www.geisinger.org Open in urlscan Pro
159.240.9.177 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
Submission: On January 03 via manual (January 3rd 2024, 7:31:02 pm UTC) from US — Scanned from US

Summary HTTP 73 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 73 HTTP transactions. The main IP is 159.240.9.177, located in Wilkes-Barre, United States and belongs to GEISINGER, US. The main domain is www.geisinger.org. The Cisco Umbrella rank of the primary domain is 903004.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 17th 2023. Valid for: a year.

This is the only time www.geisinger.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	159.240.9.177 159.240.9.177	29899 (GEISINGER) (GEISINGER)
3	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
4	13.226.34.4 13.226.34.4	16509 (AMAZON-02) (AMAZON-02)
8	54.208.238.152 54.208.238.152	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
4	13.225.214.122 13.225.214.122	16509 (AMAZON-02) (AMAZON-02)
2	44.215.6.117 44.215.6.117	14618 (AMAZON-AES) (AMAZON-AES)
8	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e4:... 2606:4700:e4::ac40:a112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.194.104.64 34.194.104.64	14618 (AMAZON-AES) (AMAZON-AES)
3	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	16.182.32.248 16.182.32.248	16509 (AMAZON-02) (AMAZON-02)
73	14

34 159.240.9.177 (Wilkes-Barre, United States)

ASN29899 (GEISINGER, US)

www.geisinger.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.34.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-4.ewr53.r.cloudfront.net

perfalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.208.238.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-238-152.compute-1.amazonaws.com

web2.production.gyantts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.214.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-122.ewr50.r.cloudfront.net

api.perfalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.215.6.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-6-117.compute-1.amazonaws.com

geisingersystemservices.us-6.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a112 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.104.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-104-64.compute-1.amazonaws.com

25298.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 16.182.32.248 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	geisinger.org www.geisinger.org — Cisco Umbrella Rank: 903004	442 KB
11	qualtrics.com zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com — Cisco Umbrella Rank: 992639 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1531	91 KB
8	gyantts.com web2.production.gyantts.com — Cisco Umbrella Rank: 170794	368 KB
8	perfalytics.com perfalytics.com — Cisco Umbrella Rank: 49844 api.perfalytics.com — Cisco Umbrella Rank: 51889	151 KB
3	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 659	122 KB
2	amazonaws.com s3.amazonaws.com	47 KB
2	evergage.com geisingersystemservices.us-6.evergage.com — Cisco Umbrella Rank: 926736	1 KB
1	siteimproveanalytics.io 25298.global.siteimproveanalytics.io — Cisco Umbrella Rank: 921178	478 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 8778	6 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 6075	47 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	112 KB
73	11

	Domain	Requested by
34	www.geisinger.org	www.geisinger.org
10	siteintercept.qualtrics.com	zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com siteintercept.qualtrics.com
8	web2.production.gyantts.com	www.googletagmanager.com web2.production.gyantts.com
4	api.perfalytics.com	perfalytics.com
4	perfalytics.com	www.googletagmanager.com perfalytics.com
3	maps.googleapis.com	www.geisinger.org maps.googleapis.com
2	s3.amazonaws.com	client
2	geisingersystemservices.us-6.evergage.com	cdn.evgnet.com
1	25298.global.siteimproveanalytics.io
1	siteimproveanalytics.com	www.geisinger.org
1	zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com	www.geisinger.org
1	cdn.evgnet.com	www.googletagmanager.com
1	www.googletagmanager.com	www.geisinger.org
73	13

This site contains links to these domains. Also see Links.

Domain
providers.geisinger.org
locations.geisinger.org
jobs.geisinger.org
www.mygeisinger.org
events.geisinger.org
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
secure2.convio.net
employee.geisinger.org
geisinger-stores.think-cgc.com
www.gyant.com

Subject Issuer	Validity	Valid
www.geisinger.org Entrust Certification Authority - L1K	`2023-11-17` - `2024-11-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
perfalytics.com Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
web2.production.gyantts.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.perfalytics.com Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
*.us-6.evergage.com Amazon RSA 2048 M02	`2023-11-12` - `2024-12-11`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M02	`2023-10-26` - `2024-11-23`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
Frame ID: E96C673221C622004E199410526AEB58
Requests: 69 HTTP requests in this frame

Frame: https://s3.amazonaws.com/assets.gyant.com/fonts/fonts.css
Frame ID: DD1061A237EF0194C46AC92355079B4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Patient Billing Services – Refunds | Geisingeractivity

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

73
Requests

99 %
HTTPS

23 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

1388 kB
Transfer

4627 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://providers.geisinger.org/search?primary_care=Primary+Care+Providers&sort=networks%2Crelevance%2C+availability_density_best&filter=direct_book_capable%3AT&filter=appointment_ehr_purposes.patient_relationship%3Anew&filter=appointment_ehr_purposes.name%3ANew+patient+visit&filter=appointment_ehr_purposes.ehr_data.visibilities.consumer%3Adirect_book&utm_source=org&utm_medium=OrgNav&utm_campaign=OrgNav&utm_id=OrgNav
Title: Find a provider

Search URL Search Domain Scan URL

URL: https://locations.geisinger.org/
Title: Find a location

Search URL Search Domain Scan URL

URL: https://jobs.geisinger.org/
Title: Join our team

Search URL Search Domain Scan URL

URL: https://www.mygeisinger.org/api/secure/logonroute/mygeisinger
Title: Access MyGeisinger portal

Search URL Search Domain Scan URL

URL: https://providers.geisinger.org/
Title: Find a provider

Search URL Search Domain Scan URL

URL: https://events.geisinger.org/
Title: View classes and support groups

Search URL Search Domain Scan URL

URL: https://www.facebook.com/geisingerhealth

Search URL Search Domain Scan URL

URL: https://twitter.com/geisingerhealth

Search URL Search Domain Scan URL

URL: https://www.instagram.com/geisingerhealth/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/geisinger

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8ZVDJGuyxXQU5bcuDOc1rg

Search URL Search Domain Scan URL

URL: https://secure2.convio.net/gss/site/Donation2
Title: Make a gift

Search URL Search Domain Scan URL

URL: https://employee.geisinger.org/
Title: Employee login

Search URL Search Domain Scan URL

URL: https://geisinger-stores.think-cgc.com/
Title: Geisinger company stores

Search URL Search Domain Scan URL

URL: https://www.gyant.com/
Title: Gyant

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request refunds Show response
www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/ 71 KB
19 KB 712ms
398ms Document
text/html 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

0181401e4271d4285072bb07c53fae6202df9c9b462cb45be53bde593e112bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 18631
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 19:30:55 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Server: W3P1
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK VisitorIdentification.js Show response
www.geisinger.org/layouts/system/ 3 KB
1 KB 94ms
91ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/layouts/system/VisitorIdentification.js

