by-pay.net Open in urlscan Pro
172.67.182.24  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg HTTP 301
• https://www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg

Request Chain 35

• https://cm.everesttech.net/cm/dd?d_uuid=02534986524407415031343966301154567944 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh7L6AAAAI21ZQOJ

Request Chain 85

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1898745%26time%3D1713294312520%26li_adsId%3D4430dffe-59ab-4928-9661-aaf9a80525ac%26url%3Dhttps%253A%252F%252Fby-pay.net%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQKbEAnEagPsmgAAAY7oTIX9L0tLPuA_2NwPeu1kIaTCiPWljdECAL99UdFNYgqSIilXcs-MXO9r97Weczc6uSbydsqU

Request Chain 86

• https://11690551.fls.doubleclick.net/activityi;src=11690551;type=optmbz;cat=globa0;ord=2604356491513;npa=1;auiddc=746975043.1713294312;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44f0v9135076373za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fby-pay.net%2F HTTP 302
• https://11690551.fls.doubleclick.net/activityi;dc_pre=CMe6mte2x4UDFXBhHgIdcsQKRA;src=11690551;type=optmbz;cat=globa0;ord=2604356491513;npa=1;auiddc=746975043.1713294312;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44f0v9135076373za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fby-pay.net%2F

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response by-pay.net/	112 KB 22 KB	135ms 56ms	Document text/html	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03924d3fec77196d478d1f28aae8905471acdd3179bf2bf413f32c5609cd489c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 875672058da21ca9-FRA content-encoding br content-type text/html;charset=UTF-8 date Tue, 16 Apr 2024 19:05:11 GMT last-modified Tue, 16 Apr 2024 17:24:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYssxMBY7Lm8ZUUgyl7eZnzQf%2BEhkEopnS7%2BRsqYjRRJKI1nQdY8WnFa3UBGkIMj6ZP7%2BPgp%2FiHlKgvQzk6IGC6SgWsJVAGNaxS61B4EpT16Y4ZkwH60uqeMLZLY"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Show response by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/	255 KB 85 KB	108ms 107ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f62bc61a09caddbe2c87c2a4e2f74f8333892209f82f141ee7f4a0b100e52fb Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eu5EzKy3OKTbazNZhE1B4CYx9Fk%2Fp1%2BevDCruxrGRy%2B9mVBRFs67q7ipOtiN%2Bs2xELs%2ByHcS9viardaxu3lrOs%2BcVATr4Y3URUKs6Xvp6hV5QpWHUa8vgRBWmOE%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 87567205ee2c1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	clientlib-polyfills.min.3e8ad2b595e38d9836ecd1e79ae227f9.js Show response by-pay.net/9fc9b7a3/sffadabf1e/43ddea/vwwwowl.guyhlck.pcroxmr/etc.clientlibs/uhcfoundation/clientlibs/	32 KB 12 KB	85ms 83ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/sffadabf1e/43ddea/vwwwowl.guyhlck.pcroxmr/etc.clientlibs/uhcfoundation/clientlibs/clientlib-polyfills.min.3e8ad2b595e38d9836ecd1e79ae227f9.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73219454aee2a1f99cd9de00731df9ff3fb1d4349eceb2a16562271e3d0cca8d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJfHT7%2BOBfuxUBHPxBqpDvA7OqKW6aDbhzn7HUKmVi4ESD%2FG3yDXksdqhV9qGmZydfUzq%2BeDrStdNwdyAN1%2BvGwfFUT3vtrD2Rmxb47Lf36MwrFWJ6PRP%2FVH7pRs"}],"group":"cf-nel","max_age":604800} content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 87567205ee301ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/	226 KB 21 KB	104ms 102ms	Stylesheet text/css	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a41dbc8ef508ba9fe480a2067f7a83a6990f2e0121b77ade04457eb1a156ae5b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uwb0ZLOdsort2uSytLAgwTMTPI5JLHYO5c%2FGsHQ4Vpow9bpgwBv3jOgiBPxC%2BmrIyaX%2FgBDo%2FJa7wyRu3Go0T1Z5AA2VBdnFpgvbDfaGuPJ1Ged7JjI%2FFYZY0Giz"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 87567205ee331ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/	576 KB 51 KB	179ms 177ms	Stylesheet text/css	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5272af53c5c7a89b8ba00218db53a3e7eb7977b25fa3323a3f7ac34bc930572 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTbO8xp3lbqrY3LLHMF54OfmJty9bFQBvSTjSA%2BUh1GEbp8BLtfuz92avzKjN87doLjT9ljTZaSpoT9EVxBFqt4glHp0pFIPrbmr7WZB74KLPR2jZlWCLBryuQ14"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 87567205ee361ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	clientlib-livechat.min.143a6046d1e2182e6a51006e0afd6baf.css by-pay.net/9fc9b7a3/s87/43ddea/cwwwswq.culhgco.qcoopms/etc.clientlibs/uhcfoundation/clientlibs/	1 KB 1 KB	86ms 84ms	Stylesheet text/css	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s87/43ddea/cwwwswq.culhgco.qcoopms/etc.clientlibs/uhcfoundation/clientlibs/clientlib-livechat.min.143a6046d1e2182e6a51006e0afd6baf.css Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efe6705c4be1187ea37cbb36047614f27a19cbf540cea9892f7a15824f99ec6e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pANIpUEr1DG6yFOWUfiK7fZun5R5PcQdDWkIBwCF%2FNIM%2Fb55jUi5ZdfbPmsrM%2BMnkqyKB48XFtkD12kq%2BVD928tG8%2BV8Ez%2FB1LH9W3e2rAdGrOOWG2T1Q1rDuoP"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 87567205ee381ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	launch-5e90c3319557.min.js Show response by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/	540 KB 131 KB	130ms 130ms	Script application/x-javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3391dd1b8b0cd7b5f6b3d36494742d2fe55ee0f234877381cf6567797dea902d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgXaBjrJQi9QU0tkN5%2FgbFbbhDq6CjONF26WudELUILQLpSYlVYmTcNybRcB%2BAbQsLPiz04WiA1AscHUNUoegDlQBkmM3JCs%2B8OJEjEQGo%2FD1Iv%2BULulXA9S5GtV"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin https://assets.adobedtm.com cache-control max-age=14400 cf-ray 875672072fd41ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	header.css by-pay.net/9fc9b7a3/se51757b/43ddea/lwtwywo.juchxcy.lcsohmm/uhccom-api/static/app/v-1.5.0/	157 KB 18 KB	98ms 96ms	Stylesheet text/css	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/se51757b/43ddea/lwtwywo.juchxcy.lcsohmm/uhccom-api/static/app/v-1.5.0/header.css Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd51793be50958889a7449fe136125f22cf519fd16b9280be65d98cdac15b114 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gIrIm5Nt2IR0abSHVkxfMcu49OkWeVPcxRvUXF%2BUiOrJ97BvZzWxosRfBDD%2F5dIm1EBb7cJSqNtrzajkRBpN7yv03ZST9GMT9H6NL0MkNGV8nzmYhNDvaj589IyK"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 87567205ee3a1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	uhc-header-component.parcel.js Show response by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/	945 KB 227 KB	138ms 137ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/uhc-header-component.parcel.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f30542f7650a4a2419c4f18ec15debea61fb13556594705316b482b1d3d90db0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgg2D9d%2F%2BuKbzzu4ifMhU8d%2Fdhg60HzDPB72sSX0%2B6nmXkuqZ4ovmoTGTZ%2BJB0QyZ9a6XYDg8neSkxYfggZs7e%2FhKxw5l5IhiVD%2BubSHArURKcNZ%2F0ZQMXqumz1K"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 87567205ee3b1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	original by-pay.net/9fc9b7a3/s2c26d17ac/43ddea/fwvwlwl.puehzcg.scwodmt/content/dam/uhcdotcom/foundation/images/full-width/short-term-split-hero-img-desktop-1920x725.jpg/jcr:content/renditions/	284 B 668 B	40ms 38ms	Image image/jpeg	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/9fc9b7a3/s2c26d17ac/43ddea/fwvwlwl.puehzcg.scwodmt/content/dam/uhcdotcom/foundation/images/full-width/short-term-split-hero-img-desktop-1920x725.jpg/jcr:content/renditions/original Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c94a6d02a327e442fce70e1accac9a3f1ea754bf01df9965149d4fe8051360dc Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzdFK0Q%2BxAXCl4%2BgRIrsy1ODszGCV7BBCMCz7vqNqllCZUxhPdTcFM6hisO5RO08lJn4hmIblEQkBbWvhbpDwSALY8ZDus7WRiI1Buy4noDIlZ9uQako4pB7mMbC"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cf-ray 87567205ee3c1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	UHOneDataMap-2021-all.js Show response by-pay.net/9fc9b7a3/s6198bda3c6/43ddea/jwewswt.tuphpcr.wcxozmj/content/dam/uhcdotcom/en/js/	8 KB 2 KB	82ms 81ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s6198bda3c6/43ddea/jwewswt.tuphpcr.wcxozmj/content/dam/uhcdotcom/en/js/UHOneDataMap-2021-all.