B1CCC30276E00614EA43

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36cbe98f9a9327afce4c79a1c0a9d43e076d3b2ae36e68f7c40b7cbc41d95931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 29 Mar 2024 16:40:21 GMT
etag: b3e3fdc7d3974ccd9d46595cd18c23ff
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=6770
content-disposition: inline; filename="draft-giveaway-registration-page.jpg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182472_34901599_152771975_92_7777_11_0_182";dur=1
accept-ranges: bytes
content-length: 121778
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/ 1 MB
305 KB 17ms
17ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182482_34901599_152771979_102_7426_6_0_182";dur=1
content-length: 312095
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Nov 2022 05:35:31 GMT
etag: 5f8a850d7d5d40faa8d832fe2c37e52d
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=34609
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/XA-API/Scripts/ 2 KB
1 KB 17ms
17ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/XA-API/Scripts/optimized-min.js?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182493_34901599_152771983_87_7728_6_0_182";dur=1
content-length: 855
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: c38298f3b90349549796d730a6e8ff40
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=25049
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/ 3 KB
1 KB 36ms
36ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Main-Theme/scripts/optimized-min.js?t=20220715T021536Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 15 Jul 2022 02:15:36 GMT
etag: 574f88811b0947e08eb6c1deb05b1ab4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=62649
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182523_34901599_152771997_99_6974_6_0_182";dur=1
accept-ranges: bytes
content-length: 962
x-xss-protection: 1; mode=block

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/ 5 KB
2 KB 24ms
23ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Google-Maps-JS-Connector/Scripts/optimized-min.js?t=20220715T021537Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182541_34901599_152772016_96_6737_6_0_182";dur=1
content-length: 1930
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:37 GMT
etag: 62f4e07c5ee3471187fee95f1034f7cb
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=8462
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Maps/Scripts/ 9 KB
3 KB 15ms
15ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Maps/Scripts/optimized-min.js?t=20220715T021537Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182586_34901599_152772031_27_6859_9_0_182";dur=1
content-length: 3035
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:37 GMT
etag: 13b4e978e32648de9f455492b56e0de2
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=23302
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/ 76 KB
18 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/SearchTheme/Scripts/optimized-min.js?t=20221028T013215Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

91af8f8604e6cbcb00a3ff4056f9fce3090c1ffca25400650895832c03b34ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182586_34901599_152772032_31_6789_9_0_182";dur=1
content-length: 18181
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Oct 2022 01:32:15 GMT
etag: aeae65fdf10e405a819820b86851dd8d
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=68322
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/ 52 KB
15 KB 18ms
17ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Components-Theme/Scripts/optimized-min.js?t=20220715T021538Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182605_34901599_152772044_82_8145_7_0_182";dur=1
content-length: 14937
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:38 GMT
etag: 5ca53ec515f5411bacbd3a615d251007
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=23352
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/ 19 B
474 B 27ms
26ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/Resolve-Conflicts/Scripts/optimized-min.js?t=20220715T021538Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182617_34901599_152772049_103_7523_6_0_182";dur=1
content-length: 39
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:15:38 GMT
etag: e8bf1b6ff51942bfac73dfb8ec9beddf
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=21546
accept-ranges: bytes
x-datastream-cache-status: 2

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Scripts/ 253 B
644 B 16ms
16ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Base-Themes/UnsupportedBrowser/Scripts/optimized-min.js?t=20220715T021621Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5fd7281dafc44afbbb34847a7c8dfff204d017418103d96eb401ade5c1f6012c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182627_34901599_152772053_91_7404_7_0_182";dur=1
content-length: 210
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 02:16:21 GMT
etag: faf71ebe50fd45198d26fa25699a92d9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=17370
accept-ranges: bytes
x-datastream-cache-status: 1

GET
H2 200 optimized-min.js Show response
www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/ 523 KB
142 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/scripts/optimized-min.js?t=20240315T012754Z

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

71e970680812d5265281f05a10ae287a5739c582d03a027ef3b3f2e02166ec21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: 'nosniff'
strict-transport-security: max-age=15768000 ; includeSubDomains
content-disposition: inline; filename="optimized-min.js"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913182636_34901599_152772056_33_7337_7_0_182";dur=1
content-length: 144408
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Mar 2024 01:27:54 GMT
server: Microsoft-IIS/10.0
etag: 2c979c38fa4d45c684fb5b7bef965839
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=53964
accept-ranges: bytes

GET
H2 200 vxe3lkg.css
use.typekit.net/ 7 KB
1 KB 538ms
484ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vxe3lkg.css

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

91885b79eafb9db3b3b6bccd7d3927f3cea7bc0a006fe3a6b625787d413fc412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 12 Apr 2024 09:13:02 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 972

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
1 KB 71ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 08:51:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 09:13:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 81 KB
3 KB 75ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@500;600;700&family=Nunito+Sans:opsz,wght@6..12,500;6..12,700&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5d59965fc50d217015f96f657880ade0fcbc85b9cc15b5fc20f097a25be9a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 09:13:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 09:13:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 77 KB
3 KB 74ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@500;600;700&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

166b640351aa645b6af02b1013bc7fbead2822e44d773deba0b35f4053d0e94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 09:13:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 09:13:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
697 B 73ms
21ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:opsz,wght@6..12,400;6..12,800&display=swap

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a4bf8a4ca374508387fc27de382cbbe01a6ace9f7bb3c1618884b7b86dd6c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 09:13:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 09:13:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
494 B 72ms
20ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 09:13:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 09:13:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 67ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400,600,700,800,900

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Themes/GEHA/GEHA/GEHA/styles/optimized-min.css?t=20240315T012754Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43bf46697a74707dd319e2549eb7e7ad414d629c257da2dfc02e082a7a7290c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 09:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 09:13:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 09:13:02 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 7ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vxe3lkg&ht=tk&f=24537.24538.24539.24540.24545.24546.24547.24548.24549.24552&a=90735096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vxe3lkg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:02 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 420 KB
116 KB 75ms
52ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eac4ff35f6cf2c6c1110249afe4314ac826c16e7f4f7cae19e2491e99abc72a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 118644
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 09:13:03 GMT

GET
H/1.1 200
OK sitecore-engage-v.1.3.0.min.js Show response
d1mj578wat5n4o.cloudfront.net/ 48 KB
49 KB 37ms
8ms Script
binary/octet-stream 18.66.92.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb56f17a4fe738143ac04ca01897e7ae5980eab0a5aaf0ebad8c6a2d09e39d90

