member-portal.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://member-portal.geha.com/
Effective URL:
https://member-portal.geha.com/
Submission: On August 08 via api (August 8th 2023, 7:04:54 am UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 70 HTTP transactions. The main IP is 2a02:26f0:ab00::214:8e59, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is member-portal.geha.com. The Cisco Umbrella rank of the primary domain is 769924.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 12th 2022. Valid for: a year.

This is the only time member-portal.geha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:9a4::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:391::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
23	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.101.54.225 95.101.54.225	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	184.30.20.101 184.30.20.101	16625 (AKAMAI-AS) (AKAMAI-AS)
6	3.33.189.110 3.33.189.110	16509 (AMAZON-02) (AMAZON-02)
70	14

1 2a02:26f0:ab00::214:8e63 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

member-portal.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:26f0:ab00::214:8e59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

member-portal.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:9a4::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0217991b.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:391::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.54.225 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-225.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-101.deploy.static.akamaitechnologies.com

sjc1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.33.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com

login.geha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	geha.com 1 redirects member-portal.geha.com — Cisco Umbrella Rank: 769924 login.geha.com	721 KB
25	qualtrics.com zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com — Cisco Umbrella Rank: 317908 znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 737 sjc1.qualtrics.com — Cisco Umbrella Rank: 8905	92 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2184 xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2182 fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1869	304 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	127 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1337 c.go-mpulse.net — Cisco Umbrella Rank: 580	50 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 542 p.typekit.net — Cisco Umbrella Rank: 680	1 KB
1	akstat.io 0217991b.akstat.io — Cisco Umbrella Rank: 62449	207 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	2 KB
70	10

	Domain	Requested by
26	member-portal.geha.com	1 redirects member-portal.geha.com
21	siteintercept.qualtrics.com	znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com siteintercept.qualtrics.com
6	login.geha.com	member-portal.geha.com
2	sjc1.qualtrics.com	siteintercept.qualtrics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	member-portal.geha.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	0217991b.akstat.io	s.go-mpulse.net
1	znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com	member-portal.geha.com
1	zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com	member-portal.geha.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	member-portal.geha.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	member-portal.geha.com
1	use.typekit.net	member-portal.geha.com
70	19

This site contains links to these domains. Also see Links.

Domain
www.geha.com
geha.okta.com

Subject Issuer	Validity	Valid
*.geha.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-12` - `2023-09-26`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://member-portal.geha.com/
Frame ID: CC45D9C3F20CA1868C18F14DE7427876
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GEHA | Member Portal

Page URL History Show full URLs

http://member-portal.geha.com/ HTTP 301
https://member-portal.geha.com/ Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

70
Requests

97 %
HTTPS

71 %
IPv6

10
Domains

19
Subdomains

14
IPs

3
Countries

1026 kB
Transfer

3453 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.geha.com/
Title: Navigate to geha.com in a new browser tab

Search URL Search Domain Scan URL

URL: https://www.geha.com/~/media93/Project/GEHA/GEHA/documents-files/other/geha-member-login-resource-document.pdf?fromURI=%2Fhelp%2Flogin
Title: Click here for help.

Search URL Search Domain Scan URL

URL: https://geha.okta.com/help/login
Title: Help

Search URL Search Domain Scan URL

URL: https://www.geha.com/why-geha/customer-care/contact-us
Title: secure online form

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://member-portal.geha.com/ HTTP 301
https://member-portal.geha.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=panmv22mj HTTP 302
https://xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 33

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=panmv22mj HTTP 302
https://fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net/eum/results.txt

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
member-portal.geha.com/
Redirect Chain

http://member-portal.geha.com/
https://member-portal.geha.com/

16 KB
6 KB

1324ms
1287ms

Document
text/html

2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Next.js

Resource Hash

a7f0f5021c3bfe4d94ba78d30dc2852d6cced7b26983a05406a407bbb3605a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 5469
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 07:04:48 GMT
server-timing: cdn-cache; desc=MISS edge; dur=511 origin; dur=752 ak_p; desc="1691478286865_34901589_516563222_126349_14964_5_0_255";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 3439 0 pmb=mRUM,1
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 08 Aug 2023 07:04:46 GMT
Location: https://member-portal.geha.com/
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1691478286832_34901599_292260355_10_21727_6_-_-";dur=1

GET
H2 200 9d6c5a1349473de2.css
member-portal.geha.com/_next/static/css/ 139 KB
20 KB 58ms
57ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/css/9d6c5a1349473de2.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1c4d889de806e7356aca914b8a55c9aad0da9935819320166666df34bad264b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"22bbe-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=20345
server-timing: cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1691478288216_34901589_516564839_1192_7074_5_0_255";dur=1
accept-ranges: bytes
content-length: 20558

GET
H2 200 webpack-603c1c2060012116.js Show response
member-portal.geha.com/_next/static/chunks/ 5 KB
3 KB 85ms
85ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

31879de5c5dea263fd9f3100eb994df1282022502cd0b1dd0e75615089f16ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1430-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31814
server-timing: cdn-cache; desc=HIT, edge; dur=42, origin; dur=0, ak_p; desc="1691478288216_34901589_516564840_4130_6644_6_0_146";dur=1
accept-ranges: bytes
content-length: 2286