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0bfba68da2ee5b397bd8232c6c1ab0291d9478daf036b83143386be55ec85f1 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPz8U8SIcHa0%2F%2Bl8YiqPgPAHH%2BokwJSMctTWJn%2BDPNvbh0c0SkyQjfJtxNvSYWs0KQoBnPwy1yJM9fHE64aUIEnlpKjyNgfmn1FLlVOGMt2K5PRGqwm8A7%2B7Zyr%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 87567205ee3e1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	tfnUpdate-v3.js Show response by-pay.net/9fc9b7a3/scb93e/43ddea/awlwuwo.mudhlcw.vcdoumd/content/dam/uhcdotcom/en/js/	7 KB 3 KB	74ms 74ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/scb93e/43ddea/awlwuwo.mudhlcw.vcdoumd/content/dam/uhcdotcom/en/js/tfnUpdate-v3.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d431d05327b5a609365ea90d43e8c5fa3ca1f15769fb7ffa22f5e273fd8a71a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0f3JjrO5vRwPRIpR8qHbjUgP8dNhXSyit%2FNUVZIms%2Flk1rDP%2BE8%2Boyb8LgDBDTn0boJ5yvFYpidZEHJ2dDIxirvRkczXNtvN4MRa6lNzqRT9BoCJJMBfF2mZ0uzc"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 875672062e851ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	cq5dam.web.1280.1280.jpeg by-pay.net/9fc9b7a3/sfd84a0/43ddea/jwcwdwe.zuthlcs.ychotmt/content/dam/uhcdotcom/en/Videos/youtube-video-thumbnails/Youtube-q3-9yQ_MKg0-Video-Thumbnail.jpg/_jcr_content/renditions/	284 B 720 B	40ms 40ms	Image image/jpeg	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/9fc9b7a3/sfd84a0/43ddea/jwcwdwe.zuthlcs.ychotmt/content/dam/uhcdotcom/en/Videos/youtube-video-thumbnails/Youtube-q3-9yQ_MKg0-Video-Thumbnail.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c94a6d02a327e442fce70e1accac9a3f1ea754bf01df9965149d4fe8051360dc Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BtV4Yp%2F%2BEwSeFKVkupQplJqp2I%2FY%2BJ%2BLmVBx1r2Og%2FDH75Fzf3X1FbOZrKVZ4p7avmEgu%2BxuFG6j2ty%2FyNggNpzWlBDEjXPRNc2%2Boo9M5y10%2B3ZSNe%2Fqe1igD3T"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 cf-ray 875672067ed11ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	footer.css by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/	24 KB 4 KB	79ms 79ms	Stylesheet text/css	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ddd6d3b5f7554d6ce9881f88f7268040d14a37dff2797199975b01a39719965 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmV%2Br4ZnEaDXceN%2BY9fbdyAZyZ1%2FO3xDthuo91m157PI7qNk7xG1PYBYxl4Ab1yjNIbTXHKGIczxst6jCd5UQUYMumWO42qx9o31zLmQFrdiLRl1Zy0DTqOQxnNP"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 87567206af0a1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	uhc-footer-component.parcel.js Show response by-pay.net/9fc9b7a3/se2a4/43ddea/zwvwjwq.fuvhccj.gcwoamj/uhccom-api/static/app/v-1.3.0/	758 KB 206 KB	151ms 150ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/se2a4/43ddea/zwvwjwq.fuvhccj.gcwoamj/uhccom-api/static/app/v-1.3.0/uhc-footer-component.parcel.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d739d66df8f62ebcba410b522f5dbd7b8ea70e612dacf475efb7a448a2ddd25 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3NoPf%2FuiJy6Wtw8WoiQVTvs%2BR8kjpxUfZhd94pdYvbwW%2BcvqlQpjeNqh9uu1hZxGxkwizH3JZ18z11XJKL6oa9KAiEx%2Fk8CLjdzOCg3AFnn%2FjbE%2FOGK6YVENRXp"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 87567206bf201ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	clientlib-video.min.517c8d13c5a8d4991e78bc79678c6a3b.js Show response by-pay.net/9fc9b7a3/seda980/43ddea/xwlwzwo.muzhycu.xccohmu/etc.clientlibs/uhcfoundation/clientlibs/	61 KB 19 KB	94ms 93ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/seda980/43ddea/xwlwzwo.muzhycu.xccohmu/etc.clientlibs/uhcfoundation/clientlibs/clientlib-video.min.517c8d13c5a8d4991e78bc79678c6a3b.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e78c1ddf06080ddcb313fa288a74e92787efd7acf30137921cad5fbdffbe589b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tn1YgzWdyLnioxherpKrdin%2BqJu8ubEpwX4ECwMktG83TcM5xyMGMi3HqpkVlbs%2F%2F3X3a5apkWuMIJj%2BwDA62OpQHcSA0aOpQBZLUuO0qL4UKjoM6Jm1buuhVhdP"}],"group":"cf-nel","max_age":604800} content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 875672072fd61ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	clientlib-site.min.32a3933d2715fcd63531ab2638b25ec1.js Show response by-pay.net/9fc9b7a3/s505d002/43ddea/bwhwpwc.auohtcm.zchonmo/etc.clientlibs/uhcfoundation/clientlibs/	331 KB 72 KB	127ms 126ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s505d002/43ddea/bwhwpwc.auohtcm.zchonmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.32a3933d2715fcd63531ab2638b25ec1.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11ddb7e6a6ee4b8b6b43a5a29c9b72e178548137ed6748fea1be96205a1081d8 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGf9y11zKojqDTTukJMJAjNzNdAcxc65yqQUJJKpy%2B8Jgy1uhJbG6wg1cv6FaO2b8xoSpXwc7yGTJu6uJd1mFrOWUBkGCeR%2B3PDu4PYrYlieE%2B1Xq%2Ff%2BKnKxcwbh"}],"group":"cf-nel","max_age":604800} content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 875672072fd71ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	5.1.0 Show response by-pay.net/9fc9b7a3/s04142/43ddea/eionnsutxacnnts.hpcafgfez/	3 KB 1 KB	90ms 89ms	Script text/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s04142/43ddea/eionnsutxacnnts.hpcafgfez/5.1.0 Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jEXpQvV5mvnnI6m%2BJlcLCY2mD2WRASa6M64u5CjhjpvqAhXQUpPTdwCRYN9QiFWYwPbGRuQCQvIrMOkZnpsvtJffbraRScZBnXp055Ah2feyQW849N5YynYcSOlK"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 access-control-allow-origin * cf-ray 875672060e561ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	clientlib-livechat.min.97c708380f6c61c536c9dfcf828a40f0.js Show response by-pay.net/9fc9b7a3/sda050d1b/43ddea/rwcwvwq.puyhtcm.qcnovmg/etc.clientlibs/uhcfoundation/clientlibs/	16 KB 5 KB	94ms 93ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/sda050d1b/43ddea/rwcwvwq.puyhtcm.qcnovmg/etc.clientlibs/uhcfoundation/clientlibs/clientlib-livechat.min.97c708380f6c61c536c9dfcf828a40f0.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12f94db72716b7018bcab3aee60b0615800b609a51d0a092af7a82b9fb37d1ac Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOtJOasZOj%2FiO8w0HMlCAz12KwT92mR6gJLk%2FXThrUnay2At8jm5Gl8uAesbxe9oIr%2F46C4tcRo6eDXQHaX%2B9J8knmGFhwwDi0ODJG6mS8tPxpY7VVU5SC6n84%2FA"}],"group":"cf-nel","max_age":604800} content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 875672072fde1ca9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	navigation.svg Show response abyss-cloud.uhg.com/cdn/assets/material/icons/filled/	14 KB 4 KB	72ms 19ms	Fetch image/svg+xml	2600:9000:2670:ba00:b:8b8c:d40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://abyss-cloud.uhg.com/cdn/assets/material/icons/filled/navigation.svg Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/uhc-header-component.parcel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2670:ba00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 289a595fa4ed4be7e2a77b798da77a47120abfa69f39b93b72e9b783e651f8b1 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 00:45:22 GMT content-encoding br via 1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront) last-modified Wed, 10 Apr 2024 22:27:26 GMT server AmazonS3 age 497990 x-amz-cf-pop FRA56-P9 etag W/"25a1a584adae848979f55678ce6654b0" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000,public,must-revalidate x-amz-cf-id Jjrs9FtrcksYpXCJccfreyUw-vndCwOsL5jByHiapL8zf8Y5d8W0ug==