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

ebab9b58fe5bfc97c97757ae76ec2416caf147b120c2d843c9b62bc04deff877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:55 GMT
Last-Modified: Tue, 01 Nov 2022 18:08:09 GMT
ETag: "80ad7e51ceed81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Server: W3P1
Accept-Ranges: bytes
Content-Length: 1003
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK google-tag-manager.js Show response
www.geisinger.org/assets/shared/js/ 423 B
890 B 169ms
82ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/shared/js/google-tag-manager.js

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

224085d1bc12e368cada479e637bb39c05bdc772ee3143c5a904a66c2c578496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:55 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "506ae6c77516da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W3P1
Accept-Ranges: bytes
Content-Length: 455
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK main.min.css
www.geisinger.org/assets/og/css/ 410 KB
55 KB 229ms
143ms Stylesheet
text/css 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/css/main.min.css?104716

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

30cb0b25531c791aa130c227715a383aa5dbdff34fe619897e5e598614d54026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:54 GMT
Last-Modified: Wed, 22 Nov 2023 11:18:54 GMT
ETag: "0e35ead351dda1:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
X-Server: W2P1
Accept-Ranges: bytes
Content-Length: 56348
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK r-dev.min.css
www.geisinger.org/assets/og/css/ 89 KB
16 KB 233ms
147ms Stylesheet
text/css 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/css/r-dev.min.css?104716

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

8cf8e62a4e15a33c9369547ca97cb313307b2e99169f9714f9a5c15e27fd3ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:54 GMT
Last-Modified: Wed, 29 Nov 2023 21:48:54 GMT
ETag: "067d1d8d23da1:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
X-Server: W2P1
Accept-Ranges: bytes
Content-Length: 15866
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK globalnav.min.css
www.geisinger.org/assets/og/css/ 20 KB
4 KB 161ms
75ms Stylesheet
text/css 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/css/globalnav.min.css?104716

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

d6bcec4a6c28827cd1423b7720078ca5df25b38edccea0f0f8ab4750de41c5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:55 GMT
Last-Modified: Wed, 22 Nov 2023 11:18:54 GMT
ETag: "0e35ead351dda1:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
X-Server: W3P1
Accept-Ranges: bytes
Content-Length: 4070
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK vendor.min.css
www.geisinger.org/assets/og/css/ 31 KB
8 KB 165ms
79ms Stylesheet
text/css 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/css/vendor.min.css

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

c60f54944d6d4d0c614be1ee556e5a344caf76b879ea989afc41ef3bfd4ddaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:54 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "0f8cdc77516da1:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
X-Server: W1P1
Accept-Ranges: bytes
Content-Length: 7839
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK vendor2.js Show response
www.geisinger.org/assets/og/js/ 112 KB
31 KB 84ms
81ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/js/vendor2.js

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

173eea29380df57b4b6ce821beb0ba1119f481f0af496b1c578d2918cf6a85e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:55 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "0f8cdc77516da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W2P1
Accept-Ranges: bytes
Content-Length: 31292
X-Xss-Protection: 1; mode=block

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 194 KB
65 KB 127ms
50ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyC8h_Tsvt5Tvu31fVAFMdIdN_MTWAVu3Xc&libraries=places

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

2d40ea5bdc3fc4ecea71ae0e38bf6d32364ddae4c6629391b2af8ee93a2c9a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66475
x-xss-protection: 0

GET
H/1.1 200
OK nurses-get-care.jpg
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/ 18 KB
18 KB 140ms
140ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/nurses-get-care.jpg?h=368&iar=0&w=480&sc_lang=en&hash=8CBB11307B8C5986E572C0218A4F3C62

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

48bd0260ea996e846e98184158b649d754b6bd6711b9d29562b80a4a5f9f6e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Jun 2022 16:56:49 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W1P1
Content-Disposition: inline; filename="nurses-get-care.webp"
Accept-Ranges: bytes
Content-Length: 18476
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK pay-bill-online.jpg
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/ 14 KB
15 KB 79ms
75ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/pay-bill-online.jpg?h=368&iar=0&w=480&sc_lang=en&hash=495A05CA3B01CB13C17CC1FECA6293A1

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

5f9414fd742a352ebb723908b7510c214b551719f5f53b6291f6f4970f11c4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Jun 2022 16:56:54 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W2P1
Content-Disposition: inline; filename="pay-bill-online.webp"
Accept-Ranges: bytes
Content-Length: 14842
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK mygeisinger.jpg
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/ 25 KB
25 KB 122ms
118ms Image
image/jpeg 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/mygeisinger.jpg?h=368&iar=0&w=480&sc_lang=en&hash=C971A578B15DAB8FAD3FAAF24112C4EA

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

58d0fcdda9187ec26a3b06c06be441c4f0fd5a5123bec70a02e3ad0ccd68f529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Jun 2022 16:56:55 GMT
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
X-Server: W3P1
Content-Disposition: inline; filename="mygeisinger.jpg"
Accept-Ranges: bytes
Content-Length: 25523
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK shop-plan.jpg
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/ 22 KB
22 KB 85ms
81ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/shop-plan.jpg?h=368&iar=0&w=480&sc_lang=en&hash=8F5AC2516BAEA0F4913D168DDA96EFF4

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

81c45d631bf8812499616c3f4459a51345e92a45a1b81b1b76960eee4ddb6844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Jun 2022 16:56:50 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W1P1
Content-Disposition: inline; filename="shop-plan.webp"
Accept-Ranges: bytes
Content-Length: 22028
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK member-portal.jpg
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/ 27 KB
27 KB 86ms
86ms Image
image/jpeg 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/member-portal.jpg?h=368&iar=0&w=480&sc_lang=en&hash=10E05EA0EBD60FB00998DDEFEEEF4B45

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

da883507f013cb43f1aac56110531d914dd5120d79512aaa12c11be80c66f6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Jun 2022 16:56:49 GMT
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
X-Server: W2P1
Content-Disposition: inline; filename="member-portal.jpg"
Accept-Ranges: bytes
Content-Length: 27428
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK edu-1.jpg
www.geisinger.org/-/media/OneGeisinger/Images/GCHS/Education/mega-menu/ 30 KB
31 KB 131ms
75ms Image
image/jpeg 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/GCHS/Education/mega-menu/edu-1.jpg?h=368&iar=0&w=480&sc_lang=en&hash=1E6FB70DC153D7AD7C57B5EB64E7B7DC

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

4f95dd65c67802769dc9a637ea8ac8c386641e54cb591b1480ab0d1f31c150bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Dec 2023 20:46:41 GMT
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
X-Server: W2P1
Content-Disposition: inline; filename="edu-1.jpg"
Accept-Ranges: bytes
Content-Length: 30934
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK edu-2.jpg
www.geisinger.org/-/media/OneGeisinger/Images/GCHS/Education/mega-menu/ 16 KB
16 KB 151ms
76ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/GCHS/Education/mega-menu/edu-2.jpg?h=368&iar=0&w=480&sc_lang=en&hash=CCB082969341B0F78C33FF14222D7D52