GET
H2 200 framework-5f4595e5518b5600.js Show response
member-portal.geha.com/_next/static/chunks/ 127 KB
42 KB 25ms
25ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1fbbb-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14746
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288255_34901589_516564880_868_6722_6_0_146";dur=1
accept-ranges: bytes
content-length: 42152

GET
H2 200 main-87526a1b46f1f2b9.js Show response
member-portal.geha.com/_next/static/chunks/ 106 KB
32 KB 14ms
14ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/main-87526a1b46f1f2b9.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbef9805b9b6d501b4e09e51b6ff067b4b28e2335fe088ceb978d53128f252b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1a95d-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=15582
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288380_34901589_516565000_25_7375_6_0_146";dur=1
accept-ranges: bytes
content-length: 31960

GET
H2 200 _app-145c2897cca0b552.js Show response
member-portal.geha.com/_next/static/chunks/pages/ 584 KB
175 KB 329ms
328ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/pages/_app-145c2897cca0b552.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6a4ea42815d46b3c139dc0fa04c76152b284ff1fe5c27f8202f1986be631c59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"9207d-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=62816
server-timing: cdn-cache; desc=HIT, edge; dur=310, origin; dur=0, ak_p; desc="1691478288404_34901589_516565035_31290_6473_6_0_146";dur=1
accept-ranges: bytes
content-length: 178418

GET
H2 200 af13d906-a33cb8860219c2d8.js Show response
member-portal.geha.com/_next/static/chunks/ 4 KB
2 KB 18ms
18ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/af13d906-a33cb8860219c2d8.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a4a305b7a41dd30c0a4ab038b30c4d95725c81c14d874ce074cafd721d651386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"118f-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=20457
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288473_34901589_516565119_177_7464_6_0_146";dur=1
accept-ranges: bytes
content-length: 1960

GET
H2 200 536-393930c3d4553e93.js Show response
member-portal.geha.com/_next/static/chunks/ 21 KB
8 KB 24ms
23ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/536-393930c3d4553e93.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

60c69dc1f42f861e3723311f887cd188973680800b7ad02967a1ba6ca5a0a7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"52e5-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=23238
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288501_34901589_516565151_207_8094_6_0_146";dur=1
accept-ranges: bytes
content-length: 7956

GET
H2 200 521-edda6995e1bc01d8.js Show response
member-portal.geha.com/_next/static/chunks/ 56 KB
16 KB 24ms
22ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/521-edda6995e1bc01d8.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8ba2af729a603a682abfcab9b9475ad47918b837f8ad600810b0764cff5bade5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"e1d1-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=30103
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288502_34901589_516565152_305_6985_6_0_146";dur=1
accept-ranges: bytes
content-length: 16050

GET
H2 200 124-a060090d5bdcd845.js Show response
member-portal.geha.com/_next/static/chunks/ 20 KB
6 KB 24ms
23ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/124-a060090d5bdcd845.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66c0d17081ece393548b540e5860b9e3d282e6dc4ab6482cda3d0332586ce7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"51bf-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=30600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288502_34901589_516565153_298_7426_6_0_146";dur=1
accept-ranges: bytes
content-length: 5685

GET
H2 200 495-b688982acc926dea.js Show response
member-portal.geha.com/_next/static/chunks/ 8 KB
3 KB 24ms
23ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/495-b688982acc926dea.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f6613ec75a72e4a4d41be2b9cc1fc04e6675fd148a7eee1ba126fbece0195276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1e34-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=15970
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288501_34901589_516565154_210_8007_6_0_146";dur=1
accept-ranges: bytes
content-length: 2348

GET
H2 200 13-7414e93cbbb8b127.js Show response
member-portal.geha.com/_next/static/chunks/ 8 KB
3 KB 24ms
23ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/13-7414e93cbbb8b127.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a4845f4c299f7e4a79c4e601d4f251ced66f015d631ac53f4ded2ef76e2342b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"206f-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=20823
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288501_34901589_516565155_212_7976_6_0_146";dur=1
accept-ranges: bytes
content-length: 2985

GET
H2 200 index-3e3e2fadfe0dc290.js Show response
member-portal.geha.com/_next/static/chunks/pages/ 34 KB
9 KB 29ms
29ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/pages/index-3e3e2fadfe0dc290.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9c47e38bf3c503853a22558a2b7401be745ad585d673569585e4bb7cef13f68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"8949-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=23214
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691478288501_34901589_516565156_238_17095_6_0_146";dur=1
accept-ranges: bytes
content-length: 8960

GET
H2 200 _buildManifest.js Show response
member-portal.geha.com/_next/static/KBQVAvLv1aQf8Bs0CTEtO/ 3 KB
1 KB 335ms
334ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/KBQVAvLv1aQf8Bs0CTEtO/_buildManifest.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

313592f08d48e847f5e9e94118cfa1bfbacc02a65c6d16910b188d675189bd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"a14-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=62804
server-timing: cdn-cache; desc=HIT, edge; dur=315, origin; dur=0, ak_p; desc="1691478288501_34901589_516565157_31698_7634_11_0_146";dur=1
accept-ranges: bytes
content-length: 924

GET
H2 200 _ssgManifest.js Show response
member-portal.geha.com/_next/static/KBQVAvLv1aQf8Bs0CTEtO/ 77 B
418 B 333ms
332ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/KBQVAvLv1aQf8Bs0CTEtO/_ssgManifest.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"4d-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=15106
server-timing: cdn-cache; desc=HIT, edge; dur=313, origin; dur=0, ak_p; desc="1691478288501_34901589_516565158_31562_7928_11_0_146";dur=1
accept-ranges: bytes
content-length: 61