GET H2	200	action.svg Show response abyss-cloud.uhg.com/cdn/assets/material/icons/outlined/	195 KB 51 KB	66ms 13ms	Fetch image/svg+xml	2600:9000:2670:ba00:b:8b8c:d40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://abyss-cloud.uhg.com/cdn/assets/material/icons/outlined/action.svg Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/uhc-header-component.parcel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2670:ba00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c120bf72e021c43d615fc30537b635896cc73a86f7b18f571238b62cf2790811 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 00:45:22 GMT content-encoding br via 1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront) last-modified Wed, 10 Apr 2024 22:27:30 GMT server AmazonS3 age 497990 x-amz-cf-pop FRA56-P9 etag W/"5b89aab78757705e8c5004544a20b036" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000,public,must-revalidate x-amz-cf-id eKKuiCBFqdFW4g2ZNQJLvVun2zPGVWjJSEiFgLq9RGve86AbGnPIgw==
GET H2	200	hardware.svg Show response abyss-cloud.uhg.com/cdn/assets/material/icons/filled/	26 KB 7 KB	65ms 11ms	Fetch image/svg+xml	2600:9000:2670:ba00:b:8b8c:d40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://abyss-cloud.uhg.com/cdn/assets/material/icons/filled/hardware.svg Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/uhc-header-component.parcel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2670:ba00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bf3bdab81ba4c11f3a1d3d3a1af071a128eb284b2fadde4a794c8526e45fd4a6 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 00:45:22 GMT content-encoding br via 1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront) last-modified Wed, 10 Apr 2024 22:27:22 GMT server AmazonS3 age 497990 x-amz-cf-pop FRA56-P9 etag W/"d1727900c04276f0902b8fe486d6ec2c" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000,public,must-revalidate x-amz-cf-id JiEiMYXKLOZUsaBw1xLxeR947lErPKS2fDwb9maUcYSetaS5NbCTLQ==
GET H3	200	U-mark-blue.svg by-pay.net/content/dam/uhcdotcom/website-assets/	427 B 710 B	41ms 41ms	Image image/svg+xml	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/content/dam/uhcdotcom/website-assets/U-mark-blue.svg Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90rMbVFuK16b6cAsNuIoVmQn8h3OL7JZat%2FQu9Mq23o5flpgPVvhB6PXU92YLdChWXFlblO3b%2FsUp0KpwNSfTuYhqV0tk4leYlyGgr0jtQXxyERYjvSKVUTOA0wA"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 87567207f8ca1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	search%201.svg by-pay.net/content/dam/uhcstore/	427 B 715 B	50ms 49ms	Image image/svg+xml	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/content/dam/uhcstore/search%201.svg Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DURELYpAjtxkPAfq6kQZn6GTHqawOWCOkRusX%2BcIAqpMQH%2FRR%2F4%2BNc2HSBOQ6jbaFV3RTUWom6KzJhNc0Z6nYusuBVGoWJOLO5kKL0uwBIwoJXgZNkqGkT8yhk13"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 87567207f8cb1ca9-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	doc.gif 164773174ba1.o3n.io/files/x11o4txpj3p2mvm7e70ugynn2/	43 B 183 B	2431ms 105ms	Image image/gif	34.203.47.152 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://164773174ba1.o3n.io/files/x11o4txpj3p2mvm7e70ugynn2/doc.gif?l=https://by-pay.net/&r= Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.47.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-47-152.compute-1.amazonaws.com Software nginx / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 19:05:14 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	image.gif hub.uhg-monarchhealthcare.com/content/x11o4txpj3p2mvm7e70ugynn2/	43 B 183 B	347ms 112ms	Image image/gif	34.203.47.152 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://hub.uhg-monarchhealthcare.com/content/x11o4txpj3p2mvm7e70ugynn2/image.gif?l=https://by-pay.net/&r= Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.47.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-47-152.compute-1.amazonaws.com Software nginx / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 19:05:12 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	uhc-wordmark-stacked-white-01.svg www.uhc.com/content/dam/uhcdotcom/website-assets/ Redirect Chain https://uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg https://www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg	6 KB 2 KB	115ms 14ms	Image image/svg+xml	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/48DF) / Resource Hash 357090e2f9d750e56fb2dde346e4127d042017e56d1d141ae640d50d4b65b7ce Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://by-pay.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers x-dispatcher dispatcher3eastus2-28515848 date Tue, 16 Apr 2024 19:05:12 GMT content-encoding gzip x-content-type-options nosniff age 396376 x-vhost uhccom-publish x-cache HIT content-disposition inline content-length 1890 last-modified Wed, 13 Sep 2023 17:41:45 GMT server ECAcc (ama/48DF) etag "19a6-6054112b30840-gzip" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes expires Thu, 16 May 2024 19:05:12 GMT Redirect headers Location https://www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg Date Tue, 16 Apr 2024 19:05:12 GMT Server Microsoft-Azure-Application-Gateway/v2 Connection keep-alive Content-Length 195 Content-Type text/html
POST H2	202	rum Show response browser-intake-datadoghq.com/api/v2/	53 B 344 B	447ms 229ms	Fetch application/json	2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=2562f6b9-3194-4788-a726-40eb9ea637f7&batch_time=1713294311807 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash 0d774d4e6cc6e64ba00ce785411f94972966730304f93ac2259aa3c39313949a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 16 Apr 2024 19:05:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id 2562f6b9-3194-4788-a726-40eb9ea637f7
GET		tag.js lptag.liveperson.net/tag/	0 0
GET H2	200	id Show response dpm.demdex.net/	965 B 1 KB	113ms 37ms	XHR application/json	52.16.115.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1713294311847 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.16.115.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-115-188.eu-west-1.compute.amazonaws.com Software / Resource Hash ede893c8c73eaab6297d2c8a9312f9896aaf0aef32fba2e20ae8eb526e4d79f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers dcs dcs-prod-irl1-1-v060-0d2f7c4c7.edge-irl1.demdex.com 7 ms pragma no-cache date Tue, 16 Apr 2024 19:05:11 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-tid Vsxi+jkKT6M= vary Origin content-type application/json;charset=utf-8 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" access-control-allow-origin https://by-pay.net cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private access-control-allow-credentials true content-length 559 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/	34 KB 12 KB	72ms 42ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding gzip last-modified Thu, 22 Sep 2022 16:16:49 GMT server AkamaiNetStorage etag "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://by-pay.net cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12384 expires Tue, 16 Apr 2024 20:05:11 GMT