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 07:40:05 GMT
Via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 May 2023 07:05:18 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 20427
x-amz-server-side-encryption: AES256
ETag: "f31e2f04c4696df590de7bcb24cebec2"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49153
X-Amz-Cf-Id: BpWhaiojt1fP8w2ReZmtD-S_aAdc_22swZIvqh5ClR1HeWB1ln60Uw==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 672 KB
118 KB 22ms
20ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:26 GMT
server: cloudflare
age: 38792
etag: "660c23a2-1d791"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 87321921bc5430d6-FRA
content-length: 120721

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 27 KB
4 KB 30ms
29ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 831672
etag: "660c23a0-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 87321921cc5830d6-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 50 KB
7 KB 30ms
29ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 831672
etag: "660c23a0-1c3b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 87321921cc5c30d6-FRA
content-length: 7227

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.2/css/ 7 KB
2 KB 30ms
29ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 44207
etag: "660c23a0-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 87321921cc5f30d6-FRA
content-length: 1738

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/57591c2ee3/93592551/ 0
157 B 21ms
20ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/57591c2ee3/93592551/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
cf-cache-status: HIT
age: 2560150
content-length: 0
x-request-id: F7xlBcIjwYv1x4r5d89h
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 87321921bc5030d6-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 pro.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 672 KB
212 B 84ms
21ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kit.fontawesome.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:26 GMT
server: cloudflare
age: 831394
etag: "660c23a2-1d791"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 873219222d43373c-FRA
content-length: 120721

GET
H2 200 pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 27 KB
56 B 89ms
26ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kit.fontawesome.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 831395
etag: "660c23a0-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 873219222d45373c-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 50 KB
73 B 85ms
22ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kit.fontawesome.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 831394
etag: "660c23a0-1c3b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 873219222d47373c-FRA
content-length: 7227

GET
H2 200 pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 7 KB
49 B 88ms
25ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=57591c2ee3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/57591c2ee3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kit.fontawesome.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:26:24 GMT
server: cloudflare
age: 831394
etag: "660c23a0-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 873219222d49373c-FRA
content-length: 1738

GET
H3 201 create.json Show response
api-engage-us.sitecorecloud.io/v1.2/browser/ 178 B
333 B 128ms
127ms Fetch
application/json 104.18.17.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/browser/create.json?client_key=b9c1f091c924864e2a26574bbef92243&message={}
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e57349669390d2e89cbf7108d402dffdfd2e8683da2aaa4168b3a1688b62c70

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Library-Version: 1.3.0
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 873219232e5f1e5c-FRA
content-length: 178
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 create.json
api-engage-us.sitecorecloud.io/v1.2/browser/ Frame 0
0 162ms
129ms Preflight
text/plain 104.18.17.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/browser/create.json?client_key=b9c1f091c924864e2a26574bbef92243&message={}
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-library-version
Access-Control-Request-Method: GET
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version,X-Client-Software-ID
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 873219225d4d1e5c-FRA
content-length: 24
content-type: text/plain
date: Fri, 12 Apr 2024 09:13:03 GMT
server: cloudflare
x-robots-tag: noindex

GET
H2 200 7JTKV-XPJV9-YRVS3-M2J45-ZYZNN Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 49ms
7ms Script
application/javascript 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Mon, 01 Apr 2024 04:33:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET draft
cloud.info.geha.com/ Frame 1470 0
0

GET
H/1.1 404
Not Found openseasonplanreminders Show response
cloud.info.geha.com/ Frame F779 1 KB
1 KB 611ms
138ms Document
text/html 13.111.118.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.info.geha.com/openseasonplanreminders
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.118.55 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.info.geha.com
Software: /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Connection: close
Content-Length: 1245
Content-Type: text/html
Date: Fri, 12 Apr 2024 09:13:03 GMT
X-Cache-Status: STORED

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 48ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 303511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 20:54:32 GMT

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 14 KB
14 KB 31ms
29ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-regular-400-0.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:16 GMT
server: cloudflare
age: 831394
etag: "660c2974-3914"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 873219237df330d6-FRA
content-length: 14612

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 14 KB
14 KB 31ms
30ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-12.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:22 GMT
server: cloudflare
age: 831394
etag: "660c297a-3878"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 873219237df430d6-FRA
content-length: 14456

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 53ms
18ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 02:38:45 GMT
x-content-type-options: nosniff
age: 282858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Apr 2025 02:38:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 41ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 03:50:46 GMT
x-content-type-options: nosniff
age: 537737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 03:50:46 GMT

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 39 KB
39 KB 24ms
23ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-1.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
age: 831394
etag: "660c2971-9d0c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 873219237df630d6-FRA
content-length: 40204

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 37 KB
37 KB 32ms
31ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-brands-400-0.woff2
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 15:51:13 GMT
server: cloudflare
age: 831394
etag: "660c2971-946c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 873219237df730d6-FRA
content-length: 37996

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 43ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 19:07:30 GMT
x-content-type-options: nosniff
age: 482733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 19:07:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
98 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T5EYR6VXJ8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

093ec5a1c020d821e0159880dc6425927c3192bd89e1c23762c924d66bc86d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100190
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 09:13:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
86 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11398356872&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af67e3d7d87d9b4fc5020358e873ec7669b7c99c2bc5d63202fc719bd27bd6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 09:13:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
10ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Apr 2024 07:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Apr 2024 09:38:42 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 37ms
8ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220106-FRA

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-973793713&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9aaad8d186c6cfdd31242e0414e640d050251a4fc2fdeac433df00937304b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 09:13:03 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-13916293&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf70812f361c9b2416c09f95a50ef819d20238b19ebdcd2c279c391ba98e3837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 09:13:03 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 117ms
92ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 12 Apr 2024 09:13:03 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F26C8F39F6544098AE60FDD771868512 Ref B: FRA31EDGE0515 Ref C: 2024-04-12T09:13:03Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 pa-5b8e94d0cea07b0016000061.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 155ms
130ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5b8e94d0cea07b0016000061.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b635282e06504d447e9dd8fe4c90c5bd308a8ffdc2da080243d51a65df81bd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 873219238c379b83-FRA
expires: Fri, 12 Apr 2024 09:18:03 GMT

GET
H2 200 pa-555b6812abe53d462fed7a74.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 140ms
115ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-555b6812abe53d462fed7a74.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486cb6639529a37f8755f3fda22b724e26ea0cfca10de5bae934da56e2d6022c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 873219238c369b83-FRA
expires: Fri, 12 Apr 2024 09:18:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Apr 2024 09:13:03 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2763, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: +qIpzNT/OUwqOpFC9ZfARLwlYcjkt5k/9KimeTj9EV5eLxyxfG/mmhgcSCQD9viPahB89aqaLfj48Tfk2hivAw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 9 KB
4 KB 37ms
11ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCSXPND
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 04:57:49 GMT
Content-Encoding: gzip
Via: 1.1 725f43139b6c583d9defb7c5029a8928.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Mar 2024 19:43:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 15315
x-amz-server-side-encryption: AES256
ETag: W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: TM5ofgDonWxW_DShTDFYrKV4DW120zji_rzVJmc_lUdV0xmm7OoSbQ==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 44 KB
19 KB 54ms
31ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:03 GMT
content-encoding: gzip
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19297
x-amz-cf-id: RV6EbP07I27Rd8tzfZ0XtCO4YHefX1q2439I4eUh74H333U9o5Bpwg==