GET
H2 200 vxe3lkg.css
use.typekit.net/ 7 KB
1 KB 224ms
194ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vxe3lkg.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/9d6c5a1349473de2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

add5a4ae4344dd616f6599ff1538b07f2a8d18fd1cc05340f76cc3441050c2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 08 Aug 2023 07:04:48 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 972

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/9d6c5a1349473de2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 05:23:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 07:04:48 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 7ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vxe3lkg&ht=tk&f=24537.24538.24539.24540.24545.24546.24547.24548.24549.24552&a=90735096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vxe3lkg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 X77L2-P4WA5-BTDAF-6LY7Y-GULYJ Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 38ms
7ms Script
application/javascript 2a02:26f0:480:9a4::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ
Requested by: Host: member-portal.geha.com
URL: https://member-portal.geha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:9a4::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: br
last-modified: Fri, 30 Jun 2023 17:58:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 50393

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 130ms
51ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:49:54 GMT
x-content-type-options: nosniff
age: 306894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 17:49:54 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 781 B
1 KB 83ms
52ms XHR
application/json 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=X77L2-P4WA5-BTDAF-6LY7Y-GULYJ&d=member-portal.geha.com&t=5638261&v=1.720.0&sl=0&si=25a1cd6f-38da-4f1b-b71c-96b38245b319-rz28zz&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=819765
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cfdcf4582976e14f107118e806bd5125e5ac89afe58ee380f621a3d0e8e27a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Aug 2023 07:04:48 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 781
Content-Type: application/json

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
49 KB 137ms
53ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZC9G3J

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f681b8da64c3df8fa4c5cc1c568f944b3d24e7ba02af2f3da2728a537c4c22f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49993
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Aug 2023 07:04:48 GMT

GET
H2 200 login-d80ebb727a6ef888.js Show response
member-portal.geha.com/_next/static/chunks/pages/ 8 KB
3 KB 339ms
339ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/pages/login-d80ebb727a6ef888.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/main-87526a1b46f1f2b9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f0a0f0f2209974dfe1faf49c1aebbe48af23b557dc92d514f870cf2e9930f4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"1fa8-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=29034
server-timing: cdn-cache; desc=HIT, edge; dur=326, origin; dur=0, ak_p; desc="1691478288833_34901589_516565582_32576_6778_9_0_146";dur=1
accept-ranges: bytes
content-length: 3161

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
78 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X5XQCNY2FN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZC9G3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6abbdde6261404687aa706f41d3135da2d892f28f7da84687ea743cf72b744b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79892
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 07:04:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 48ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X5XQCNY2FN&gtm=45je3820&_p=1504897768&cid=1297302342.1691478289&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691478289&sct=1&seg=0&dl=https%3A%2F%2Fmember-portal.geha.com%2F&dt=GEHA%20%7C%20Member%20Portal&en=page_view&_fv=2&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X5XQCNY2FN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 07:04:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 login.json Show response
member-portal.geha.com/_next/data/KBQVAvLv1aQf8Bs0CTEtO/en/ 53 B
697 B 504ms
503ms Fetch
application/json 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/data/KBQVAvLv1aQf8Bs0CTEtO/en/login.json

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/main-87526a1b46f1f2b9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5ebc2cd02aacb80da5275c7843d490f10dfde96db0f92c7dd4848cea50f9472a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

x-nextjs-data: 1
Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
x-nextjs-matched-path: /en/login
strict-transport-security: max-age=15768000 ; includeSubDomains
etag: "3schnuitqn1h"
x-frame-options: DENY
content-type: application/json
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
server-timing: cdn-cache; desc=MISS, edge; dur=363, origin; dur=108, ak_p; desc="1691478289186_34901589_516565949_47598_7306_7_0_219";dur=1
content-length: 53

GET
H2 200 / Show response
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 92ms
25ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_e9klljEUcZhtwjz

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad99eb77f17a1d10348b24fc38c61a8383044a8877076b3eff03e6c692696644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 249612
cf-polished: origSize=9150
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23be-UD3c6oiAZIgg4W/oGMDYGY/oqMw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84bcce135fd-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 / Show response
znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 88ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e7d36d4de82c0b030cd8a530a027434e70242aaabbe8b862d0713fccf1be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 240975
cf-polished: origSize=9150
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23be-zSbP3WBKeq4Ls+tCaaSdzPFk7SQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84bbd0c9bf2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 204 /
0217991b.akstat.io/ 0
207 B 44ms
44ms Ping
image/gif 2a02:26f0:480:9a4::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://0217991b.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/X77L2-P4WA5-BTDAF-6LY7Y-GULYJ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:480:9a4::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 07:04:49 GMT
content-type: image/gif
access-control-allow-origin: https://member-portal.geha.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Tue, 08 Aug 2023 07:04:49 GMT

GET
H2 200 12.57b787fd70b42d6049ff.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 69 KB
21 KB 33ms
23ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Requested by