GET H3	200	floodlight-v2.js Show response by-pay.net/content/dam/uhcdotcom/en/js/	9 KB 4 KB	133ms 133ms	Script application/javascript	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/content/dam/uhcdotcom/en/js/floodlight-v2.js Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d02266586567d3889ef80ab66eae3f377deaab9bb42ba209e8fb7e9890371458 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Apr 2024 03:18:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZL0SaT%2BNrrTiFcRQ1z%2FIY9mSmdN%2FMf45w9ldM3RtvFj4nkRd3BJSbk%2B3fm59%2FlZ2Wqng0Djpz04LNyxEqhjKmOdegiiLrWvWlO2%2F22BFmdqDfTfXM3FRRHX1lEw"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 875672095a7b1ca9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	RCebd108586b254f4c8ef8b35548df3d40-source.min.js Show response assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/	577 B 581 B	48ms 48ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RCebd108586b254f4c8ef8b35548df3d40-source.min.js Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 3a23de60518bafc0bdd564e4786bdca3a5e09ccfe07c7e88ded7bd819c1444a3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding gzip last-modified Tue, 16 Apr 2024 09:11:49 GMT server AkamaiNetStorage etag "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://by-pay.net cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 328 expires Tue, 16 Apr 2024 20:05:11 GMT
GET H2	200	RC8713f7b607ec4b7e8bc1f65beb22a231-source.min.js Show response assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/	480 B 537 B	31ms 31ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RC8713f7b607ec4b7e8bc1f65beb22a231-source.min.js Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 3fb3695cab709c4f65560c366fe1b1e14a76434827b534e386626d380c195b89 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding gzip last-modified Tue, 16 Apr 2024 09:11:49 GMT server AkamaiNetStorage etag "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://by-pay.net cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 284 expires Tue, 16 Apr 2024 20:05:11 GMT
GET H2	200	RC866574c7cf164bff835f84c1c8202384-source.min.js Show response assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/	974 B 762 B	77ms 76ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RC866574c7cf164bff835f84c1c8202384-source.min.js Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 97b974eb76c9d1a208f20fa334f8ced00b70a6b61ce967ccb5627fa83b28bc03 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:11 GMT content-encoding gzip last-modified Tue, 16 Apr 2024 09:11:49 GMT server AkamaiNetStorage etag "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://by-pay.net cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 509 expires Tue, 16 Apr 2024 20:05:11 GMT
GET H2	200	dest5.html unitedhealthgroup.demdex.net/ Frame 4993	0 0	118ms 30ms	Document text/html	18.200.225.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.200.225.135 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-200-225-135.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://by-pay.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip content-type text/html;charset=UTF-8 date Tue, 16 Apr 2024 19:05:12 GMT dcs dcs-prod-irl1-2-v060-0c1dab532.edge-irl1.demdex.com 0 ms expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Tue, 9 Apr 2024 12:54:49 GMT p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary accept-encoding x-tid 2HNvz2vsSvw=
GET H2	200	ibs:dpid=411&dpuuid=Zh7L6AAAAI21ZQOJ dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=02534986524407415031343966301154567944 https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh7L6AAAAI21ZQOJ	42 B 718 B	33ms 33ms	Image image/gif	52.16.115.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh7L6AAAAI21ZQOJ Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Server 52.16.115.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-115-188.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://by-pay.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v060-055b1481a.edge-irl1.demdex.com 2 ms pragma no-cache date Tue, 16 Apr 2024 19:05:12 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid W9ORN/OkRXY= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh7L6AAAAI21ZQOJ Date Tue, 16 Apr 2024 19:05:12 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response starget.uhc.com/rest/v1/	360 B 844 B	196ms 70ms	XHR application/json	66.235.152.225 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://starget.uhc.com/rest/v1/delivery?client=unitedhealthgroup&sessionId=0da568ca4a7144c38f16c7fc1e945b77&version=2.10.0 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.235.152.225 , United States, ASN15224 (OMNITURE, US), Reverse DNS ip-66-235-152-225.data.adobedc.net Software jag / Resource Hash 22d47e19504163bf3a4c999145ff29e391e767a10e60898da06a07c9071d41d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List server jag x-content-type-options nosniff vary origin,access-control-request-method,access-control-request-headers,accept-encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://by-pay.net cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block x-request-id fb0ae8a3-a26d-4154-8506-517d6203a2ed
GET H2	200	js Show response www.googletagmanager.com/gtag/	202 KB 73 KB	63ms 39ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-8584968 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ee8792b4654b978ecf3673f26bfc81c54acf6052127308db98e2e59f5338d2b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74681 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	194 KB 71 KB	54ms 53ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9549424&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3194adb505ef42cad7852fc9067f3ddf7520405eeb7c043ea4698094d46f580e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72256 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	232 KB 82 KB	33ms 33ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b1ebdca4b13b65a1b3e104819a44fb08290f80f6d14d24eb2dfa10bfbdab578e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83379 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	212 KB 77 KB	43ms 43ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-845491994&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ca1846390dc31b4d025cc05e2723dbf7c5f8227050e48510422390384b9de410 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78598 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 78 KB	43ms 43ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-877013082&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6dfed3522d86dd5e3d3871512301af60504b9cc1e641a16f899cb4e7ea16ba5f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80092 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 78 KB	47ms 47ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-963648696&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1c1e0d96b6a141709c1573bcfea89b144192cc3b74ae13bb8d6c06741df22eb0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80253 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	207 KB 75 KB	37ms 37ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1002783284&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 370d163ba061a9509070126eb85ee3c50f95861ef874fc4a26e85f7ed6706687 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77175 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	207 KB 75 KB	45ms 45ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1031996425&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4238d83b12ef47a276036554a2ff7d27546ba074ec50ab73d13c9dc7315e3fb6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77178 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	162 KB 61 KB	40ms 40ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1035216045&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f8bf9319361e2871940b25dfa3a7cfb99e1c1b4aaf39ee9e52f613f09d42a78a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62649 