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

9f556ab44b479f0a3a523f0ba3176ef69ad6ca7d3591a896e63e3a0e7282444c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Dec 2023 14:02:38 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W3P1
Content-Disposition: inline; filename="edu-2.webp"
Accept-Ranges: bytes
Content-Length: 15938
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK donate2.png
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/icons/ 320 B
732 B 86ms
80ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/icons/donate2.png?sc_lang=en

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

2a38fffccd987c6a67246c5d2ad2c30a618dd22c03aa5bf1ba7e3f12f2b9e90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 Jan 2021 03:38:56 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W3P1
Content-Disposition: inline; filename="donate2.webp"
Accept-Ranges: bytes
Content-Length: 320
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Sched-appt--white.png
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/icons/ 540 B
962 B 86ms
83ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/icons/Sched-appt--white.png?sc_lang=en

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

4b89c49562fa6d101763494bed0563ad7b8b9491044e02a1b5115ca882f64bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Dec 2023 21:23:54 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W1P1
Content-Disposition: inline; filename="Sched-appt white.webp"
Accept-Ranges: bytes
Content-Length: 540
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK geisingerlogo.svg
www.geisinger.org/-/media/OneGeisinger/Images/Logos/ 3 KB
4 KB 123ms
86ms Image
image/svg+xml 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/Logos/geisingerlogo.svg?sc_lang=en

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

768ca90ee723471095ebb9ded0a7b950c2f9f85b71e0c936528419ecb39e3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Oct 2022 12:23:18 GMT
Content-Type: image/svg+xml
Cache-Control: private, max-age=604800
X-Server: W3P1
Content-Disposition: inline; filename="geisingerlogo.svg"
Accept-Ranges: bytes
Content-Length: 3213
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Sched-appt.png
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/icons/ 886 B
1 KB 121ms
75ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/icons/Sched-appt.png?sc_lang=en

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

3e3646d6e7aaad59404a04a368b1284775d8371afbbf883d83cfdefd33cfe3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Dec 2023 21:23:05 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W1P1
Content-Disposition: inline; filename="Sched-appt.webp"
Accept-Ranges: bytes
Content-Length: 886
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK donate-icon-2.svg
www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/icons/ 2 KB
3 KB 195ms
107ms Image
image/svg+xml 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/global-navigation/icons/donate-icon-2.svg?sc_lang=en

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

28cfdf42dd5d5324691bce677ca2e20e533948ec4dcfe8a6fa1b187c7c52b0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Dec 2020 16:18:23 GMT
Content-Type: image/svg+xml
Cache-Control: private, max-age=604800
X-Server: W2P1
Content-Disposition: inline; filename="donate-icon-2.svg"
Accept-Ranges: bytes
Content-Length: 2470
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK js-move-ribbon.js Show response
www.geisinger.org/assets/og/js/ 237 B
723 B 72ms
68ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/js/js-move-ribbon.js

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

cb1132facbecfd46818064a4c0a39da440074ea81f9717c2929529f68b9fb4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:54 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "feb7ddc77516da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W1P1
Accept-Ranges: bytes
Content-Length: 288
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK facebook.png
www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/ 612 B
1 KB 82ms
81ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/facebook.png?h=100&iar=0&w=100&sc_lang=en&hash=80E2B6E68EC460C2CA4E9F28043E4D5C

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

92aee36cfd7633614311abde3c9126786ab13b21151da97f07cafa07b269f583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Oct 2017 12:26:27 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W3P1
Content-Disposition: inline; filename="facebook.webp"
Accept-Ranges: bytes
Content-Length: 612
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK twitter.png
www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/ 1 KB
1 KB 80ms
79ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/twitter.png?h=100&iar=0&w=100&sc_lang=en&hash=036CDADA79F6134E95687BCE9C9351AE

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

0a322e0aaf3f898de1d64ad35366b8eea3e5246e05195df48f36138dc0103a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 19:11:51 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W1P1
Content-Disposition: inline; filename="twitter.webp"
Accept-Ranges: bytes
Content-Length: 1038
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK instagram.png
www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/ 1 KB
2 KB 83ms
81ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/instagram.png?h=100&iar=0&w=100&sc_lang=en&hash=6DB0F2A40BF6DD2F5A0E9000F012C39A

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

79333fd4412ff430f7fa04b77d64a0e14296822795922d890f03f82ec17b9668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Nov 2016 13:04:52 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W2P1
Content-Disposition: inline; filename="instagram.webp"
Accept-Ranges: bytes
Content-Length: 1278
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK linkedin.png
www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/ 1 KB
1 KB 91ms
90ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/linkedin.png?h=100&iar=0&w=100&sc_lang=en&hash=96568BFCEA0ABE67534FC319EEE32B7E

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

d967303261f2fb14eef5b95f2b4bb6a3ae0294b0a15a2b5ebe2cd6e6d31cf064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Nov 2016 13:04:56 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W3P1
Content-Disposition: inline; filename="linkedin.webp"
Accept-Ranges: bytes
Content-Length: 1050
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK youtube.png
www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/ 860 B
1 KB 81ms
81ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/Social-Icons/youtube.png?h=100&iar=0&w=100&sc_lang=en&hash=FB60CD52AB6BAD4CEC13832DF64AFA3F

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

ab03496ae765e11b47614b454887cb674f1061f3916584f1fd943772eb05a6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Nov 2016 13:05:25 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W1P1
Content-Disposition: inline; filename="youtube.webp"
Accept-Ranges: bytes
Content-Length: 860
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK geisingerlogo-white.png
www.geisinger.org/-/media/OneGeisinger/Images/Logos/ 2 KB
3 KB 76ms
75ms Image
image/webp 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/-/media/OneGeisinger/Images/Logos/geisingerlogo-white.png?h=90&iar=0&w=246&sc_lang=en&hash=B0E026F30ED2AAC902729F5E75B5AEBD

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

e6daab0a259d8aa78c9dbbabae1fd23df2100e5c69524532b914994af19da691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 19 Jul 2021 14:05:53 GMT
Content-Type: image/webp
Cache-Control: private, max-age=604800
X-Server: W2P1
Content-Disposition: inline; filename="geisingerlogo-white.webp"
Accept-Ranges: bytes
Content-Length: 2284
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK vendor.js Show response
www.geisinger.org/assets/og/js/ 350 KB
102 KB 88ms
88ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/js/vendor.js

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

b5a727ae0d84f06e20441d6d1a5e104a761f466c3820502781ded1033f18fc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:55 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "0f8cdc77516da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W3P1
Accept-Ranges: bytes
Content-Length: 103566
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
www.geisinger.org/assets/og/js/ 69 KB
22 KB 81ms
79ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/js/main.js?104716

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

9d9fe7f1e3315c26ac02152c8259b32565b1706dd8758844d1badb594464adf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:54 GMT
Last-Modified: Wed, 22 Nov 2023 11:18:54 GMT
ETag: "0e35ead351dda1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W1P1
Accept-Ranges: bytes
Content-Length: 21643
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK externallink.js Show response
www.geisinger.org/assets/og/js/ 8 KB
3 KB 86ms
84ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/js/externallink.js