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
706 B 167ms
166ms XHR
application/json 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=64, ak_p; desc="1712913183295_34901599_152772357_15025_7225_12_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
706 B 164ms
163ms XHR
application/json 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=dentalRecommendation&PersonalizedInfoId=dentalRecommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=63, ak_p; desc="1712913183463_34901599_152772430_14864_7593_10_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK draft Show response
cloud.info.geha.com/ Frame 1470 13 KB
3 KB 530ms
289ms Document
text/html 13.111.118.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.info.geha.com/draft?utm_source=S24WTE0GINAP&utm_campaign=Partnerships%20-%2024%20-%20Brand%20Awareness%20-%20Email%20-%20NFL%20Draft%20Giveaway%20-%20Prospects%20-%20National_S24WTE0GINAP&utm_medium=Email
Requested by: Host: www.geha.com
URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.118.55 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.info.geha.com
Software: /
Resource Hash: e3dd8f33992c58515312dbc2abd8620d0cca4e04f5a90e69f4dbfe7952dd771a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Length: 2866
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Apr 2024 09:13:03 GMT
Expires: -1
Pragma: no-cache

OPTIONS
H3 200 events
api-engage-us.sitecorecloud.io/v1.2/ Frame 0
0 306ms
306ms Preflight
text/plain 104.18.17.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-library-version
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version,X-Client-Software-ID
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: POST,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8732192609c71e5c-FRA
content-length: 13
content-type: text/plain
date: Fri, 12 Apr 2024 09:13:03 GMT
server: cloudflare
x-robots-tag: noindex

GET
H2 200 web-version.min.js Show response
d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/ 1 KB
2 KB 146ms
124ms Script
application/javascript 2600:9000:235a:aa00:3:35f2:c540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/web-version.min.js
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:aa00:3:35f2:c540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8339750b4cf72003f5f74e7f645b822a44345c58d724e7e0c321daec71f31c68

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 18:21:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
etag: "72ffd03ca7a925392eb79f7d45faa457"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1242
x-amz-cf-id: tSyJyUWDEARTgMzuRA3DliAGV1z-ENAPNWfKCsVOMHqG39LbTdQbrA==

POST
H3 201 events Show response
api-engage-us.sitecorecloud.io/v1.2/ 124 B
264 B 130ms
130ms Fetch
application/json 104.18.17.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v1.2/events
Requested by: Host: d1mj578wat5n4o.cloudfront.net
URL: https://d1mj578wat5n4o.cloudfront.net/sitecore-engage-v.1.3.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d86edde5909583f0fa20600f2db126dded4da22ac01cd2a274e23b9432158ec7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.geha.com/
X-Library-Version: 1.3.0
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 87321927fbd71e5c-FRA
content-length: 124
alt-svc: h3=":443"; ma=86400

GET
H2 200 personalizedinfo Show response
www.geha.com/api/personalizedinformation/ 33 B
710 B 164ms
164ms XHR
application/json 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/api/personalizedinformation/personalizedinfo?CookieName=recommendation&PersonalizedInfoId=recommendation

Requested by

Host: www.geha.com
URL: https://www.geha.com/~/media93/Base-Themes/Core-Libraries/scripts/optimized-min.js?t=20221109T053531Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=63, ak_p; desc="1712913183692_34901599_152772535_14957_7854_10_0_255";dur=1
content-length: 33
x-xss-protection: 1; mode=block
expires: -1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 15ms
14ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1926318054&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&ul=de-de&de=UTF-8&dt=Draft%20Giveaway%20%7C%20GEHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1370023693&gjid=445330804&cid=792820034.1712913184&tid=UA-18563403-14&_gid=782635224.1712913184&_r=1&_slc=1&gtm=45He44a0n81PCSXPNDv79625355za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2135231661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 14ms
14ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1926318054&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&ul=de-de&de=UTF-8&dt=Draft%20Giveaway%20%7C%20GEHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=2091836632&gjid=1410307420&cid=792820034.1712913184&tid=UA-18563403-1&_gid=782635224.1712913184&_r=1&_slc=1&gtm=45He44a0n81PCSXPNDv79625355za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1887055105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 14ms
14ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1926318054&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&ul=de-de&de=UTF-8&dt=Draft%20Giveaway%20%7C%20GEHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=164598441&gjid=2125838250&cid=792820034.1712913184&tid=UA-18563403-15&_gid=782635224.1712913184&_r=1&_slc=1&gtm=45He44a0n81PCSXPNDv79625355za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1507085698

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T5EYR6VXJ8&gtm=45je44a0v884583046z879625355za200&_p=1712913182993&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=792820034.1712913184&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712913183&sct=1&seg=0&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&dt=Draft%20Giveaway%20%7C%20GEHA&en=page_view&_fv=1&_ss=1&tfd=3347
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T5EYR6VXJ8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
375 B 207ms
187ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=55bc86a2-507b-428a-b27c-1a0c716ec746&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fce666d6-e1ea-40c9-951f-da1cd99be921&tw_document_href=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1swp&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 180
date: Fri, 12 Apr 2024 09:13:03 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 46a21e063d6320aa
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: b532038a4e327f23f89b3af3eeec37a711b1aa8827446325a557685b05cc2ea1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 148ms
120ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=55bc86a2-507b-428a-b27c-1a0c716ec746&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fce666d6-e1ea-40c9-951f-da1cd99be921&tw_document_href=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1swp&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 110
date: Fri, 12 Apr 2024 09:13:03 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 61c6424174d63472
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 90c3054da242b350d51917528a7e31822f3eca19355ec2f337a02caa544cb5b5
content-length: 43

GET
H2 200 275288828831386 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/275288828831386?v=2.9.153&r=stable&domain=www.geha.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a89224e3776513856c140c4f3f8a1d8da2c4978033d1bfd0d7363c0823e2591c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Apr 2024 09:13:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=64, mss=1294, tbw=63311, tp=-1, tpl=-1, uplat=70, ullat=0
pragma: public
x-fb-debug: 0v30fYRRhEnSd8OQW/yciNyX5gOQafok4v2FrFZSPJ4EZsBam4j/7sc/17+ldy6nWVUL2NnOojMozCo0ufiEhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNjK9-6qvIUDFWtZHgIdku4HRQ;src=13916293;type=gehac0;cat=gehaa0;ord=6050097214947;npa=1;auiddc=700159189.1712913183;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253...
13916293.fls.doubleclick.net/ Frame 6552
Redirect Chain

https://13916293.fls.doubleclick.net/activityi;src=13916293;type=gehac0;cat=gehaa0;ord=6050097214947;npa=1;auiddc=700159189.1712913183;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%...
https://13916293.fls.doubleclick.net/activityi;dc_pre=CNjK9-6qvIUDFWtZHgIdku4HRQ;src=13916293;type=gehac0;cat=gehaa0;ord=6050097214947;npa=1;auiddc=700159189.1712913183;uaa=x86;uab=64;uafvl=Google%...