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	161 KB 61 KB	62ms 62ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1066495647&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0b80a2825506b6f3386d468fdcf1c2f6ee34cf016eed86e219066d0030d0d9cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62668 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	161 KB 61 KB	56ms 56ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1067173439&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 19608b4751cd1834c5f1ffdc9275725c7ec621b244e4e6ece2c4f6ac592ca2b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62669 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 78 KB	82ms 82ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-801664645&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 39d85932b9432841da90690a31cd587aaf9605422295877a67ebc75d891c4e0d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80076 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	277 KB 94 KB	69ms 69ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-HZQWR2GYM4&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ca62ba456a09e6848a79d6e685fbd7fcc7be0d6ae54684d66642a3425cb5fa5e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96536 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	271 KB 88 KB	60ms 60ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10851563334&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2bedd3f15f1a9d43945a1918221394e15ae8a6968ed1bf186b6932dd9598b402 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 90257 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	194 KB 71 KB	57ms 57ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-11726966&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 09e1493e4fe34aae486452888c9b1b08e557bee5bbb13b0f9e39a89ba2ad1b6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72267 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	194 KB 71 KB	55ms 55ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-8560775&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dc1ccfb2e816322f9faa661a24d22f1cc3638dc0bd31e66987c88c0e97149599 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72256 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	202 KB 73 KB	67ms 67ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-11690551&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a512254c5e20169ed5518fdd6917474b15d0934eec18fd2f6a2a3a93d02439ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74549 x-xss-protection 0 last-modified Tue, 16 Apr 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	ytc.js Show response s.yimg.com/wi/	18 KB 7 KB	50ms 14ms	Script application/javascript	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/ytc.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers ats-carp-promotion 1, 1 date Tue, 16 Apr 2024 18:26:29 GMT x-amz-version-id xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW content-encoding gzip strict-transport-security max-age=31536000 x-content-type-options nosniff x-amz-request-id TN8HB4JM5VZ01AN9 age 2324 x-amz-server-side-encryption AES256 content-length 6262 x-amz-id-2 N6S5nlAZzmbzF7MI+ORHUV0t9DVf3WqSIcnBAYX2RF8b/Gn+nU2OEtyDsgjiL8Oqpm2wqD91bgc= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade x-amz-expiration expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle" last-modified Mon, 26 Jun 2023 09:26:35 GMT server ATS etag "5c6ed25dce803fd84288922b8928409e-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type application/javascript cache-control public,max-age=3600 accept-ranges bytes
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	25ms 9ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 16 Apr 2024 19:05:12 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57850 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2765, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug LAhjgiNI5wXnhuEy16BTNqTdxeP+hpQIbI4Q0M98bNpTxYYEMW65wDFhBa8UfwbY+wwar1szOX6irJua/gq76g== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	52ms 33ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 16 Apr 2024 19:05:11 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: EBCCC3FB5E26488A99FBC69CF23695BC Ref B: FRAEDGE1221 Ref C: 2024-04-16T19:05:12Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	48 KB 17 KB	53ms 14ms	Script application/javascript	2a02:26f0:3500:16::215:1489 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1489 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Apr 2024 07:42:51 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=63052 accept-ranges bytes content-length 17238
GET H2	200	detector-dom.min.js Show response cdn.gbqofs.com/uhg/uhc/p/	503 KB 151 KB	50ms 19ms	Script application/javascript	2606:4700::6812:190d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gbqofs.com/uhg/uhc/p/detector-dom.min.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38dafa695dca28bd8f21b9f612b4c5dd20b3161dc3b464b3d6724b0912092221 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT x-amz-version-id VkyS8rR.ovZSitZAG.br0KVSpkpB69LV content-encoding gzip cf-cache-status HIT via 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 2137 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Tue, 16 Apr 2024 18:00:56 GMT server cloudflare etag W/"54edd75b9ad953a0e161e92daf2748ab" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 8756720b8ceb366b-FRA x-amz-cf-id qeLqpypxyFXiIRuW88Uz1FbmYB_YZBlnPvQD6Qac9r4IAnnjhwkAdQ== expires Tue, 16 Apr 2024 23:05:12 GMT
GET H2	200	wrapper.js Show response universal.iperceptions.com/	9 KB 4 KB	89ms 9ms	Script application/javascript	2600:9000:225e:f200:8:e7ba:7440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://universal.iperceptions.com/wrapper.js Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:f200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 16 Apr 2024 19:01:49 GMT content-encoding gzip via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) content-md5 d5YIeO59lrTqhttidyvULA== age 202 x-amz-cf-pop FRA60-P4 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-ms-lease-status unlocked last-modified Mon, 22 Mar 2021 18:02:49 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 1176322e-701e-0005-2030-901db7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-amz-cf-id 3HWPZ-PqE60d6k5WciSgoEgtEjikZoQUlaeobHbk8JgblUvlr2vY0Q==
GET		pixel.png analytics1.ninahale.net/	0 0
POST H2	202	rum Show response browser-intake-datadoghq.com/api/v2/	53 B 343 B	146ms 144ms	Fetch application/json	2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=96acec4c-12bf-49fa-a91e-15d038540671&batch_time=1713294312222 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash c89dee91d1799de3b47d287fac1b1439869ffd71a3d9530bc588cbddf1dccecb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 16 Apr 2024 19:05:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id 96acec4c-12bf-49fa-a91e-15d038540671