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

23dbce1060213b3e377d516124d4aac1ed841ef1587ce4d4400b9779529bdff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:55 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "0f8cdc77516da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W3P1
Accept-Ranges: bytes
Content-Length: 2452
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK sitecorecorrections.js Show response
www.geisinger.org/assets/og/js/ 5 KB
2 KB 1164ms
1163ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/js/sitecorecorrections.js

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

a49c27cfb013afc63fc164e6187893234d7eddb4dbb747e2862b483d0fa66bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:54 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "0f8cdc77516da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W1P1
Accept-Ranges: bytes
Content-Length: 1954
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK gsa-query-autocomplete.js Show response
www.geisinger.org/assets/og/js/ 580 B
1000 B 76ms
75ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/js/gsa-query-autocomplete.js

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

f543f2ce21aa28f7ba71f282721c6de45e56f60045e0b6a820a4b6e49e8ca43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:55 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "ce68d7c77516da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W3P1
Accept-Ranges: bytes
Content-Length: 565
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK js-globalnav.js Show response
www.geisinger.org/assets/og/js/ 5 KB
2 KB 87ms
84ms Script
application/javascript 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geisinger.org/assets/og/js/js-globalnav.js?104716

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

9db80f0225d5257b5ef7dd35fb4f6df8cf8d06bb37bde41848ecbe7a0933f908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 Jan 2024 19:30:55 GMT
Last-Modified: Mon, 13 Nov 2023 21:10:08 GMT
ETag: "0f8cdc77516da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Server: W3P1
Accept-Ranges: bytes
Content-Length: 1820
X-Xss-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 380 KB
112 KB 111ms
39ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWTLNG&l=coreDataLayer

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/assets/shared/js/google-tag-manager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

756553b207ce7622b839f2551db4bd3b255ea778ba21bb4a452b3f36850fa054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113960
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 18:52:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 19:30:55 GMT

GET
H2 200 freshpaint-gtm.js Show response
perfalytics.com/static/js/ 9 KB
3 KB 137ms
36ms Script
application/javascript 13.226.34.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/freshpaint-gtm.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWTLNG&l=coreDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-4.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 867dfc01b3dd04fb78e93031e57244b67a17a2be5bdb8740dd64caf010380d3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:43:38 GMT
x-amz-version-id: P.YkmPDqfPpw.Ps1wJs4CoNOxtHh64HD
content-encoding: gzip
last-modified: Fri, 29 Dec 2023 00:55:55 GMT
server: AmazonS3
via: 1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"414c32d05323d82c18fae570b931af91"
age: 2839
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lhm5dMhChTS3dbeJrNXhtrovMSPvxWcAUS-Ru_I38th_7HMnueWOhA==

GET
H/1.1 200
OK gyant-embed.js Show response
web2.production.gyantts.com/ 1 MB
359 KB 178ms
50ms Script
application/javascript 54.208.238.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/gyant-embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWTLNG&l=coreDataLayer

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.208.238.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-238-152.compute-1.amazonaws.com

Software

Resource Hash

e7e98ffc835b914da27436cc8c0acfb40850ec567503addde6bfa8f5c57d2e5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' cdn.jsdelivr.net .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:30:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' cdn.jsdelivr.net *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 01 Jan 2024 10:39:22 GMT
ETag: W/"6592965a-141779"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/geisingersystemservices/prod_geisinger/scripts/ 180 KB
47 KB 133ms
47ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/geisingersystemservices/prod_geisinger/scripts/evergage.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWTLNG&l=coreDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f12847a6d4fde42d774afb2d17508ffe55c40f3f26494eb874630cf0d2f387cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: qDuuWlTUnLJBWPXy2BhEn.V2G9XqOeLg
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 03 Jan 2024 19:30:56 GMT
x-amz-request-id: CQ6JZ81DKHMPAHZF
age: 116
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 47778
x-amz-id-2: Tv9b1c8JO3AMtpZqMfv9zVffpHU4MFYk87L4hH/WWfo+2uCyOcFtkzOJ/nkH+Y58DF+v2yMEfmE=
x-served-by: cache-iad-kiad7000026-IAD, cache-yyz4525-YYZ
x-amz-meta-evergage-sum: 22d72a30261068f0635e478e305f1d5ce745c289
last-modified: Wed, 20 Dec 2023 06:23:19 GMT
server: AmazonS3
x-timer: S1704310256.003164,VS0,VE15
etag: "33e25f3a1f19e54902e14ce23f7084aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 298353, 0

GET
H2 200 freshpaint.js Show response
perfalytics.com/static/js/ 122 KB
39 KB 35ms
30ms Script
application/javascript 13.226.34.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/freshpaint.js
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint-gtm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-4.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6eaf930c7d6415c155f55c5097fcfa244cc671f63c15392952a91246084f66ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:43:37 GMT
x-amz-version-id: HP4HB4OTlG6VTisyIY0J_M5lJtuTLgvw
content-encoding: gzip
last-modified: Fri, 29 Dec 2023 00:55:54 GMT
server: AmazonS3
via: 1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"5e04e91aff77cc6abfd2d707fa3e0051"
age: 2840
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lcAJYJ7MLEJn-5EvmcGWfh68a18V4SgzZcnr2ZVHzLMkst9twEf5qA==

GET
H2 200 b11c800a-cce7-4d52-adc7-f53565625041 Show response
perfalytics.com/event-definitions/ 125 KB
13 KB 91ms
32ms XHR
application/json 13.226.34.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/event-definitions/b11c800a-cce7-4d52-adc7-f53565625041
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-4.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16c53aefddac552064c16c5f74c9f892dfe9900f695a9db39a8e0281918bdb5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: GHZZvdkvp5doGscT.k2HT0HWv1cumZv.
content-encoding: gzip
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05c.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 19:30:01 GMT
x-amz-cf-pop: EWR53-C2
age: 55
x-cache: Hit from cloudfront
last-modified: Tue, 19 Dec 2023 15:07:43 GMT
server: AmazonS3
etag: W/"2e2e0ffa44566f1ce0de41ed1ab5042a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60,s-max-age=60
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: x9xYlZLYFoLInIcb66JD8iQZB9_Hr-Ji0hOzgyaopJ6h4mV-2jRxoA==

GET
H2 200 integrations.js Show response
perfalytics.com/static/js/ 388 KB
94 KB 36ms
36ms Script
text/javascript 13.226.34.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/integrations.js
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-4.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18b6950257b6495aaa5ed01184ca60fa0ac0517c57fab17a395e2f2a657d1f0a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:43:38 GMT
x-amz-version-id: IZwlI2RNkt9KQP3CFzfuyOXSjs4NVRk5
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 15:00:29 GMT
server: AmazonS3
via: 1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"8ed8eaba125f015032b22bded04b5d78"
age: 2839
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: fu_XX2z41IzH2aW5E6mLLk_UuuplwSnOfzrageeVVg_nmxdsqXdy0w==