Host: znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
URL: https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08fc575374bc43d3f9b2c0bf7ab66e8d84f3fd1e01aa40de5d25c8a684a4e1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 299060
cf-polished: origSize=71535
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 02:31:51 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1176f-189be6311d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84bfd519bf2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 55ms
55ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_ag9JfHFpVBLNPQW&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f21426f596f37840594700349ccba1382a6debd529d562943ef1daadff2ee295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 379d85fc297db653
cf-ray: 7f35e84c2d9c9bf2-FRA
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 48ms
48ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_e9klljEUcZhtwjz&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87342f52221ad491d21b7403ad38ef35656cd094e768847318ef1f63d89b7136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 9c9ca21e7bf7aa96
cf-ray: 7f35e84c2d9f9bf2-FRA
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 25ms
25ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7a4dabec83604c176ab50df89d99bfa6c6d3f49e8a2c8a19d1f6c11a445d834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 298881
cf-polished: origSize=105574
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 02:31:51 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19c66-189be6311d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84c8dfc9bf2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1

200
OK

results.txt Show response
xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=panmv22mj
https://xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

118ms
7ms

XHR
text/plain

95.101.54.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 95.101.54.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-225.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 07:04:49 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Tue, 08 Aug 2023 07:04:49 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=panmv22mj
https://fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

125ms
6ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 07:04:49 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Tue, 08 Aug 2023 07:04:49 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 7.e1a8e5b3f15679a58b9e.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1012 B 27ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.e1a8e5b3f15679a58b9e.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
URL: https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0420381ad9aeecf18d84886feebb50271e6cb0cdceabaac960e005dca8185da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 298880
cf-polished: origSize=2803
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 02:31:51 GMT
cf-bgj: minify
server: cloudflare
etag: W/"af3-189be6311d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84cce799bf2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.7e933894e4a674f8da2d.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
6 KB 34ms
33ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.7e933894e4a674f8da2d.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
URL: https://znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ag9JfHFpVBLNPQW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4b14de4cc34994840446a01621cff20807996d6e7309b58f514818a8e83a0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 298880
cf-polished: origSize=29367
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 02:31:51 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72b7-189be6311d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84cce7b9bf2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 UserDefinedHTMLModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 7 KB
2 KB 30ms
29ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/UserDefinedHTMLModule.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9230295cadd808a698abddc0af90987e825aebe7a782ffe9193ea91daffdf587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 298930
cf-polished: origSize=7758
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 02:31:51 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1e4e-189be6311d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84cce7c9bf2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 43ms
24ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eVtI5lux3fUOtH8&Version=5&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfa66663be987c35d8709111800b6b7aa64db48c230251ab2b2680d249eae17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

servershortname
date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 249754
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Aug 2023 09:42:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84ced10362f-FRA
expires: Tue, 02 Aug 2033 09:42:15 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
718 B 53ms
35ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_0dinM9xAxIZNwfc&Version=6&Q_InterceptID=SI_eVtI5lux3fUOtH8&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab0a26f2850163c8217535acb3465cbcdd5e0642f97e70b2e2bc369262ed05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

servershortname
date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 249754
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Aug 2023 09:42:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84ced15362f-FRA
expires: Tue, 02 Aug 2033 09:42:15 GMT

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 30ms
30ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 294439
cf-polished: origSize=3545
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 02:31:51 GMT
cf-bgj: minify
server: cloudflare
etag: W/"dd9-189be6311d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84cce7e9bf2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 EmbeddedTargetModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 8 KB
3 KB 28ms
28ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af3e17967103995189703522783318d0090ab03b34c8c504ad8c31498ea284b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 298228
cf-polished: origSize=8465
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 02:31:51 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2111-189be6311d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84ceeaf9bf2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 38ms
22ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_2oDPmyCNELJeTg9&Version=19&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f3b592d5d9fec0a567a32412f44781a6174a209279495602c9a7f4004ddfb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

servershortname
date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41780
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Aug 2023 19:28:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84ced12362f-FRA
expires: Thu, 04 Aug 2033 19:28:29 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 325 B
348 B 41ms
26ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9ALP9yWEj1lFJyJ&Version=4&Q_InterceptID=SI_2oDPmyCNELJeTg9&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

servershortname
date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 472784
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 02 Aug 2023 19:45:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e84ced13362f-FRA
expires: Sat, 30 Jul 2033 19:45:05 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
221 B 32ms
32ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9ALP9yWEj1lFJyJ&Q_SIID=SI_2oDPmyCNELJeTg9&Q_ASID=AS_5jpQ36tvT18uCz3&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&r=1691478289466

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 0c414b4775b48d9f
cf-ray: 7f35e84d2d80362f-FRA

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 240ms
189ms Image
image/png 184.30.20.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_elF0WfBnxSXZgMt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-101.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 182
date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
x-envoy-upstream-service-time: 27
content-disposition: inline; filename=Feedback_Darker_Smaller.png
content-length: 1825
x-request-id: 161fa10c-bafd-4afa-b913-c344d69da4f7
referrer-policy: strict-origin-when-cross-origin
server: envoy
etag: "be2052dd6274e8cbe6a39a1838288fcf"
x-edgeconnect-cache-status: 1
content-type: image/png
access-control-allow-origin: *
x-transaction-id: a8f6a1af-bc0e-4d1e-ab69-17c591c93dd1
cache-control: public, max-age=55
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Tue, 08 Aug 2023 07:05:44 GMT

GET
H2 200 be5ea0027c648323.css
member-portal.geha.com/_next/static/css/ 206 KB
30 KB 55ms
54ms Stylesheet
text/css 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a78244eaaca474e76c68634a0a766d5ec506c9410707d71e68bb11445d6f330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"338d0-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=30016
server-timing: cdn-cache; desc=HIT, edge; dur=37, origin; dur=0, ak_p; desc="1691478289694_34901589_516566504_3722_6209_8_0_255";dur=1
accept-ranges: bytes
content-length: 30645