0
0

48ms
48ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13916293.fls.doubleclick.net/activityi;dc_pre=CNjK9-6qvIUDFWtZHgIdku4HRQ;src=13916293;type=gehac0;cat=gehaa0;ord=6050097214947;npa=1;auiddc=700159189.1712913183;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13916293&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 09:13:04 GMT
expires: Fri, 12 Apr 2024 09:13:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 09:13:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13916293.fls.doubleclick.net/activityi;dc_pre=CNjK9-6qvIUDFWtZHgIdku4HRQ;src=13916293;type=gehac0;cat=gehaa0;ord=6050097214947;npa=1;auiddc=700159189.1712913183;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z879625355za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 343096952.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343096952.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4e2cdf9cca01d18c643530e9704e33d2f2f8d03bcf260ff6647e78d9129eaf65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 12 Apr 2024 09:13:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A57B65C54562459EB384EF310E38195E Ref B: FRA31EDGE0515 Ref C: 2024-04-12T09:13:03Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
287 B 36ms
36ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343096952&tm=gtm002&Ver=2&mid=348736fc-7cd9-4c27-988c-cb692a4bbd66&sid=de1f7130f8ac11ee9562f31b31912995&vid=de1f8bf0f8ac11ee878ca949c9683654&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Draft%20Giveaway%20%7C%20GEHA&p=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&r=&lt=3133&evt=pageLoad&sv=1&rn=461870

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Apr 2024 09:13:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 33115927044B438FA89FF4F7AD586087 Ref B: FRA31EDGE0515 Ref C: 2024-04-12T09:13:03Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 29a50b68-d5e7-4019-8575-7fea0adbb21f.js Show response
tr.snapchat.com/config/com/ 191 B
457 B 149ms
117ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/29a50b68-d5e7-4019-8575-7fea0adbb21f.js?v=3.14.1-2404091850

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

1ec56f04262e2768528f45618c5c0d9a23d1c4d0680a1b03ca4a2e6f23af98b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Origin: https://www.geha.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.geha.com
x-envoy-upstream-service-time: 98
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191

GET
H2 200 i
tr.snapchat.com/cm/ Frame E5C7 0
0 47ms
18ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=29a50b68-d5e7-4019-8575-7fea0adbb21f&u_scsid=3927d8e1-7d51-4652-b6d4-d4f9c709c9cd&u_sclid=b4d86b46-4786-4adb-98d0-e163df604054

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 12 Apr 2024 09:13:04 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18563403-14&cid=792820034.1712913184&jid=1370023693&gjid=445330804&_gid=782635224.1712913184&npa=1&_u=YGBACEAABAAAACAAI~&z=381512123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18563403-1&cid=792820034.1712913184&jid=2091836632&gjid=1410307420&_gid=782635224.1712913184&npa=1&_u=YGDACEABBAAAACAAI~&z=2143063725

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 59ms
22ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18563403-15&cid=792820034.1712913184&jid=164598441&gjid=2125838250&_gid=782635224.1712913184&npa=1&_u=YGDACEABBAAAACAAI~&z=1350287949

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-lib.min.js Show response
d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/ 127 KB
31 KB 9ms
8ms Script
application/javascript 2600:9000:235a:aa00:3:35f2:c540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/web-lib.min.js
Requested by: Host: d35vb5cccm4xzp.cloudfront.net
URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/web-version.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:aa00:3:35f2:c540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ae91a1dbaa74648b3a37a89b46257eebe9203f54ad4896f69a92f671c59b8d5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 Nov 2023 12:12:55 GMT
content-encoding: br
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 18:21:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 12690009
etag: W/"c2569cbe88bd4366de67e5ef15480614"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bqIWiXs6yfF2MYm5u4WAwDDNx4FSHONWlKfM3NAxfcbRyuWlPbBdiw==

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 778 B
942 B 74ms
48ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=7JTKV-XPJV9-YRVS3-M2J45-ZYZNN&d=www.geha.com&t=5709711&v=1.632.0&sl=0&si=twxyfdc4wz-sbto9r&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=624528
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cc9ba11d340c0dd850bbe1b5f03977600334de8ab7962264a5ade5c38a4e9812

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 12 Apr 2024 09:13:04 GMT
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 778
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 23ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=275288828831386&ev=PageView&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&rl=&if=false&ts=1712913183995&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1712913183994.640699101&ler=empty&cdl=API_unavailable&it=1712913183909&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2754, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 Apr 2024 09:13:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 getBucket Show response
api-engage-us.sitecorecloud.io/v2/ 63 B
265 B 141ms
140ms Fetch
application/json 104.18.17.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v2/getBucket
Requested by: Host: d35vb5cccm4xzp.cloudfront.net
URL: https://d35vb5cccm4xzp.cloudfront.net/web-flow-libs/b9c1f091c924864e2a26574bbef92243/9/web-lib.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 713fd4c5339f24aa513dcc80246e2ec7198696d6e62f3773953133f234e98f9e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
x-correlation-id: 92e994f8-8fcc-4cae-a5f4-d756016e004c
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 87321929fe711e5c-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 getBucket
api-engage-us.sitecorecloud.io/v2/ Frame 0
0 312ms
312ms Preflight
text/plain 104.18.17.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-engage-us.sitecorecloud.io/v2/getBucket
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Library-Version
access-control-allow-methods: HEAD,GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1800
allow: POST,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 873219280bf41e5c-FRA
content-length: 13
content-type: text/plain
date: Fri, 12 Apr 2024 09:13:04 GMT
server: cloudflare
x-correlation-id: 87f97db6-2b2b-4dca-9918-d834a8d98837
x-robots-tag: noindex

GET
H2 200 343096952 Show response
www.clarity.ms/tag/uet/ 846 B
1 KB 157ms
106ms Script
application/x-javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343096952
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343096952.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3bd716364a703726b2a25cd992bd9d30fb211fa1bd897c05055ed5f6522f405