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 163ms
87ms Preflight
application/json 13.225.214.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-122.ewr50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geisinger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Wed, 03 Jan 2024 19:30:56 GMT
via: 1.1 f91b1dd39ce8309d7fc575add365607e.cloudfront.net (CloudFront)
x-amz-apigw-id: Q-ldnHFYvHcEdJA=
x-amz-cf-id: MGvXln-yIiJAvXRnq8gQCfXtbhWimnapfqb4UHHCqBr9XveETYklpQ==
x-amz-cf-pop: EWR50-C1
x-amzn-requestid: 3c50e759-2b65-45c5-bf42-2b2635698772
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 159ms
88ms Preflight
application/json 13.225.214.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-122.ewr50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geisinger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Wed, 03 Jan 2024 19:30:56 GMT
via: 1.1 f91b1dd39ce8309d7fc575add365607e.cloudfront.net (CloudFront)
x-amz-apigw-id: Q-ldnF_AvHcEDng=
x-amz-cf-id: D5ByIWFKQiMu3imQYg-m4M3wnQTSVBY8AXRwXPJ9Lz-sg0TIYqnXLw==
x-amz-cf-pop: EWR50-C1
x-amzn-requestid: 5299a4d5-6448-4644-acfb-c8161059a432
x-cache: Miss from cloudfront

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
653 B 213ms
211ms XHR
application/json 13.225.214.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-122.ewr50.r.cloudfront.net
Software: /
Resource Hash: 5edd6e56512d9c5687c469f597509c82a633ba3f30cc7ce7291e6a9873579aaa

Request headers

Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 19:30:56 GMT
via: 1.1 f91b1dd39ce8309d7fc575add365607e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-amzn-requestid: 3aa11576-2b9f-439c-a9e6-b852294a7c65
x-amzn-trace-id: Root=1-6595b5f0-39ef419078f0060749e335a1
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: Q-ldqFo_vHcEOfQ=
content-length: 133
x-amz-cf-id: caxjmk4o4NSbfSP92Bm6LorjZYWSKFY8p_SQPm-6lHVOToDOqdC2SA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
654 B 109ms
107ms XHR
application/json 13.225.214.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-122.ewr50.r.cloudfront.net
Software: /
Resource Hash: 5a5a050b47423ad924db11f4385182a767753d25b22ace37338c4ef2e1199ee6

Request headers

Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 19:30:56 GMT
via: 1.1 f91b1dd39ce8309d7fc575add365607e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-amzn-requestid: 309be7cc-f524-4d34-be2d-1639bd4f621a
x-amzn-trace-id: Root=1-6595b5f0-4457818d7262ab1f3eee1e78
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: Q-ldoHmQvHcEqOg=
content-length: 133
x-amz-cf-id: CypkjL2ssOzCEPM7D9uYS_ryyWsY02FF1PerYzJywv3acrLqDXMQKQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 93ms
41ms XHR
application/json 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC8h_Tsvt5Tvu31fVAFMdIdN_MTWAVu3Xc&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.geisinger.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H/1.1 404
Not Found ui-bg_highlight-soft_100_eeeeee_1x100.png
www.geisinger.org/assets/og/css/images/ 1 KB
1 KB 69ms
69ms Image
text/html 159.240.9.177
GEISINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geisinger.org/assets/og/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/assets/og/css/vendor.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.240.9.177 Wilkes-Barre, United States, ASN29899 (GEISINGER, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/assets/og/css/vendor.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Date: Wed, 03 Jan 2024 19:30:56 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
X-Server: W2P1
Content-Length: 1245
X-Xss-Protection: 1; mode=block

GET
H2 200 prod_geisinger Show response
geisingersystemservices.us-6.evergage.com/api2/event/ 137 B
820 B 222ms
43ms XHR
application/json 44.215.6.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://geisingersystemservices.us-6.evergage.com/api2/event/prod_geisinger?event=eyJzb3VyY2UiOnsicGFnZVR5cGUiOiJwYXRpZW50X2NhcmUiLCJ1cmwiOiJodHRwczovL3d3dy5nZWlzaW5nZXIub3JnL3BhdGllbnQtY2FyZS9wYXRpZW50cy1hbmQtdmlzaXRvcnMvYmlsbGluZy1hbmQtaW5zdXJhbmNlL3JlZnVuZHMiLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJiZWFjb25WZXJzaW9uIjoxNiwiY29uZmlnVmVyc2lvbiI6IjM1IiwiY29udGVudFpvbmVzIjpbImdsb2JhbF9wb3B1cCJdfSwidXNlciI6eyJhbm9ueW1vdXNJZCI6IjA2ZjMxNDhhMWU1MzcxYzIiLCJpZGVudGl0aWVzIjp7fSwiYXR0cmlidXRlcyI6e319LCJpbnRlcmFjdGlvbiI6eyJuYW1lIjoicGF0aWVudF9jYXJlIn0sInBhZ2VWaWV3Ijp0cnVlLCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6IjAzODc4NDY2OTQzNTkxODQwNiIsImV4cGxhaW4iOnRydWV9

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/geisingersystemservices/prod_geisinger/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.6.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-6-117.compute-1.amazonaws.com

Software

Resource Hash

a3cc6d4a106edd62408c642b18cf48e3e321c3d5a468038ef4985e336d2704fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.geisinger.org
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 / Show response
zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 216ms
44ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_9ZfOeRjLe9LIiX4

Requested by

Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04ca851275e7b0e380319237d9ab69cb9427a0cdeeb486c4b6709c3ea5c99055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 493317
cf-polished: origSize=9155
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23c3-Tmc379ArVYNSIC0zeuBFjKcqPRU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 83fda8c3d94a39cc-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 siteanalyze_25298.js Show response
siteimproveanalytics.com/js/ 14 KB
6 KB 204ms
36ms Script
application/javascript 2606:4700:e4::ac40:a112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_25298.js
Requested by: Host: www.geisinger.org
URL: https://www.geisinger.org/patient-care/patients-and-visitors/billing-and-insurance/refunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96345c176e257ed6581fb09ee2e9ea3ff6c91ad51996ba2090171e5f948963e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8G092AA5V6Q3WYME
age: 1299
alt-svc: h3=":443"; ma=86400
content-length: 5128
x-amz-id-2: Xg25KAlPY63jAfwvbIemfocml0YMIAJdBVfAQDB92G7ejQ8D6w09DNsYW5K/u3Ho65imKDkWkXY=
last-modified: Mon, 16 May 2022 09:38:35 GMT
server: cloudflare
etag: "cd8f0cb88e9aff0b9c3b9120e0503581"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FX1mJ%2BGetKSRIAPuK%2FfQ%2B%2B7fLgaEguPPOfK%2Fc8wc%2B0wyPik5tE06kWWn6v1URNZLVmelI%2BcuXW24EBwEz%2FJqF6Wbwo%2F1YTNc5naRFyGDWum6V5V4u8okDhiSQ4jedRQLlT4VpMag2CCJtgZ3BrG3px%2FQ9GUClY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 83fda8c3daac437e-EWR