GET
H2 200 b637e9a5.4d22b99d59d0a400.js Show response
member-portal.geha.com/_next/static/chunks/ 89 KB
31 KB 47ms
47ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/b637e9a5.4d22b99d59d0a400.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

24e2c787dd5a9faf99c308d660a53a4b6ff8051e77df3311d1d57484da97067b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"16219-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=15732
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1691478289704_34901589_516566511_814_6989_8_0_146";dur=1
accept-ranges: bytes
content-length: 31209

GET
H2 200 412.03afb1f3bf8890e9.js Show response
member-portal.geha.com/_next/static/chunks/ 1 MB
257 KB 47ms
46ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/412.03afb1f3bf8890e9.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

062df4685c3665f2fe72e33eb09eb485f2815b06da3ef79a2b9c694a7ab99f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"108560-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=17833
server-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1691478289704_34901589_516566512_809_6383_8_0_146";dur=1
accept-ranges: bytes
content-length: 262739

GET
H2 200 63.8413e0d300561376.js Show response
member-portal.geha.com/_next/static/chunks/ 2 KB
1 KB 59ms
59ms Script
application/javascript 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/chunks/63.8413e0d300561376.js

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/webpack-603c1c2060012116.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6868c33019be03f377ae7a9848545c6cc86a5afeeb517fc69219b757f4defa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"837-18940c4d9f0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=17981
server-timing: cdn-cache; desc=HIT, edge; dur=34, origin; dur=0, ak_p; desc="1691478289704_34901589_516566513_3678_6939_6_0_146";dur=1
accept-ranges: bytes
content-length: 1107

GET
DATA 200
OK truncated
/ 81 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dbc584b36c2dadc91666a4aba780bf708b52a3ebf56216a752f3d18ddea2685

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 567515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2024 17:26:14 GMT

GET
H2 200 GEHA_Logo.svg
member-portal.geha.com/ 4 KB
2 KB 41ms
41ms Image
image/svg+xml 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member-portal.geha.com/GEHA_Logo.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0ba6e2db53813ce06f2e7cc09e6ac476f5306c87452023f1008d8d67feac7dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:00:05 GMT
etag: W/"f0f-18940befa08"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
server-timing: cdn-cache; desc=HIT, edge; dur=14, origin; dur=0, ak_p; desc="1691478289726_34901589_516566533_2115_7427_6_0_146";dur=1
accept-ranges: bytes
content-length: 1740

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
1 KB 74ms
28ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_e9klljEUcZhtwjz&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e64f9dc99c635d0dfaac9e1c2cdf0cc5ef3654c319f5a6bead1831a168031fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 4f66986f9aa44e1d
cf-ray: 7f35e8501ae99bf2-FRA
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 72ms
26ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_ag9JfHFpVBLNPQW&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89c85250d2d706958f1a5498cced727203293b7dbeedb6777461531c51cfd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 07:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 294b39c57dcd9b3d
cf-ray: 7f35e8501aec9bf2-FRA
timing-allow-origin: *

GET
H/1.1 200
OK openid-configuration Show response
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/ 3 KB
5 KB 132ms
132ms Fetch
application/json 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/openid-configuration

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.03afb1f3bf8890e9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

bc691dc824cd13ba929d5e8bd7972588491755a0e1ff7737fd70e2f2be9ddcb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

X-Okta-Request-Id: ZNHpEngC7EJOTdpeBFYZKQAAAdA
Date: Tue, 08 Aug 2023 07:04:50 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
Server: nginx
vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://member-portal.geha.com
cache-control: max-age=86400, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99
expires: Wed, 09 Aug 2023 07:04:50 GMT

OPTIONS
H/1.1 200
OK openid-configuration
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/ 0
0 458ms
114ms Preflight
application/octet-stream 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/.well-known/openid-configuration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://member-portal.geha.com
Access-Control-Max-Age: 3600
Connection: Keep-Alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Tue, 08 Aug 2023 07:04:50 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Vary: Origin
X-Okta-Request-Id: ZNHpEngC7EJOTdpeBFYZKAAAAdA

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 29ms
24ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eVtI5lux3fUOtH8&Version=5&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfa66663be987c35d8709111800b6b7aa64db48c230251ab2b2680d249eae17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

servershortname
date: Tue, 08 Aug 2023 07:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 249755
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Aug 2023 09:42:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e8507a94362f-FRA
expires: Tue, 02 Aug 2033 09:42:15 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
718 B 39ms
34ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab0a26f2850163c8217535acb3465cbcdd5e0642f97e70b2e2bc369262ed05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

servershortname
date: Tue, 08 Aug 2023 07:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 249755
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Aug 2023 09:42:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e8507a96362f-FRA
expires: Tue, 02 Aug 2033 09:42:15 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 34ms
33ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_2oDPmyCNELJeTg9&Version=19&Q_ORIGIN=https://member-portal.geha.com&Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f3b592d5d9fec0a567a32412f44781a6174a209279495602c9a7f4004ddfb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

servershortname
date: Tue, 08 Aug 2023 07:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 41781
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Aug 2023 19:28:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e8507a98362f-FRA
expires: Thu, 04 Aug 2033 19:28:29 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 325 B
302 B 33ms
33ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.57b787fd70b42d6049ff.chunk.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=member-portal.geha.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

servershortname
date: Tue, 08 Aug 2023 07:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 472785
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 02 Aug 2023 19:45:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7f35e8507a9a362f-FRA
expires: Sat, 30 Jul 2033 19:45:05 GMT