GET H2	200	1231592023559249 Show response connect.facebook.net/signals/config/	121 KB 25 KB	178ms 171ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1231592023559249?v=2.9.153&r=stable&domain=by-pay.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bafa7761b5d761ac184e6061ba9eee91669811cd321d0d08e04f3a830754c8ba Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 16 Apr 2024 19:05:12 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63138, tp=-1, tpl=-1, uplat=165, ullat=0 pragma public x-fb-debug rtcXqlqRau9bSv3YwQF0QxEGdIv7JIDsNMmGVxN7odSDBaSeKGcFlvucEYWKwVXPUiBaMo19vESKEBi26Ed3ZA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	28088867.js Show response bat.bing.com/p/action/	0 117 B	34ms 33ms	Script text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/28088867.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 16 Apr 2024 19:05:11 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6991C78CD9494EDFBF6552ADBC74E0AE Ref B: FRAEDGE1221 Ref C: 2024-04-16T19:05:12Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 284 B	36ms 36ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=28088867&Ver=2&mid=a1d65956-2d02-4d90-ae87-f111839db7d6&sid=40517a30fc2411ee82a6a3a3b6bec6ea&vid=40519dc0fc2411ee9eb68d2fac2f37b5&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Short%20term%20health%20insurance%20%7C%20UnitedHealthcare%20How%20Many%20Uninsured%20Are%20in%20the%20Coverage%20Gap%20and%20How%20Many.&p=https%3A%2F%2Fby-pay.net%2F&r=&lt=588&evt=pageLoad&sv=1&rn=29070 Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 Apr 2024 19:05:11 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0311311FFFF94676A023AEF2F3721FCA Ref B: FRAEDGE1221 Ref C: 2024-04-16T19:05:12Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	148007063.js Show response bat.bing.com/p/action/	0 117 B	34ms 33ms	Script text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/148007063.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 16 Apr 2024 19:05:11 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 014E7939F6DF47C5BDB530D77D8459D0 Ref B: FRAEDGE1221 Ref C: 2024-04-16T19:05:12Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 228 B	37ms 36ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=148007063&Ver=2&mid=333dcc78-f0b8-414a-8866-c822636a4dc4&sid=40517a30fc2411ee82a6a3a3b6bec6ea&vid=40519dc0fc2411ee9eb68d2fac2f37b5&vids=0&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Short%20term%20health%20insurance%20%7C%20UnitedHealthcare%20How%20Many%20Uninsured%20Are%20in%20the%20Coverage%20Gap%20and%20How%20Many.&p=https%3A%2F%2Fby-pay.net%2F&r=&lt=588&evt=pageLoad&sv=1&rn=285218 Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 Apr 2024 19:05:11 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F6945D8BEC234699890D44D9CF63796F Ref B: FRAEDGE1221 Ref C: 2024-04-16T19:05:12Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	10059574.json Show response s.yimg.com/wi/config/	46 B 675 B	145ms 118ms	XHR application/json	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/config/10059574.json Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 9ad9798c8040a3bbdd97e81527d830f03a1e7218a28ed908282c467272ecb419 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:13 GMT x-amz-version-id LmmS8hw7Ndk48F9u2G4uRbvKYKu8RrAq x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-request-id FWGWG53239A0MCFT age 0 x-amz-server-side-encryption AES256 content-length 46 x-amz-id-2 pUp7K26nfo3585T/02CUeUDFGnWi3YyTS9QjMJwaBwGxxhLiiJeDxNuYCKFXta65r7cZ32r+Zuo= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade x-amz-expiration expiry-date="Thu, 22 May 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle" last-modified Tue, 16 Apr 2024 18:40:24 GMT server ATS etag "aaffcae5d37f1f2b1f04f043482f2168" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method access-control-allow-methods GET content-type application/json access-control-allow-origin * accept-ranges bytes
POST H2	202	rum Show response browser-intake-datadoghq.com/api/v2/	53 B 343 B	105ms 104ms	Fetch application/json	2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=3ac3fc6e-1706-475f-8c07-b237c1397abd&batch_time=1713294312435 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash b900e3599931b27d43fa1977698e5c582c09d4ce5bd1c2f8c608f764806d4603 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 16 Apr 2024 19:05:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id 3ac3fc6e-1706-475f-8c07-b237c1397abd
GET H3	200	path.svg by-pay.net/9fc9b7a3/s9315e1c2/43ddea/ewrwowt.jughncf.ocuokmu/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/	427 B 716 B	43ms 43ms	Image image/svg+xml	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/9fc9b7a3/s9315e1c2/43ddea/ewrwowt.jughncf.ocuokmu/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/path.svg Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdJpsMZvKmWbBQr%2FNON3%2BiBwr5JDi%2FTfAVVaujFWjc2UusUO50%2FuIyd3vF%2BX%2BT5gePoOnyaxsvUzbNkm%2BXjcqY59AAEpU7gZ6bIQFZreTZMh0377Eb6%2FsbIQ8pmp"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8756720cce671ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	UHCSans-Medium.woff2 by-pay.net/9fc9b7a3/s0af2abc0/43ddea/balbqyzsxsj-jczlrokusds.euahpch.qcfoomp/cdn/assets/uhc/fonts/UHCSans/	43 KB 43 KB	86ms 85ms	Font font/woff2	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s0af2abc0/43ddea/balbqyzsxsj-jczlrokusds.euahpch.qcfoomp/cdn/assets/uhc/fonts/UHCSans/UHCSans-Medium.woff2 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYbIT8N%2BQzg2xFVhIv4%2B5rUei0kri%2B71TlqPRZzZhISQfkRRNYnoBGnpCJhmbqz4Azl%2BREYl1hZ1PV4O3tS68hSg1NEK6vAKIlh3hXlEXqEjv82cDOzHuxvbWLPP"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=14400 cf-ray 8756720ea8b31ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	CTA_internal_digitalblue.svg by-pay.net/9fc9b7a3/s4cb/43ddea/awfwiwf.guwhqci.lcpoamv/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/	427 B 720 B	42ms 42ms	Image image/svg+xml	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/9fc9b7a3/s4cb/43ddea/awfwiwf.guwhqci.lcpoamv/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_internal_digitalblue.svg Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRDUmzEd3tGR%2FY%2Bb8u%2BwUh4qJKzgwLlu79A%2BWdlYOD5XKmW%2FNkgUUgvTnzwMhv3Iz4VEE3uVVuci87%2Ft%2FDnY0kCGN%2FnrxBT13%2F%2BtaXdAaQyx8FTpsXVfPO7bwCW4"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8756720cce6e1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	yt_icon_mono_light.png by-pay.net/9fc9b7a3/sa65de/43ddea/kwiwlwu.kuvhvcc.wcxoomq/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/	68 B 495 B	44ms 44ms	Image image/png	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/9fc9b7a3/sa65de/43ddea/kwiwlwu.kuvhvcc.wcxoomq/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/yt_icon_mono_light.png Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbqDgR4ljxeHkFD7sJBmreSGQjLF1P2PC96Mv1AC%2BYUpbWebqVmxTovXfV%2F0p6rHC3zMHsHWqSuu788TN%2FwuZA8tzRdlcf5TDO%2B72sRFWr%2B8kK%2F%2B%2BFNaK82z040l"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 cf-ray 8756720cce731ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	caret_down_digitalblue.svg by-pay.net/9fc9b7a3/sc0397e/43ddea/cwqwnwl.eufhicj.xckogml/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/	427 B 710 B	45ms 45ms	Image image/svg+xml	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/9fc9b7a3/sc0397e/43ddea/cwqwnwl.eufhicj.xckogml/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/caret_down_digitalblue.svg Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BD4hP0ryq%2FgBgLBlYmQNl0%2FcdRKeOfKoKBhEYn0IqL4r3g6cKknzHu6Oj1OUFn28GlH733Kao88OTKhmE1qWXjdHCpJIYSKcG%2FYJSEGwqAACVu90zn3OpQ7BcL4"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8756720cce751ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	caret_down_darkgrey.svg by-pay.net/9fc9b7a3/sc5/43ddea/ywcwyws.juzhkcn.rcyocmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/	427 B 708 B	39ms 39ms	Image image/svg+xml	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://by-pay.net/9fc9b7a3/sc5/43ddea/ywcwyws.juzhkcn.rcyocmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/caret_down_darkgrey.svg Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9zSjRGNx6URBDy2Kyi1CR5Tn1koa%2FnZQOo1Pvi%2Fk9k4e4iznyho55Cd4YW6coXw8qgSObXIwVUGNGlOZQpcUAuFi9AzS9iFL4tNbLaZnLMjfjBJyPJVG6lGO2B2"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8756720cce781ca9-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	