POST
H2 204 pr
geisingersystemservices.us-6.evergage.com/ 0
537 B 39ms
37ms Ping
text/plain 44.215.6.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://geisingersystemservices.us-6.evergage.com/pr?.top=235&action=patient_care&.tt=223&.dt=2206&.lt=2331&.bv=16&_ak=geisingersystemservices&_ds=prod_geisinger&.scv=35&channel=Web&_r=703326&.anonId=06f3148a1e5371c2&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/geisingersystemservices/prod_geisinger/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.6.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-6-117.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.geisinger.org
date: Wed, 03 Jan 2024 19:30:57 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 12.d4c11cd65f6f6fc513bb.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 72 KB
22 KB 56ms
55ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.d4c11cd65f6f6fc513bb.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geisinger.org

Requested by

Host: zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com
URL: https://zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_9ZfOeRjLe9LIiX4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680fcd85850906013938750127753f37f17bf6c45b49e7a58a5ade0fd0e84377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 149627
cf-polished: origSize=74611
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"12373-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 83fda8c429b539cc-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 image.aspx
25298.global.siteimproveanalytics.io/ 34 B
478 B 196ms
39ms Image
image/gif 34.194.104.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://25298.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.geisinger.org%2Fpatient-care%2Fpatients-and-visitors%2Fbilling-and-insurance%2Frefunds&title=Patient%20Billing%20Services%20%E2%80%93%20Refunds%20%7C%20Geisinger&res=1600x1200&accountid=25298&rt=2592&prev=de2174e0-6322-e6c7-be0e-e24701041554&luid=f2bb58c2-5592-d41c-6242-d1d93dac47bb&rnd=59822
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.104.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-104-64.compute-1.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 03 Jan 2024 19:30:57 GMT
cache-control: max-age=0
content-length: 34
expires: Wed, 03 Jan 2024 19:30:57 UTC

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 91ms
90ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_9ZfOeRjLe9LIiX4&Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d4c11cd65f6f6fc513bb.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geisinger.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd19506baebac4ca5b43223434da2870dfb951649ee0c8c34f8b2dd45d158da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.geisinger.org
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: a23e665c406147ff
cf-ray: 83fda8c49a5339cc-YYZ
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 101 KB
31 KB 49ms
49ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geisinger

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d4c11cd65f6f6fc513bb.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geisinger.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dd246d6240a7d156830950a9bbee2121c5e62fdb76dd84d82d838fbf143cc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 149627
cf-polished: origSize=103878
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"195c6-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 83fda8c52b4a39cc-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 7.c677f83c9eec0bfd12b3.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 53ms
52ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.c677f83c9eec0bfd12b3.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geisinger

Requested by

Host: zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com
URL: https://zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_9ZfOeRjLe9LIiX4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92e4432090d41a6444853dfc63091062a38ce4bea2fd35efa8f394c66a3f2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 149626
cf-polished: origSize=2904
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b58-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 83fda8c59c0639cc-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.222db855180bcd258b60.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 42ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.222db855180bcd258b60.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geisinger

Requested by

Host: zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com
URL: https://zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_9ZfOeRjLe9LIiX4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55054dcedfeacfa6740438956a10cb1c7a8acfcdc642ea9cf91131ca4b93f3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 149626
cf-polished: origSize=29694
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"73fe-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 83fda8c59c0e39cc-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 63 KB
23 KB 41ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geisinger

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d4c11cd65f6f6fc513bb.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geisinger.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eaa61116a44b60d15c87e58db63270223e677db1d546e128906d77d11c8a572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 149627
cf-polished: origSize=65278
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 18:25:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"fefe-18c3613fda8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 83fda8c59c1739cc-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
1 KB 87ms
42ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_8pQE7zRFyOKvgmq&Version=15&Q_ORIGIN=https://www.geisinger.org&Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d4c11cd65f6f6fc513bb.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geisinger.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

975e7d3428b3e726c4778c981c0c95a460f1f0441d4e11501d9b3bc996045f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

servershortname
date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21708
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Jan 2024 13:29:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 83fda8c5eb3f36fa-YYZ
expires: Sat, 31 Dec 2033 13:29:09 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
663 B 98ms
54ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_3xZuwmnegbGri6O&Version=14&Q_InterceptID=SI_8pQE7zRFyOKvgmq&Q_ORIGIN=https://www.geisinger.org&Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.d4c11cd65f6f6fc513bb.chunk.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=www.geisinger.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcdbc10424b62f485820d3a06df6afc446722154635368190882da9b3c3d12ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

servershortname
date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21720
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Jan 2024 13:28:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 83fda8c5eb4236fa-YYZ
expires: Sat, 31 Dec 2033 13:28:57 GMT

GET
H/1.1 200
OK gsg-fd Show response
web2.production.gyantts.com/api/getConfig/ 3 KB
3 KB 115ms
42ms XHR
application/json 54.208.238.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/getConfig/gsg-fd

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.208.238.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-238-152.compute-1.amazonaws.com

Software

Resource Hash

105d9ff1ba9da787639341cf61ab6bcdab0275d79f51e3d688a0198fdc99e98e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:30:57 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-DNS-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
216 B 80ms
69ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_3xZuwmnegbGri6O&Q_SIID=SI_8pQE7zRFyOKvgmq&Q_ASID=AS_91554306&Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&r=1704310257646

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.104.0&Q_CLIENTTYPE=web&Q_BRANDID=geisinger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geisinger.org
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 67a4f2c56eceb5ac
cf-ray: 83fda8c66c4436fa-YYZ

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 256 B
526 B 59ms
56ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 28 Nov 2033 06:40:28 GMT
date: Wed, 03 Jan 2024 19:30:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2897429
cf-polished: origSize=757
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 256
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Nov 2023 19:06:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000, public
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
cf-ray: 83fda8c67dbc39cc-YYZ
trace-id: c56c8a9d2b91b18b
servershortname

GET
H/1.1 200
OK gsg-fd Show response
web2.production.gyantts.com/api/ui-components/call-to-action-button/get-config/ 1 KB
2 KB 42ms
41ms XHR
application/json 54.208.238.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/ui-components/call-to-action-button/get-config/gsg-fd

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.208.238.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-238-152.compute-1.amazonaws.com

Software

Resource Hash

b199108760cb230494d05e4092c78ec953778a8dbf2db685674f3c3ed1d9b5e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:30:57 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-DNS-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"5b0-uXqelTqarAvwML5865HqGqztXKU"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK gsg-fd Show response
web2.production.gyantts.com/api/ui-components/collapsed-widget/get-config/en_US/ 2 B
1 KB 81ms
41ms XHR
application/json 54.208.238.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/ui-components/collapsed-widget/get-config/en_US/gsg-fd?path=/patient-care/patients-and-visitors/billing-and-insurance/refunds