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 61ms
22ms Image
image/png 184.30.20.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_elF0WfBnxSXZgMt

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-101.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 182
date: Tue, 08 Aug 2023 07:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
content-security-policy-report-only: report-uri https://sjc1.qualtrics.com/csp-report
x-envoy-upstream-service-time: 27
content-disposition: inline; filename=Feedback_Darker_Smaller.png
content-length: 1825
x-request-id: 161fa10c-bafd-4afa-b913-c344d69da4f7
referrer-policy: strict-origin-when-cross-origin
server: envoy
etag: "be2052dd6274e8cbe6a39a1838288fcf"
x-edgeconnect-cache-status: 1
content-type: image/png
access-control-allow-origin: *
x-transaction-id: a8f6a1af-bc0e-4d1e-ab69-17c591c93dd1
cache-control: public, max-age=54
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Tue, 08 Aug 2023 07:05:44 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
125 B 149ms
112ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.96.2&Q_CLIENTTYPE=web&Q_BRANDID=geha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 07:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 45c9b5d979a088b3
cf-ray: 7f35e850eb18362f-FRA

POST
H/1.1 200
OK interact Show response
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/ 1 KB
4 KB 424ms
166ms Fetch
application/json 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/interact

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.03afb1f3bf8890e9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

6b0d05f3959c88662e86cf57e353ac5e32ff393c5d04e23f04b18e024ede0385

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-okta-request-id: ZNHpEs4EIv6pB3pQ3KVc7gAACLo
Date: Tue, 08 Aug 2023 07:04:50 GMT
content-security-policy: frame-ancestors 'self'
x-rate-limit-limit: 1200
x-content-type-options: nosniff
x-rate-limit-remaining: 1199
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://member-portal.geha.com
x-rate-limit-reset: 1691478350
access-control-allow-credentials: true
cache-control: no-cache, no-store
X-Robots-Tag: noindex,nofollow
access-control-allow-headers: Content-Type
Keep-Alive: timeout=5, max=100
expires: 0

OPTIONS
H/1.1 200
OK interact
login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/ 0
0 126ms
126ms Preflight 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/oauth2/aus2r4xjjt1L35mTx4x7/v1/interact

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-okta-user-agent-extended
Access-Control-Request-Method: POST
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Tue, 08 Aug 2023 07:04:50 GMT
Keep-Alive: timeout=5, max=98
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
access-control-allow-credentials: true
access-control-allow-headers: x-okta-user-agent-extended,Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://member-portal.geha.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: ZNHpEngC7EJOTdpeBFYZKgAAAdA
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9999
x-rate-limit-reset: 1691478350
x-xss-protection: 0

POST
H/1.1 200
OK introspect Show response
login.geha.com/idp/idx/ 10 KB
13 KB 391ms
391ms Fetch
application/ion+json 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/idp/idx/introspect

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/chunks/412.03afb1f3bf8890e9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

4a3e422ff4b5efabae689db7925ee71bad7c205a0bc2b89f923971caec2cd1e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/ion+json; okta-version=1.0.0
Referer: https://member-portal.geha.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.0.2 okta-signin-widget-7.3.1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id: ZNHpE84EIv6pB3pQ3KVc8AAACLo
Date: Tue, 08 Aug 2023 07:04:51 GMT
content-security-policy: frame-ancestors 'self'
x-rate-limit-limit: 2000
x-content-type-options: nosniff
x-rate-limit-remaining: 1999
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
vary: Origin
Content-Type: application/ion+json;okta-version=1.0.0
access-control-allow-origin: https://member-portal.geha.com
x-rate-limit-reset: 1691478351
access-control-allow-credentials: true
cache-control: no-cache, no-store
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=5, max=99
expires: 0

OPTIONS
H/1.1 200
OK introspect
login.geha.com/idp/idx/ 0
0 134ms
134ms Preflight 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.geha.com/idp/idx/introspect

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: POST
Origin: https://member-portal.geha.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Tue, 08 Aug 2023 07:04:51 GMT
Keep-Alive: timeout=5, max=97
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://member-portal.geha.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
content-security-policy-report-only: default-src 'self' geha.okta.com login.geha.com *.oktacdn.com; connect-src 'self' geha.okta.com geha-admin.okta.com login.geha.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com geha.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' geha.okta.com login.geha.com *.oktacdn.com; style-src 'unsafe-inline' 'self' geha.okta.com login.geha.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' geha.okta.com geha-admin.okta.com login.geha.com login.okta.com com-okta-authenticator:; img-src 'self' geha.okta.com login.geha.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' geha.okta.com login.geha.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: ZNHpE3gC7EJOTdpeBFYZLwAAAdA
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9998
x-rate-limit-reset: 1691478350
x-xss-protection: 0

GET
H2 200 checkbox-sign-in-widget.fed34083.png
member-portal.geha.com/_next/static/media/ 3 KB
3 KB 387ms
387ms Image
image/png 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member-portal.geha.com/_next/static/media/checkbox-sign-in-widget.fed34083.png