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 12 Apr 2024 09:13:04 GMT
x-azure-ref: 20240412T091304Z-164d799447d5hp8hm7ptp1p2un00000009u000000000zaq5
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 846
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
32ms Image
image/gif 216.58.212.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-1&cid=792820034.1712913184&jid=2091836632&npa=1&_u=YGDACEABBAAAACAAI~&z=572935443

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 47ms
30ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-1&cid=792820034.1712913184&jid=2091836632&npa=1&_u=YGDACEABBAAAACAAI~&z=572935443

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 52ms
34ms Image
image/gif 216.58.212.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-14&cid=792820034.1712913184&jid=1370023693&npa=1&_u=YGBACEAABAAAACAAI~&z=112547861

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
33ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-14&cid=792820034.1712913184&jid=1370023693&npa=1&_u=YGBACEAABAAAACAAI~&z=112547861

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 52ms
35ms Image
image/gif 216.58.212.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-15&cid=792820034.1712913184&jid=164598441&npa=1&_u=YGDACEABBAAAACAAI~&z=938868274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
31ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-18563403-15&cid=792820034.1712913184&jid=164598441&npa=1&_u=YGDACEABBAAAACAAI~&z=938868274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.27/ 60 KB
25 KB 18ms
18ms Script
application/javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.27/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343096952
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 23:38:07 GMT
etag: W/"0x8DC536DF2EAB768"
vary: Accept-Encoding
x-azure-ref: 20240412T091304Z-164d799447d5hp8hm7ptp1p2un00000009u000000000zaqn
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f2934aaf-601e-0050-7740-89ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H3 200 p
tr.snapchat.com/ 0
15 B 30ms
20ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.geha.com
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 / Show response
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 10 KB
5 KB 90ms
41ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1712913184231

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280110c8e4930b538ef2ef65a94c1d4b19722ed07108e74ed38031fbcd34bfda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 104474
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"26bb-QMvWo0ATYtXMnuRBXMbMvYjBdak"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 87321929cf0e9a0b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D6BAE2779CEE46B49365CF0D8FB30AD1&RedC=c.clarity.ms&MXFR=10816264B55267AF148A763BB15269A7
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D6BAE2779CEE46B49365CF0D8FB30AD1&MUID=1A7E888F4CF86485166B9CD04D736578

42 B
442 B

29ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D6BAE2779CEE46B49365CF0D8FB30AD1&MUID=1A7E888F4CF86485166B9CD04D736578
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:03 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0290006F83004D8EB088C4A5AE075A71 Ref B: FRA31EDGE0515 Ref C: 2024-04-12T09:13:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D6BAE2779CEE46B49365CF0D8FB30AD1&MUID=1A7E888F4CF86485166B9CD04D736578
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 up
insight.adsrvr.org/track/ Frame A0EA 0
0 95ms
30ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=iu2zbne&ref=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&upid=ms4t6e7&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Fri, 12 Apr 2024 09:13:04 GMT
server: Kestrel

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1926318054&t=event&_s=1&dl=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway%3Futm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_medium%3DEmail%26utm_keyword%3D_%26utm_content%3D_%26utm_medium%3DEmail%26utm_campaign%3DPartnerships%2B-%2B24%2B-%2BBrand%2BAwareness%2B-%2BEmail%2B-%2BNFL%2BDraft%2BGiveaway%2B-%2BProspects%2B-%2BNational_S24WTE0GINAP%26utm_source%3DS24WTE0GINAP%26utm_content%3D_%26utm_keyword%3D_&ul=de-de&de=UTF-8&dt=Draft%20Giveaway%20%7C%20GEHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fdraftgiveaway&el=25%25&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=792820034.1712913184&tid=UA-18563403-15&_gid=782635224.1712913184&gtm=45He44a0n81PCSXPNDv79625355za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=357720574

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 00:52:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30007
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 139ms
31ms XHR
text/plain 34.245.244.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5b8e94d0cea07b0016000061&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=757&cE=801&dLE=757&dLS=757&fS=696&hS=763&rE=-1&rS=-1&reS=801&resS=1833&resE=1835&uEE=-1&uES=-1&dL=1838&dI=3132&dCLES=3132&dCLEE=3133&dC=3690&lES=3690&lEE=3694&s=nt&title=Draft%20Giveaway%20%7C%20GEHA&path=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway&ref=&sId=tyr2w3lr&sST=1712913184&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5b8e94d0cea07b0016000061.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.244.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-244-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 12 Apr 2024 09:13:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 131ms
29ms XHR
text/plain 34.245.244.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=555b6812abe53d462fed7a74&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=757&cE=801&dLE=757&dLS=757&fS=696&hS=763&rE=-1&rS=-1&reS=801&resS=1833&resE=1835&uEE=-1&uES=-1&dL=1838&dI=3132&dCLES=3132&dCLEE=3133&dC=3690&lES=3690&lEE=3694&s=nt&title=Draft%20Giveaway%20%7C%20GEHA&path=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway&ref=&sId=tyr2w3lr&sST=1712913184&sIS=2&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-555b6812abe53d462fed7a74.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.244.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-244-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 12 Apr 2024 09:13:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 favicon.ico
www.geha.com/~/media93/Files/ 3 KB
3 KB 18ms
17ms Other
image/x-icon 2a02:26f0:ab00::214:8e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geha.com/~/media93/Files/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ec0bebf0577f413bd3cd829dc4880527f790f20f64620e1c03625feac77c8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: 'nosniff'
last-modified: Fri, 30 Jul 2021 18:25:22 GMT
etag: a4720147a38f42369ca54504a28cdeda
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: public, max-age=63820
content-disposition: inline; filename="favicon.ico"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712913184277_34901599_152772784_30_8795_9_0_219";dur=1
accept-ranges: bytes
content-length: 2967
x-xss-protection: 1; mode=block

GET
H2 204 0
bat.bing.com/action/ 0
239 B 36ms
36ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343096952&tm=gtm002&Ver=2&mid=348736fc-7cd9-4c27-988c-cb692a4bbd66&sid=de1f7130f8ac11ee9562f31b31912995&vid=de1f8bf0f8ac11ee878ca949c9683654&vids=0&msclkid=N&gtm_tag_source=ua&ec=Scroll%20Depth&el=25%25&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fwww.geha.com%2Fdraftgiveaway&sw=1600&sh=1200&sc=24&evt=custom&rn=934241