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.208.238.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-238-152.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:30:57 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK gsg-fd Show response
web2.production.gyantts.com/api/ui-components/dismiss-button/get-config/ 2 B
1 KB 122ms
43ms XHR
application/json 54.208.238.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/ui-components/dismiss-button/get-config/gsg-fd

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.208.238.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-238-152.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:30:57 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK gsg-fd Show response
web2.production.gyantts.com/api/ui-components/minimize-button/get-config/ 2 B
1 KB 125ms
45ms XHR
application/json 54.208.238.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/ui-components/minimize-button/get-config/gsg-fd

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.208.238.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-238-152.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:30:57 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK rev-gsg-icon-chat-expand.png
s3.amazonaws.com/assets.gyant.com/widget/client/gsg-cv/ 7 KB
8 KB 546ms
60ms Image
image/png 16.182.32.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.gyant.com/widget/client/gsg-cv/rev-gsg-icon-chat-expand.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.32.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 433ebd503a63c55507bb6a79f25af5d8451a28a45fd0f97dccf94be1b8a6d575

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:30:59 GMT
Last-Modified: Wed, 29 Jul 2020 21:22:48 GMT
Server: AmazonS3
x-amz-request-id: 6HHBQFDPW82VJC4Q
ETag: "b075781baeae16b29c9bffe0d63d4391"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7358
x-amz-id-2: Co2ojf8m/I/mnndFAQZ+UiHTjeKNmsyb+xjoGpx81MJ++r4fcHFada8RtyBXJjQocn2SoCsdZk8=

GET
H/1.1 200
OK fonts.css
s3.amazonaws.com/assets.gyant.com/fonts/ Frame DD10 39 KB
39 KB 459ms
55ms Stylesheet
text/css 16.182.32.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.gyant.com/fonts/fonts.css
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.32.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b0b24151bff0d2688cdb4f3658018f0e3d6e332b361e1ef86319c547e1b08aa8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:30:59 GMT
Last-Modified: Mon, 30 Oct 2023 14:23:28 GMT
Server: AmazonS3
x-amz-request-id: 6HH497NP23HS9Q9R
ETag: "6dd610a4985702e71d87ed4523d3bc28"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 39598
x-amz-id-2: 0DE050QwL3oUeCHqVNqh9r9bOOPvTRmih63xTKgYD4SbvtA1oLKhdg/cxgy++bHOQsQhAEwxW6A=

POST
H/1.1 200
OK event-anonymous Show response
web2.production.gyantts.com/api/ 13 B
1 KB 51ms
50ms XHR
application/json 54.208.238.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/event-anonymous

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.208.238.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-238-152.compute-1.amazonaws.com

Software

Resource Hash

aa3d21398252adb9f16b5208884b4da22eec9f2019a0139b114a61f178396794

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.geisinger.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Jan 2024 19:30:57 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 13
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"d-tmlXfosdqikrv1KGglx6BWCx0JQ"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

OPTIONS
H/1.1 204
No Content event-anonymous
web2.production.gyantts.com/api/ Frame 0
0 36ms
36ms Preflight 54.208.238.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/event-anonymous

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.208.238.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-238-152.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geisinger.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Date: Wed, 03 Jan 2024 19:30:57 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

GET
H2 200 common.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ 256 KB
57 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC8h_Tsvt5Tvu31fVAFMdIdN_MTWAVu3Xc&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.geisinger.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57512
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 15:38:58 GMT

GET util.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/4/util.js

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geisinger.org/	1969-12-31 23:59:59	Name: shell#lang Value: en
.geisinger.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gud0vkcfbbc2s233vjf2awzi
.geisinger.org/	1970-01-21 03:01:10	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: a96944be59ad4107ab96798f8f9adbe5\|False
.geisinger.org/	1970-01-21 02:10:46	Name: mp_b11c800a-cce7-4d52-adc7-f53565625041_perfalytics Value: %7B%22distinct_id%22%3A%20%2218cd0ceb2d52fc-0e38c773023c22-6b3d5753-1d4c00-18cd0ceb2d6395%22%2C%22%24device_id%22%3A%20%2218cd0ceb2d52fc-0e38c773023c22-6b3d5753-1d4c00-18cd0ceb2d6395%22%2C%22%24pageview_id%22%3A%20%2218cd0ceb2db42d-0c35475b5c9139-6b3d5753-1d4c00-18cd0ceb2de128%22%2C%22__last_event_time%22%3A%201704310256353%2C%22%24session_id%22%3A%20%2218cd0ceb2e147-05efe42fc4ca04-6b3d5753-1d4c00-18cd0ceb2e2150%22%2C%22__first_pageview_in_session_has_occurred%22%3A%20true%2C%22__initial_utm_props_set%22%3A%20true%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__first_pageview_occurred%22%3A%20true%2C%22__last_pageview_time%22%3A%201704310256370%7D
.geisinger.org/	1970-01-21 03:01:10	Name: _evga_5983 Value: {%22uuid%22:%2206f3148a1e5371c2%22}
.geisinger.org/	1970-01-21 03:01:10	Name: _sfid_4e70 Value: {%22anonymousId%22:%2206f3148a1e5371c2%22%2C%22consents%22:[]}
geisingersystemservices.us-6.evergage.com/	1970-01-20 17:35:15	Name: AWSALBTGCORS Value: LtSPlySUeP3qR1i43GHtaZpkTd16Lu8dQ+vXjJX4UNznhgSRazJwBkegLqvI5KlS4tghxH5YvFVJye/yWlTlYm1srtOBqzGp0l7LAvbE/Cy5E6eKc8lRNbQ4i02U7czl2FTfQ8I8pWQA4kdV3zOzUTOgL6ExkcbUFHGuxgZZL3TGhMQc3hM=
.geisinger.org/	1970-01-21 03:01:10	Name: nmstat Value: de2174e0-6322-e6c7-be0e-e24701041554
25298.global.siteimproveanalytics.io/	1970-01-20 17:35:15	Name: AWSALBCORS Value: prnh4IsvN/tNK48RvloQQ1lmfGbUP7We23+8XHWGoh6qDxjSyfpkeDSn3+5tnkWPxVS+xym0Bxa0Zt04KEKw0+yBZzdCEMV5amx36T0eLJBQtPh9syJqSxZRyWoy