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:51 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"c45-18940c4d9f0"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=62808
server-timing: cdn-cache; desc=HIT, edge; dur=373, origin; dur=0, ak_p; desc="1691478291611_34901589_516568843_37240_7553_6_0_146";dur=1
accept-ranges: bytes
content-length: 3141

GET
H2 200 montserrat-okta-regular-webfont.691ec7ce.woff
member-portal.geha.com/_next/static/media/ 21 KB
22 KB 36ms
36ms Font
font/woff 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/media/montserrat-okta-regular-webfont.691ec7ce.woff

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:51 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"55dc-18940c4d9f0"
x-frame-options: DENY
content-type: font/woff
cache-control: public, max-age=21321
server-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1691478291620_34901589_516568851_558_10248_12_0_255";dur=1
accept-ranges: bytes
content-length: 21980

GET
H2 200 montserrat-okta-light-webfont.4bb7d8d1.woff
member-portal.geha.com/_next/static/media/ 22 KB
22 KB 50ms
50ms Font
font/woff 2a02:26f0:ab00::214:8e59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://member-portal.geha.com/_next/static/media/montserrat-okta-light-webfont.4bb7d8d1.woff

Requested by

Host: member-portal.geha.com
URL: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://member-portal.geha.com/_next/static/css/be5ea0027c648323.css
Origin: https://member-portal.geha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:04:51 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Mon, 10 Jul 2023 17:06:30 GMT
etag: W/"5660-18940c4d9f0"
x-frame-options: DENY
content-type: font/woff
cache-control: public, max-age=15470
server-timing: cdn-cache; desc=HIT, edge; dur=24, origin; dur=0, ak_p; desc="1691478291620_34901589_516568852_2583_10252_7_0_255";dur=1
accept-ranges: bytes
content-length: 22112