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Apr 2024 09:13:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CA1ECF7E89E54D31B7AE340FCAEA0404 Ref B: FRA31EDGE0515 Ref C: 2024-04-12T09:13:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
684dd313.akstat.io/ 0
224 B 63ms
51ms Ping
image/gif 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd313.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/7JTKV-XPJV9-YRVS3-M2J45-ZYZNN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 09:13:04 GMT
content-type: image/gif
access-control-allow-origin: https://www.geha.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Fri, 12 Apr 2024 09:13:04 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
292 B 619ms
221ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.geha.com
Date: Fri, 12 Apr 2024 09:13:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 12.00593e070a6f1562a8b4.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 73 KB
21 KB 36ms
30ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1712913184231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 290775
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"125c9-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8732192a1f409a0b-FRA

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 6 KB
2 KB 138ms
138ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_e9klljEUcZhtwjz&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

934c2cd7b89220be6351705d5d6cd9e0e043864b5cd46a244df2437235482267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: db521c8137d16e5b
timing-allow-origin: *
cf-ray: 8732192a5f789a0b-FRA

POST
H2 200 p
tr6.snapchat.com/ 0
192 B 42ms
20ms Ping
text/plain 2600:1901:0:7628::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

results.txt Show response
kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=per116atr
https://kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

94ms
8ms

XHR
text/plain

2.21.74.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.21.74.113 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-74-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Apr 2024 09:13:04 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Fri, 12 Apr 2024 09:13:04 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=per116atr
https://fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

99ms
7ms

XHR
text/plain

2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Apr 2024 09:13:04 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Fri, 12 Apr 2024 09:13:04 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 29ms
29ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 290775
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"19639-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8732192b38079a0b-FRA

GET
H2 200 7.7f92166a279ec8ccbb92.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 25ms
24ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.7f92166a279ec8ccbb92.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1712913184231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 290775
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"b52-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8732192b78329a0b-FRA

GET
H2 200 1.2211346a24b96c334744.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 26ms
25ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.2211346a24b96c334744.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
URL: https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_e9klljEUcZhtwjz&t=1712913184231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 290775
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"73f8-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8732192b78339a0b-FRA

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
2 KB 27ms
27ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2187d3e1658333a52c71a3af9ae48d7827e7f8bc807933270f5c4e0e76d6841b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 284185
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"dd8-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8732192b78349a0b-FRA

GET
H2 200 EmbeddedTargetModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 8 KB
3 KB 26ms
26ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a0926f2aa7b312c78c1a1d0a0d521de4e8041c84bd41e4011f61df90704141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 290744
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"2110-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8732192b78359a0b-FRA

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 26 KB
2 KB 52ms
35ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_235GQw7FfA9GcHH&Version=41&Q_ORIGIN=https://www.geha.com&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b962aaf5db26038343e4476e43467e3bbbf712f1b3cef1315637b8424d3af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 95273
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Apr 2024 06:45:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8732192b9f4137eb-FRA
expires: Sun, 09 Apr 2034 06:45:11 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 325 B
348 B 56ms
39ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9ALP9yWEj1lFJyJ&Version=4&Q_InterceptID=SI_235GQw7FfA9GcHH&Q_ORIGIN=https://www.geha.com&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 35804
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Apr 2024 23:16:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8732192b9f4237eb-FRA
expires: Sun, 09 Apr 2034 23:16:20 GMT

POST
H3 200 p
tr.snapchat.com/ 0
15 B 19ms
19ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.geha.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
213 B 124ms
123ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9ALP9yWEj1lFJyJ&Q_SIID=SI_235GQw7FfA9GcHH&Q_ASID=AS_59028053&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&r=1712913184609

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=geha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 76fc98d1bc903ea6
cf-ray: 8732192bdf7937eb-FRA

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 105ms
38ms Image
image/png 2.19.217.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_elF0WfBnxSXZgMt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.217.177 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-217-177.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 09:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=Feedback_Darker_Smaller.png
content-length: 1825
x-request-id: a41886b6-4f5b-4f12-9885-8dc3d9f09069
referrer-policy: strict-origin-when-cross-origin
etag: "be2052dd6274e8cbe6a39a1838288fcf"
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 5195cb9e-6ba8-4a77-89c4-6f1a9b0d302f
cache-control: public, max-age=43
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Fri, 12 Apr 2024 09:13:47 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
292 B 99ms
99ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.27/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.geha.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.geha.com
Date: Fri, 12 Apr 2024 09:13:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cloud.info.geha.com
URL: https://cloud.info.geha.com/draft