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.geisinger.org/assets/og/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25298.global.siteimproveanalytics.io
api.perfalytics.com
cdn.evgnet.com
geisingersystemservices.us-6.evergage.com
maps.googleapis.com
perfalytics.com
s3.amazonaws.com
siteimproveanalytics.com
siteintercept.qualtrics.com
web2.production.gyantts.com
www.geisinger.org
www.googletagmanager.com
zn9zfoerjle9liix4-geisinger.siteintercept.qualtrics.com
maps.googleapis.com
104.17.208.240
104.17.209.240
13.225.214.122
13.226.34.4
151.101.192.114
159.240.9.177
16.182.32.248
2606:4700:e4::ac40:a112
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::200a
34.194.104.64
44.215.6.117
54.208.238.152
0181401e4271d4285072bb07c53fae6202df9c9b462cb45be53bde593e112bbc
04ca851275e7b0e380319237d9ab69cb9427a0cdeeb486c4b6709c3ea5c99055
0a322e0aaf3f898de1d64ad35366b8eea3e5246e05195df48f36138dc0103a25
105d9ff1ba9da787639341cf61ab6bcdab0275d79f51e3d688a0198fdc99e98e
16c53aefddac552064c16c5f74c9f892dfe9900f695a9db39a8e0281918bdb5d
173eea29380df57b4b6ce821beb0ba1119f481f0af496b1c578d2918cf6a85e6
18b6950257b6495aaa5ed01184ca60fa0ac0517c57fab17a395e2f2a657d1f0a
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1eaa61116a44b60d15c87e58db63270223e677db1d546e128906d77d11c8a572
224085d1bc12e368cada479e637bb39c05bdc772ee3143c5a904a66c2c578496
23dbce1060213b3e377d516124d4aac1ed841ef1587ce4d4400b9779529bdff3
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
28cfdf42dd5d5324691bce677ca2e20e533948ec4dcfe8a6fa1b187c7c52b0b8
2a38fffccd987c6a67246c5d2ad2c30a618dd22c03aa5bf1ba7e3f12f2b9e90d
2d40ea5bdc3fc4ecea71ae0e38bf6d32364ddae4c6629391b2af8ee93a2c9a84
30cb0b25531c791aa130c227715a383aa5dbdff34fe619897e5e598614d54026
3e3646d6e7aaad59404a04a368b1284775d8371afbbf883d83cfdefd33cfe3f9
433ebd503a63c55507bb6a79f25af5d8451a28a45fd0f97dccf94be1b8a6d575
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48bd0260ea996e846e98184158b649d754b6bd6711b9d29562b80a4a5f9f6e49
4b89c49562fa6d101763494bed0563ad7b8b9491044e02a1b5115ca882f64bdb
4dd246d6240a7d156830950a9bbee2121c5e62fdb76dd84d82d838fbf143cc5d
4f95dd65c67802769dc9a637ea8ac8c386641e54cb591b1480ab0d1f31c150bc
55054dcedfeacfa6740438956a10cb1c7a8acfcdc642ea9cf91131ca4b93f3a4
58d0fcdda9187ec26a3b06c06be441c4f0fd5a5123bec70a02e3ad0ccd68f529
5a5a050b47423ad924db11f4385182a767753d25b22ace37338c4ef2e1199ee6
5edd6e56512d9c5687c469f597509c82a633ba3f30cc7ce7291e6a9873579aaa
5f9414fd742a352ebb723908b7510c214b551719f5f53b6291f6f4970f11c4e0
680fcd85850906013938750127753f37f17bf6c45b49e7a58a5ade0fd0e84377
6eaf930c7d6415c155f55c5097fcfa244cc671f63c15392952a91246084f66ba
756553b207ce7622b839f2551db4bd3b255ea778ba21bb4a452b3f36850fa054
768ca90ee723471095ebb9ded0a7b950c2f9f85b71e0c936528419ecb39e3bc7
79333fd4412ff430f7fa04b77d64a0e14296822795922d890f03f82ec17b9668
81c45d631bf8812499616c3f4459a51345e92a45a1b81b1b76960eee4ddb6844
867dfc01b3dd04fb78e93031e57244b67a17a2be5bdb8740dd64caf010380d3e
8cf8e62a4e15a33c9369547ca97cb313307b2e99169f9714f9a5c15e27fd3ba8
92aee36cfd7633614311abde3c9126786ab13b21151da97f07cafa07b269f583
975e7d3428b3e726c4778c981c0c95a460f1f0441d4e11501d9b3bc996045f30
9d9fe7f1e3315c26ac02152c8259b32565b1706dd8758844d1badb594464adf1
9db80f0225d5257b5ef7dd35fb4f6df8cf8d06bb37bde41848ecbe7a0933f908
9f556ab44b479f0a3a523f0ba3176ef69ad6ca7d3591a896e63e3a0e7282444c
a3cc6d4a106edd62408c642b18cf48e3e321c3d5a468038ef4985e336d2704fe
a49c27cfb013afc63fc164e6187893234d7eddb4dbb747e2862b483d0fa66bd1
a96345c176e257ed6581fb09ee2e9ea3ff6c91ad51996ba2090171e5f948963e
aa3d21398252adb9f16b5208884b4da22eec9f2019a0139b114a61f178396794
ab03496ae765e11b47614b454887cb674f1061f3916584f1fd943772eb05a6cf
afd19506baebac4ca5b43223434da2870dfb951649ee0c8c34f8b2dd45d158da
b0b24151bff0d2688cdb4f3658018f0e3d6e332b361e1ef86319c547e1b08aa8
b199108760cb230494d05e4092c78ec953778a8dbf2db685674f3c3ed1d9b5e5
b5a727ae0d84f06e20441d6d1a5e104a761f466c3820502781ded1033f18fc89
c60f54944d6d4d0c614be1ee556e5a344caf76b879ea989afc41ef3bfd4ddaf2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb1132facbecfd46818064a4c0a39da440074ea81f9717c2929529f68b9fb4fd
d6bcec4a6c28827cd1423b7720078ca5df25b38edccea0f0f8ab4750de41c5fb
d967303261f2fb14eef5b95f2b4bb6a3ae0294b0a15a2b5ebe2cd6e6d31cf064
da883507f013cb43f1aac56110531d914dd5120d79512aaa12c11be80c66f6ae
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6daab0a259d8aa78c9dbbabae1fd23df2100e5c69524532b914994af19da691
e7e98ffc835b914da27436cc8c0acfb40850ec567503addde6bfa8f5c57d2e5d
e92e4432090d41a6444853dfc63091062a38ce4bea2fd35efa8f394c66a3f2f7
ebab9b58fe5bfc97c97757ae76ec2416caf147b120c2d843c9b62bc04deff877
f12847a6d4fde42d774afb2d17508ffe55c40f3f26494eb874630cf0d2f387cc
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f543f2ce21aa28f7ba71f282721c6de45e56f60045e0b6a820a4b6e49e8ca43c
fcdbc10424b62f485820d3a06df6afc446722154635368190882da9b3c3d12ad

www.geisinger.org Open in urlscan Pro 159.240.9.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

23 %IPv6

11 Domains

13 Subdomains

14 IPs

2 Countries

1388 kBTransfer

4627 kBSize

9 Cookies

15 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.geisinger.org Open in urlscan Pro
159.240.9.177 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

23 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

1388 kB
Transfer

4627 kB
Size

9
Cookies

73 HTTP transactions
0 data transactions