402 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9e464887c464e83310a0a535eeb81db59e153a1ca1a767d12505aab43735cc71 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	UHCSans-Bold.woff2 by-pay.net/9fc9b7a3/s686/43ddea/aaabwymsjsm-wcclroruddr.suwhpcb.dceogmf/cdn/assets/uhc/fonts/UHCSans/	43 KB 43 KB	84ms 82ms	Font font/woff2	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s686/43ddea/aaabwymsjsm-wcclroruddr.suwhpcb.dceogmf/cdn/assets/uhc/fonts/UHCSans/UHCSans-Bold.woff2 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3RewRGuSukMWDHRmWoXqrfFGShcAYlM12aOlXetKz8yOH1JKHhOpJIfaCEOYW1ngl0fCpUfgOm56pZ8AKRRqjDtrJmluqwZTnzV8ilTAKiY5PGmLhlyCrd7AWh2I"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=14400 cf-ray 8756720eb8b61ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	UHCSans-SemiBold.woff2 by-pay.net/9fc9b7a3/sc50d03/43ddea/fazbmyhsmsi-dczltoruwdh.yunhscm.kctoqmb/cdn/assets/uhc/fonts/UHCSans/	42 KB 42 KB	4354ms 4353ms	Font font/woff2	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/sc50d03/43ddea/fazbmyhsmsi-dczltoruwdh.yunhscm.kctoqmb/cdn/assets/uhc/fonts/UHCSans/UHCSans-SemiBold.woff2 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b536a49e330f9c2255e6eaaf84896d4617134f2b7d0f831d5654a11b399f0a4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:17 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VodlbW7b0h6OlAHaFOsDF8Rreb1KXsRRKC9YElgI33q3zttBaULnjCwE9rrNjPTsAd1nXKkeVVMhX%2FRh8UdWwwj1c9lrg0QRHEzf%2BzDEPRzlloYofr0K2WnBCTBl"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=14400 cf-ray 8756720eb8b71ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	UHCSans-Medium.woff2 by-pay.net/9fc9b7a3/s65/43ddea/gaubpynsfsx-ecblbovufda.tuihcce.fchovmx/cdn/assets/uhc/fonts/UHCSans/	43 KB 43 KB	80ms 78ms	Font font/woff2	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s65/43ddea/gaubpynsfsx-ecblbovufda.tuihcce.fchovmx/cdn/assets/uhc/fonts/UHCSans/UHCSans-Medium.woff2 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGVznRhP42aGMBIYTUyCYrYYlZafohna4ipBx5VG5nfHJPuZAxV7IfsYXGYelWHLk%2B6RfokSnMUMANpca0S73IcFynHiH9tHUgJNre5yVRYWpE3lhMyzNYGa5TqJ"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=14400 cf-ray 8756720eb8b91ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	UHCSans-Bold.woff2 by-pay.net/9fc9b7a3/sc95ba90cc6/43ddea/raobqyysast-mcdluotudda.vunhqcl.ccmozmz/cdn/assets/uhc/fonts/UHCSans/	43 KB 43 KB	86ms 85ms	Font font/woff2	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/sc95ba90cc6/43ddea/raobqyysast-mcdluotudda.vunhqcl.ccmozmz/cdn/assets/uhc/fonts/UHCSans/UHCSans-Bold.woff2 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fHiGKXjfoka%2BhyXEQoYjwkLy82r9PeRomJy%2FODfKibU8PH%2BzjrHtJeM%2BYRmBaeJOUTCJA5A3g1OyX%2F8HFEZ8pPeWNue5v%2BTESIBXdoFvW2XBAB1HfHhSiUbPRvZ7"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=14400 cf-ray 8756720eb8ba1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	UHCSerif-SemiBold.woff by-pay.net/9fc9b7a3/s25/43ddea/canboyzsasm-hcdlyowukdy.vuqhjcd.rcvolmy/cdn/assets/uhc/fonts/UHCSerif/	34 KB 35 KB	81ms 80ms	Font font/woff	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s25/43ddea/canboyzsasm-hcdlyowukdy.vuqhjcd.rcvolmy/cdn/assets/uhc/fonts/UHCSerif/UHCSerif-SemiBold.woff Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d5ff3529e4c41bce10c3e0fbc501048606372734d017b991dc2b72fbe3f813a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pwsZW%2B06AqMWXqNf3S2sgN4LI6NbJNsmQXlxD4vhCPJ8Vph5%2FjXhTD%2BFhzPiFVw1nPBsknVAnlMUXovlrL5bi3QWiLnk%2BpcQ%2B9tKOKUa%2Fgnx0hIimvqGa6vZbBa4"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=14400 cf-ray 8756720eb8bb1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	UHCSerif-SemiBold.woff by-pay.net/9fc9b7a3/seaf8045/43ddea/savboybszsg-rcplsokumdx.lughccs.ucpolmy/cdn/assets/uhc/fonts/UHCSerif/	34 KB 35 KB	78ms 77ms	Font font/woff	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/seaf8045/43ddea/savboybszsg-rcplsokumdx.lughccs.ucpolmy/cdn/assets/uhc/fonts/UHCSerif/UHCSerif-SemiBold.woff Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d5ff3529e4c41bce10c3e0fbc501048606372734d017b991dc2b72fbe3f813a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQWxwIS0nn6t%2BUA5Tl4WmqYPhOd2LPjDwfQ6Vs5pHjWToQgrxm%2Ff4P7V3Szn74J1uM7dcxLMqq1qzEYKbI01%2BSi%2BIqKdd2r2UF2xI1dFmoRNy1kquk6VvIQgnYon"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=14400 cf-ray 8756720eb8bd1ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	UHCSans-BoldItalic.woff2 by-pay.net/9fc9b7a3/s2661ab/43ddea/jagbyymsmsg-hcolxosuodc.ruahdcg.eccotmr/cdn/assets/uhc/fonts/UHCSans/	45 KB 45 KB	87ms 85ms	Font font/woff2	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s2661ab/43ddea/jagbyymsmsg-hcolxosuodc.ruahdcg.eccotmr/cdn/assets/uhc/fonts/UHCSans/UHCSans-BoldItalic.woff2 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7c2d6d9e3a83acd853b5c81c137dfeec7c1f1d470075f23d5639c02d14d6943 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FCIuEcxRsUHxPhKYUzf3rizxZIQ5F%2BjWGdblvieWzUPwG7m1njlgqN4%2FH9x9f2BgyF6hv3avYtr64uqndoVejQFX5xEl5wzpt1ECZYXNFe6p0OqTShRKt8WETlgH"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=14400 cf-ray 8756720eb8bf1ca9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	UHCSans-Bold.woff2 abyss-cloud.uhg.com/cdn/assets/uhc/fonts/UHCSans/	43 KB 43 KB	12ms 11ms	Font font/woff2	2600:9000:2670:ba00:b:8b8c:d40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://abyss-cloud.uhg.com/cdn/assets/uhc/fonts/UHCSans/UHCSans-Bold.woff2 Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2670:ba00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 02:17:25 GMT via 1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront) last-modified Wed, 10 Apr 2024 22:28:10 GMT server AmazonS3 age 492468 x-amz-cf-pop FRA56-P9 etag "1a240fe1a2f3cb4e9f58fbf8ce1da4b1" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000,public,must-revalidate accept-ranges bytes content-length 43840 x-amz-cf-id Df3iUJXETOe681L7iW0Cl053vcnCX3wTy0KyLzcBaXMiOvwGsuQ4vw==
GET H2	200	UHCSans-Medium.woff2 abyss-cloud.uhg.com/cdn/assets/uhc/fonts/UHCSans/	43 KB 43 KB	14ms 12ms	Font font/woff2	2600:9000:2670:ba00:b:8b8c:d40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://abyss-cloud.uhg.com/cdn/assets/uhc/fonts/UHCSans/UHCSans-Medium.woff2 Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2670:ba00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Origin https://by-pay.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 02:17:25 GMT via 1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront) last-modified Wed, 10 Apr 2024 22:28:11 GMT server AmazonS3 age 492468 x-amz-cf-pop FRA56-P9 etag "e8afb1e292b4416438ff4125ab20621c" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000,public,must-revalidate accept-ranges bytes content-length 43688 x-amz-cf-id N2z0HAj8N4TRCOegKMu-bsRdJdF_OlS8CteYKcragBtvJPwtBDmhUw==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1898745%26time%3D1713294312520%26li_adsId%3D4430dffe-59ab-4928-9661-aaf9a80525ac%... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQKb...	0 264 B	225ms 106ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQKbEAnEagPsmgAAAY7oTIX9L0tLPuA_2NwPeu1kIaTCiPWljdECAL99UdFNYgqSIilXcs-MXO9r97Weczc6uSbydsqU Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://by-pay.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers date Tue, 16 Apr 2024 19:05:13 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 4BB21BE1003141B49043D625B8EE2564 Ref B: FRAEDGE1105 Ref C: 2024-04-16T19:05:13Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYWO2ruwAkuSuMBlLTucw== Redirect headers date Tue, 16 Apr 2024 19:05:12 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 6691B337F906432291FFC89DB63CA235 Ref B: FRAEDGE2008 Ref C: 2024-04-16T19:05:12Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294312520&li_adsId=4430dffe-59ab-4928-9661-aaf9a80525ac&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQKbEAnEagPsmgAAAY7oTIX9L0tLPuA_2NwPeu1kIaTCiPWljdECAL99UdFNYgqSIilXcs-MXO9r97Weczc6uSbydsqU x-li-proto http/2 content-length 0 x-li-uuid AAYWO2rrPVLzHmAvn3b9ug==