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 19:49:59	Name: X-AB Value: 38b33afdb36f494aa03f175381ce5c1b
.geha.com/	1970-01-20 19:52:52	Name: utm Value: Partnerships - 24 - Brand Awareness - Email - NFL Draft Giveaway - Prospects - National_S24WTE0GINAP
.geha.com/	1969-12-31 23:59:59	Name: gw2_ck_1 Value: daup1h0tavwnznghkw2jo2ez
.geha.com/	1970-01-21 05:24:33	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 563966aae57a4a5b900b2796343d4fac\|False
.geha.com/	1969-12-31 23:59:59	Name: sxa_site Value: GEHA-CD
.geha.com/	1969-12-31 23:59:59	Name: BIGipServer~external~gehaweb-prd-pool Value: !XJ0Ck74GK7SbtiPwVolwB7OgiPYfTzouHboXF2k62kArLgWQ5MUl7CLRLCisPwWfZjCzpYuJz/fZaRFdOSdox4avZX2lzxrIxrOmVJHC
.geha.com/	1970-01-20 19:48:40	Name: ak_bmsc Value: D04ABCA8A834DB599F18B1FA08131CDB~000000000000000000000000000000~YAAQX44UAkZkNbyOAQAAoO6U0Rd+yD3KJF90xZreXLb7W3BwvQ7Jram7CY7Tsjd8amDXC4XHrb841/jVpcG82JBunLSY/IDQPpy/cK+U+mD55+T6S8ROttCzM7hFutQx6t3YiAc7mAU4vOSTeGMw7yzvEi6FuxvWRx+aIEwITum/dcvMkQY8EVV7uRbiK2C9h3oIFyDHO55VS8cr6TDK86dZiUkFpRvh2QzEkeWSykrV0VPAzcV3oU7BjCmlqs0tmXtoz3wJe34siFfK6fssgkq9BjzaAEtEY4ufSPriaxDVM21Msh1rV7S3GJPxuZqGK0EbCGq02qXcmKTbCNhsauNSFO3ifa5SmVv35LcVppo1mzCKjfVoDSdBNEzQrYI1LF+LUKKfQ1wd
.geha.com/	1970-01-20 21:58:09	Name: _gcl_au Value: 1.1.700159189.1712913183
.geha.com/	1970-01-20 19:58:37	Name: RT Value: "z=1&dm=geha.com&si=twxyfdc4wz&ss=luwga6wr&sl=0&tt=0"
.geha.com/	1970-01-21 04:34:09	Name: bid_b9c1f091c924864e2a26574bbef92243 Value: 8bb79c41-ba0f-4cde-8a9c-4a87bd328ccb
.geha.com/	1970-01-20 19:48:40	Name: bm_sv Value: B8D5CB6F2ED4BF2D26F320B333E32757~YAAQX44UAmJkNbyOAQAAavSU0RcFtIG1BQQjc5z+q0aDt03asw+QPLAapVyG8J7eBq89iz3r/RQXlA2wU9qfKJWvmaar7nV4XX2qnROU96J0U95KGj8WOSJfjtbBtcf/fCwUjHOh9OvXFo9iZPLBqeDcfv7fCi0a+UhSutjBkSliDB0qCrxmyClvENxDxzPxOLzfTs1sGQ4rUUqf/RxW5DdwkGgLUu0IefZa+yhNhOUB5laUfWd+RZtJIBGxyA==~1
.geha.com/	1970-01-20 19:49:59	Name: _gid Value: GA1.2.782635224.1712913184
.geha.com/	1970-01-20 19:48:33	Name: _gat_UA-18563403-14 Value: 1
.geha.com/	1970-01-20 19:48:33	Name: _gat_UA-18563403-1 Value: 1
.geha.com/	1970-01-20 19:48:33	Name: _gat_UA-18563403-15 Value: 1
.geha.com/	1970-01-21 05:18:19	Name: _scid Value: 9cbdf7ab-0df2-4a7d-805f-48eb157aa2bc
.geha.com/	1970-01-21 05:18:19	Name: _scid_r Value: 9cbdf7ab-0df2-4a7d-805f-48eb157aa2bc
.geha.com/	1970-01-20 21:58:09	Name: _fbp Value: fb.1.1712913183994.640699101
.bing.com/	1970-01-21 05:10:09	Name: MUID Value: 1A7E888F4CF86485166B9CD04D736578
.twitter.com/	1970-01-21 05:24:33	Name: personalization_id Value: "v1_y0OTVd3yOxiTzp7rJLROyQ=="
.t.co/	1970-01-21 05:24:33	Name: muc_ads Value: 71013cb2-5350-428d-b408-a34dfd8a8d4c
.doubleclick.net/	1970-01-20 19:48:34	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 00:07:45	Name: receive-cookie-deprecation Value: 1
www.clarity.ms/	1970-01-21 04:34:09	Name: CLID Value: f6edcf0e570f42ca9435ae7b552deb74.20240412.20250412
.geha.com/	1970-01-21 04:34:09	Name: _clck Value: h0xwzq%7C2%7Cfkv%7C0%7C1563
.geha.com/	1970-01-21 05:24:33	Name: _ga Value: GA1.2.792820034.1712913184
.geha.com/	1970-01-21 05:24:33	Name: _ga_T5EYR6VXJ8 Value: GS1.1.1712913183.1.0.1712913184.0.0.0
.geha.com/	1970-01-20 19:49:59	Name: _uetsid Value: de1f7130f8ac11ee9562f31b31912995
.geha.com/	1970-01-21 05:10:09	Name: _uetvid Value: de1f8bf0f8ac11ee878ca949c9683654
.bing.com/	1970-01-21 05:10:09	Name: MSPTC Value: zFS7WqkEPKzDMVrECUE3Kdw8KXc-rQdktl308hIty6o
.c.bing.com/	1970-01-20 19:58:37	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:10:09	Name: SRM_B Value: 1A7E888F4CF86485166B9CD04D736578
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:10:09	Name: MUID Value: 1A7E888F4CF86485166B9CD04D736578
.c.clarity.ms/	1970-01-20 19:58:37	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:48:33	Name: ANONCHK Value: 0
www.geha.com/	1969-12-31 23:59:59	Name: bx_bucket_number Value: 50
www.geha.com/	1969-12-31 23:59:59	Name: bx_guest_ref Value: 6a1b27c3-42c6-4dad-870a-ef8a446b61f4
.geha.com/	1970-01-20 19:49:59	Name: _clsk Value: 1eewmjn%7C1712913184938%7C1%7C1%7Ci.clarity.ms%2Fcollect