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X5XQCNY2FN&gtm=45je3820&_p=1504897768&cid=1297302342.1691478289&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1691478289&sct=1&seg=0&dl=https%3A%2F%2Fmember-portal.geha.com%2F&dt=GEHA%20%7C%20Member%20Portal&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X5XQCNY2FN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://member-portal.geha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 07:04:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://member-portal.geha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geha.com/	1970-01-20 13:51:25	Name: ak_bmsc Value: 21F167973D88A128994C3C9D07B2E2AC~000000000000000000000000000000~YAAQVY4UAsIfN8GJAQAAL2f20xSpsB1GEEhxRGwZarUTEvIv3xcIgrh/naSAaG0zmZwyUuQbIrI1Br2qADrMk8HGpOka6qE3e4Qxirr/5BsC8XABs3cB5JIZbxkTQONYr0oYDJ45Vr9eJDJP14AqX2g+bVJeP4fgUB6pd8l9+rW66//DVt+Ep2O7h3VIcHjxMr5hYX9kh1OmickOLD7w/u73YXNuIT/zlbYuPW0PYupjMC5N2j2zclpt0fHDiyhPXhxniWknbsrg/G+mycojLvCHKDboiG+Ne/N0OJtrbBxAMs2WfRF5odlnlZb+QrXPMT7O8kcvOoB8xExBrzv5srtuHe2UZPuqjdxOsSOVg0KcWRi2VsuebfSvybujh0u6RWW3PtlsD9efvRTXWVHk
.geha.com/	1970-01-20 23:27:18	Name: _ga Value: GA1.1.1297302342.1691478289
.geha.com/	1970-01-20 13:51:25	Name: bm_sv Value: 820020B3269330FE53D1BAAF77289CFD~YAAQVY4UAlAgN8GJAQAAAW320xRtiZHGsg4txA33uUWZzXJsNG8NRaFaAFihc8sUt87rfjuGJ2SRhF2rOSoAblyonDQ+V+3JkgQjILnAqvPBTbSyCiazsigYg7D+aRDSjcnlJgKNdpxOK6Hp7s6c77YtagzuzdxZRhBlKYekrW+8q3wOhNAkxLgWrxuIb+pft3dg5myfA8f07IYZA65Bc/iVqHLxcp58I/tBGfXiKNry/Bk7OetJN2RE9jnntg==~1
.geha.com/	1970-01-20 23:27:18	Name: _ga_X5XQCNY2FN Value: GS1.1.1691478289.1.1.1691478289.0.0.0
login.geha.com/	1970-01-20 23:27:18	Name: DT Value: DI1-lmSfCc_QgqKnRQY6kK5UQ
login.geha.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: B30CFD2702BAA6024F85ED88B58210AB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991b.akstat.io
c.go-mpulse.net
fibrwiaaa3ybckqce3ydkaaaczsnd2ir-panmv2-8aaf6fbec-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
login.geha.com
member-portal.geha.com
p.typekit.net
region1.google-analytics.com
s.go-mpulse.net
siteintercept.qualtrics.com
sjc1.qualtrics.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
use.typekit.net
www.googletagmanager.com
xhkzxes7mu3oczgr5eiq-panmv2-21f588ac5-clientnsv4-s.akamaihd.net
znag9jfhfpvblnpqw-geha.siteintercept.qualtrics.com
zne9klljeuczhtwjz-geha.siteintercept.qualtrics.com
104.17.208.240
184.30.20.101
2001:4860:4802:32::36
2a00:1450:4001:81c::2008
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
2a02:26f0:1700:391::11a6
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:480:9a4::11a6
2a02:26f0:ab00::214:8e59
2a02:26f0:ab00::214:8e63
3.33.189.110
95.101.54.225
062df4685c3665f2fe72e33eb09eb485f2815b06da3ef79a2b9c694a7ab99f61
08fc575374bc43d3f9b2c0bf7ab66e8d84f3fd1e01aa40de5d25c8a684a4e1ec
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ba6e2db53813ce06f2e7cc09e6ac476f5306c87452023f1008d8d67feac7dee
1ab0a26f2850163c8217535acb3465cbcdd5e0642f97e70b2e2bc369262ed05d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4d889de806e7356aca914b8a55c9aad0da9935819320166666df34bad264b3
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
24e2c787dd5a9faf99c308d660a53a4b6ff8051e77df3311d1d57484da97067b
313592f08d48e847f5e9e94118cfa1bfbacc02a65c6d16910b188d675189bd20
31879de5c5dea263fd9f3100eb994df1282022502cd0b1dd0e75615089f16ae9
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
4a3e422ff4b5efabae689db7925ee71bad7c205a0bc2b89f923971caec2cd1e6
4a78244eaaca474e76c68634a0a766d5ec506c9410707d71e68bb11445d6f330
5cfa66663be987c35d8709111800b6b7aa64db48c230251ab2b2680d249eae17
5ebc2cd02aacb80da5275c7843d490f10dfde96db0f92c7dd4848cea50f9472a
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
60c69dc1f42f861e3723311f887cd188973680800b7ad02967a1ba6ca5a0a7f9
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66c0d17081ece393548b540e5860b9e3d282e6dc4ab6482cda3d0332586ce7a0
6868c33019be03f377ae7a9848545c6cc86a5afeeb517fc69219b757f4defa69
6a4ea42815d46b3c139dc0fa04c76152b284ff1fe5c27f8202f1986be631c59c
6abbdde6261404687aa706f41d3135da2d892f28f7da84687ea743cf72b744b7
6b0d05f3959c88662e86cf57e353ac5e32ff393c5d04e23f04b18e024ede0385
6dbc584b36c2dadc91666a4aba780bf708b52a3ebf56216a752f3d18ddea2685
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
77f3b592d5d9fec0a567a32412f44781a6174a209279495602c9a7f4004ddfb6
7a4845f4c299f7e4a79c4e601d4f251ced66f015d631ac53f4ded2ef76e2342b
7c8e3c582a237d2063f76cbcb5dcb1c0da3ae2516057fcc040cb69573d90b65f
87342f52221ad491d21b7403ad38ef35656cd094e768847318ef1f63d89b7136
8af3e17967103995189703522783318d0090ab03b34c8c504ad8c31498ea284b
8ba2af729a603a682abfcab9b9475ad47918b837f8ad600810b0764cff5bade5
8dc0aabfdba09e256de6f43cca8501501967d76e01fd1c8d31ba9db2f976074b
8e64f9dc99c635d0dfaac9e1c2cdf0cc5ef3654c319f5a6bead1831a168031fb
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
9230295cadd808a698abddc0af90987e825aebe7a782ffe9193ea91daffdf587
9c47e38bf3c503853a22558a2b7401be745ad585d673569585e4bb7cef13f68d
9f681b8da64c3df8fa4c5cc1c568f944b3d24e7ba02af2f3da2728a537c4c22f
a2e7d36d4de82c0b030cd8a530a027434e70242aaabbe8b862d0713fccf1be2c
a4a305b7a41dd30c0a4ab038b30c4d95725c81c14d874ce074cafd721d651386
a7f0f5021c3bfe4d94ba78d30dc2852d6cced7b26983a05406a407bbb3605a73
ad99eb77f17a1d10348b24fc38c61a8383044a8877076b3eff03e6c692696644
add5a4ae4344dd616f6599ff1538b07f2a8d18fd1cc05340f76cc3441050c2ab
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7a4dabec83604c176ab50df89d99bfa6c6d3f49e8a2c8a19d1f6c11a445d834
bc691dc824cd13ba929d5e8bd7972588491755a0e1ff7737fd70e2f2be9ddcb4
cfdcf4582976e14f107118e806bd5125e5ac89afe58ee380f621a3d0e8e27a8f
dbef9805b9b6d501b4e09e51b6ff067b4b28e2335fe088ceb978d53128f252b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b14de4cc34994840446a01621cff20807996d6e7309b58f514818a8e83a0d2
e89c85250d2d706958f1a5498cced727203293b7dbeedb6777461531c51cfd88
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0420381ad9aeecf18d84886feebb50271e6cb0cdceabaac960e005dca8185da
f0a0f0f2209974dfe1faf49c1aebbe48af23b557dc92d514f870cf2e9930f4e5
f21426f596f37840594700349ccba1382a6debd529d562943ef1daadff2ee295
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f6613ec75a72e4a4d41be2b9cc1fc04e6675fd148a7eee1ba126fbece0195276
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

member-portal.geha.com Open in urlscan Pro 2a02:26f0:ab00::214:8e59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

71 %IPv6

10 Domains

19 Subdomains

14 IPs

3 Countries

1026 kBTransfer

3453 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

member-portal.geha.com Open in urlscan Pro
2a02:26f0:ab00::214:8e59 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

71 %
IPv6

10
Domains

19
Subdomains

14
IPs

3
Countries

1026 kB
Transfer

3453 kB
Size

6
Cookies

70 HTTP transactions
2 data transactions