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_(Line 918) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cloud.info.geha.com/openseasonplanreminders Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://connect.facebook.net/signals/config/275288828831386?v=2.9.153&r=stable&domain=www.geha.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geha.com/draftgiveaway?utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_medium=Email&utm_keyword=_&utm_content=_&utm_medium=Email&utm_campaign=Partnerships+-+24+-+Brand+Awareness+-+Email+-+NFL+Draft+Giveaway+-+Prospects+-+National_S24WTE0GINAP&utm_source=S24WTE0GINAP&utm_content=_&utm_keyword=_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	'nosniff'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13916293.fls.doubleclick.net
684dd313.akstat.io
analytics.twitter.com
api-engage-us.sitecorecloud.io
bat.bing.com
c.bing.com
c.clarity.ms
c.go-mpulse.net
click.info.geha.com
cloud.info.geha.com
connect.facebook.net
d1mj578wat5n4o.cloudfront.net
d35vb5cccm4xzp.cloudfront.net
fiaqjiaafmaaakqce3ydkaaacztbr6za-per116-8d133ca92-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
i.clarity.ms
insight.adsrvr.org
js.adsrvr.org
ka-p.fontawesome.com
kfpqklaccvfhczqy7mqa-per116-4dbbde928-clientnsv4-s.akamaihd.net
kit.fontawesome.com
p.typekit.net
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.go-mpulse.net
sc-static.net
siteintercept.qualtrics.com
sjc1.qualtrics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
use.typekit.net
www.clarity.ms
www.facebook.com
www.geha.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
cloud.info.geha.com
104.17.209.240
104.18.17.10
104.244.42.131
104.244.42.69
13.111.100.248
13.111.118.55
142.250.184.198
142.250.74.206
143.204.207.250
146.75.120.157
172.217.18.99
18.172.103.101
18.66.92.121
2.19.217.177
2.21.74.113
2001:4860:4802:34::36
2001:4860:4802:38::178
216.58.212.164
2600:1901:0:7628::
2600:9000:235a:aa00:3:35f2:c540:21
2606:4700:10::6816:3668
2606:4700:4400::6812:2844
2620:1ec:bdf::63
2620:1ec:c11::237
2a00:1450:4001:800::2003
2a00:1450:4001:806::200a
2a00:1450:4001:81d::2008
2a00:1450:400c:c1b::9c
2a02:26f0:1700:391::11a6
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:7100:59a::11a6
2a02:26f0:ab00::214:8e63
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.245.244.146
35.190.43.134
35.71.131.137
52.167.85.21
68.219.88.97
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b
093ec5a1c020d821e0159880dc6425927c3192bd89e1c23762c924d66bc86d72
0ec0bebf0577f413bd3cd829dc4880527f790f20f64620e1c03625feac77c8de
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71
166b640351aa645b6af02b1013bc7fbead2822e44d773deba0b35f4053d0e94a
1a4bf8a4ca374508387fc27de382cbbe01a6ace9f7bb3c1618884b7b86dd6c60
1b631c545e0e9acda2fa9adef7ce9415a95fc6a325ea80268d1793bf913180ae
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e57349669390d2e89cbf7108d402dffdfd2e8683da2aaa4168b3a1688b62c70
1ec56f04262e2768528f45618c5c0d9a23d1c4d0680a1b03ca4a2e6f23af98b8
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593
2187d3e1658333a52c71a3af9ae48d7827e7f8bc807933270f5c4e0e76d6841b
277b8bd1952e82623693dc9123e1c2186cf0ac9436d4059dffe4ad732d2da5a3
280110c8e4930b538ef2ef65a94c1d4b19722ed07108e74ed38031fbcd34bfda
286dc7cf3eb0c6c06c2fb54d779f82bf342bbf766861f7aba001408bcb391828
3487c89cbf4176ba31dee9f3fb221bab9b05753f689e372d9c03e71c78b8e3c1
36cbe98f9a9327afce4c79a1c0a9d43e076d3b2ae36e68f7c40b7cbc41d95931
416f487c40290dd1451e3cc8dc480489dda90cfd5d389eb08d7f0e867a6f847c
427e57ed3ad640f4ddefe4a7aeb116746506151fd0d227f8f34e40cb3350e45f
43bf46697a74707dd319e2549eb7e7ad414d629c257da2dfc02e082a7a7290c7
442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d
4692d4d1124e4fdde548b916c88189b6e07462d9d24cdd5c6ca8f2a2fcb2af56
482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee
486cb6639529a37f8755f3fda22b724e26ea0cfca10de5bae934da56e2d6022c
4b5013c1e9a922e188e0d6f3903aad0c81a64c231d976d869c8b0f35be0b133d
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4c6fde841616799524ae40b886f27b8c5b4e857476a053f1acac3222a3d09385
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d2594afe30fbd3142c9ec683a95629cd01010be1de052e5d1f55843cb073961
4e2cdf9cca01d18c643530e9704e33d2f2f8d03bcf260ff6647e78d9129eaf65
4e43974dcd89e9262d9c19ddfc9ce50400414c01abbe784eebf8e8d785503d64
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13
5fd7281dafc44afbbb34847a7c8dfff204d017418103d96eb401ade5c1f6012c
61045f858da73e2677d9c2ed4c4988d5ef9f4946c8a399cc46511ae9fdeff66b
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66c209bb66c3374009b80476f3e0e8247995dd55c65fcef67ac12e5ea179411b
69b635282e06504d447e9dd8fe4c90c5bd308a8ffdc2da080243d51a65df81bd
7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e
713fd4c5339f24aa513dcc80246e2ec7198696d6e62f3773953133f234e98f9e
71e970680812d5265281f05a10ae287a5739c582d03a027ef3b3f2e02166ec21
773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73
7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
7ae91a1dbaa74648b3a37a89b46257eebe9203f54ad4896f69a92f671c59b8d5
7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82b962aaf5db26038343e4476e43467e3bbbf712f1b3cef1315637b8424d3af6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8339750b4cf72003f5f74e7f645b822a44345c58d724e7e0c321daec71f31c68
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b852e041e35b676cf550d19cf8d15bc58db780a3827626518f4e0dfc5fb3109
8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b
91885b79eafb9db3b3b6bccd7d3927f3cea7bc0a006fe3a6b625787d413fc412
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91af8f8604e6cbcb00a3ff4056f9fce3090c1ffca25400650895832c03b34ac5
934c2cd7b89220be6351705d5d6cd9e0e043864b5cd46a244df2437235482267
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
96a0926f2aa7b312c78c1a1d0a0d521de4e8041c84bd41e4011f61df90704141
984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a36338e2015fbe5e6f570cb35a9e0305a4f4d40bace6713fce1edbaefc9cf44f
a5d59965fc50d217015f96f657880ade0fcbc85b9cc15b5fc20f097a25be9a63
a89224e3776513856c140c4f3f8a1d8da2c4978033d1bfd0d7363c0823e2591c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af67e3d7d87d9b4fc5020358e873ec7669b7c99c2bc5d63202fc719bd27bd6a1
b65ecc819f4b7a1056b90009ae39134cd681a53a70c845104ec132820a37630b
babf7c8f26404acad3935146d81d245dc6d494acd265d2b8f84088730d01e38f
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
bf70812f361c9b2416c09f95a50ef819d20238b19ebdcd2c279c391ba98e3837
c326f67ec7e4e7895bc25ac4c6c3540b569586d688b494df5b82e3146d34a6f5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc9ba11d340c0dd850bbe1b5f03977600334de8ab7962264a5ade5c38a4e9812
cf99991359fbb6e575a809280eb26d7f2408710608ccb222788324c6c1ac753f
d86edde5909583f0fa20600f2db126dded4da22ac01cd2a274e23b9432158ec7
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bd716364a703726b2a25cd992bd9d30fb211fa1bd897c05055ed5f6522f405
e3dd8f33992c58515312dbc2abd8620d0cca4e04f5a90e69f4dbfe7952dd771a
eac4ff35f6cf2c6c1110249afe4314ac826c16e7f4f7cae19e2491e99abc72a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f930f9718c91491b92f0de420e28f51cb021e174606481c128ab838584479e02
f9aaad8d186c6cfdd31242e0414e640d050251a4fc2fdeac433df00937304b19
faf47e501cdae61064aed4b03b1129d37c6e004ebde6f6452f1632f835c9f318
fb56f17a4fe738143ac04ca01897e7ae5980eab0a5aaf0ebad8c6a2d09e39d90

www.geha.com Open in urlscan Pro 2a02:26f0:ab00::214:8e63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

97 %HTTPS

48 %IPv6

27 Domains

46 Subdomains

39 IPs

6 Countries

1995 kBTransfer

7815 kBSize

39 Cookies

7 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e63 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

97 %
HTTPS

48 %
IPv6

27
Domains

46
Subdomains

39
IPs

6
Countries

1995 kB
Transfer

7815 kB
Size

39
Cookies

129 HTTP transactions
0 data transactions