GET H2	200	activityi;dc_pre=CMe6mte2x4UDFXBhHgIdcsQKRA;src=11690551;type=optmbz;cat=globa0;ord=2604356491513;npa=1;auiddc=746975043.1713294312;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253... 11690551.fls.doubleclick.net/ Frame 20EF Redirect Chain https://11690551.fls.doubleclick.net/activityi;src=11690551;type=optmbz;cat=globa0;ord=2604356491513;npa=1;auiddc=746975043.1713294312;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%... https://11690551.fls.doubleclick.net/activityi;dc_pre=CMe6mte2x4UDFXBhHgIdcsQKRA;src=11690551;type=optmbz;cat=globa0;ord=2604356491513;npa=1;auiddc=746975043.1713294312;uaa=x86;uab=64;uafvl=Google%...	0 0	48ms 47ms	Document text/html	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://11690551.fls.doubleclick.net/activityi;dc_pre=CMe6mte2x4UDFXBhHgIdcsQKRA;src=11690551;type=optmbz;cat=globa0;ord=2604356491513;npa=1;auiddc=746975043.1713294312;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44f0v9135076373za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fby-pay.net%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-11690551&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://by-pay.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 374 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 16 Apr 2024 19:05:12 GMT expires Tue, 16 Apr 2024 19:05:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 16 Apr 2024 19:05:12 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://11690551.fls.doubleclick.net/activityi;dc_pre=CMe6mte2x4UDFXBhHgIdcsQKRA;src=11690551;type=optmbz;cat=globa0;ord=2604356491513;npa=1;auiddc=746975043.1713294312;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44f0v9135076373za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fby-pay.net%2F? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	iframe_api Show response www.youtube.com/	1 KB 2 KB	60ms 36ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/seda980/43ddea/xwlwzwo.muzhycu.xccohmu/etc.clientlibs/uhcfoundation/clientlibs/clientlib-video.min.517c8d13c5a8d4991e78bc79678c6a3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e74935590b4a1ce97eaa8a4415ae0faa86b07792b1bd2bee5863266822a0dabf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br content-security-policy-report-only require-trusted-types-for 'script';report-uri /cspreport p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-type text/javascript; charset=utf-8 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	RCe68dc57ab9c945329028bae13e407cfb-source.min.js Show response assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/	1 KB 797 B	14ms 13ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RCe68dc57ab9c945329028bae13e407cfb-source.min.js Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash afa7316a4e0b97e897772382dd455fec750788821e02548799a7bf484e924095 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding gzip last-modified Tue, 16 Apr 2024 09:11:49 GMT server AkamaiNetStorage etag "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://by-pay.net cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 544 expires Tue, 16 Apr 2024 20:05:12 GMT
GET H2	200	RCa52dbbc12fcc4ca288684c47305557e0-source.min.js Show response assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/	2 KB 1 KB	15ms 15ms	Script application/x-javascript	2a02:26f0:3500:58f::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RCa52dbbc12fcc4ca288684c47305557e0-source.min.js Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 1a8fb96deef3c37ebbc6216ebc7a5dc59e8899bb0d283de96d12036f9b88de64 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT content-encoding gzip last-modified Tue, 16 Apr 2024 09:11:49 GMT server AkamaiNetStorage etag "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://by-pay.net cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 1050 expires Tue, 16 Apr 2024 20:05:12 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	36ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-HZQWR2GYM4&gtm=45je44f0v871504411za200&_p=1713294312186&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1549153917.1713294313&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713294312&sct=1&seg=0&dl=https%3A%2F%2Fby-pay.net%2F&dt=Short%20term%20health%20insurance%20%7C%20UnitedHealthcare%20How%20Many%20Uninsured%20Are%20in%20the%20Coverage%20Gap%20and%20How%20Many.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1489 Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/uhc/p/detector-dom.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 19:05:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://by-pay.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	424	global-alert.html Show response by-pay.net/9fc9b7a3/sa297/43ddea/fwgwgwi.euwhpch.wcwovmo/content/uhcdotcom/en/home/	0 391 B	1575ms 1575ms	XHR text/html	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/sa297/43ddea/fwgwgwi.euwhpch.wcwovmo/content/uhcdotcom/en/home/global-alert.html Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vH2dTsVElBYouMtXtubdolfXAfKtrlEIdLWHL%2BPIwhtNdV4TVSl6cQwOThhLZYpr30ZaMhWUq5BwDcGuhEtIELlymoym0Noz2dqckS0oHskhI8Ki%2B%2B6ekAuwgQB"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8756720e98961ca9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	sp.pl sp.analytics.yahoo.com/	43 B 633 B	119ms 39ms	Image image/gif	212.82.100.181 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2016%20Apr%202024%2019%3A05%3A12%20GMT&n=-2d&b=Short%20term%20health%20insurance%20%7C%20UnitedHealthcare%20How%20Many%20Uninsured%20Are%20in%20the%20Coverage%20Gap%20and%20How%20Many.&.yp=10059574&f=https%3A%2F%2Fby-pay.net%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm%2Cadobe Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spdc.pbp.vip.ir2.yahoo.com Software ATS / Resource Hash 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 19:05:12 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif cache-control no-cache, private, must-revalidate accept-ranges bytes content-length 43 expires Tue, 16 Apr 2024 19:05:12 GMT
GET H2	200	s86158534779721 smetrics.optum.com/b/ss/uhgenterprisecoreprod,uhguhcprd/1/JS-2.23.0-LDQM/	43 B 372 B	74ms 21ms	Image image/gif	63.140.62.222 OMNITURE
General Check archive.org Show headers Download Go to Show image Full URL https://smetrics.optum.com/b/ss/uhgenterprisecoreprod,uhguhcprd/1/JS-2.23.0-LDQM/s86158534779721?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2021%3A5%3A12%202%20-120&sdid=7881C63D8FEED314-1384B41C8C60FFE9&mid=08954831641958055902111982226183256289&aamlh=6&ce=UTF-8&pageName=uhc%3Auhc.com%3Apublic%3Aindividuals-families%3Ashort-term-health-insurance%3Ashort%20term%20health%20insurance&g=https%3A%2F%2Fby-pay.net%2F&c.&getPreviousValue=3.0.1&apl=4.0&inList=3.0&manageVars=3.0&lowerCaseVars=1.0&pt=3.0&.c&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=2.23.0%7Eproduction%7E2024-04-16t09%3A10%3A46z&v18=1-800-557-6718&c75=page%7Cuhc%3Auhc.com%3Apublic%3Aindividuals-families%3Ashort-term-health-insurance%3Ashort%20term%20health%20insurance&v100=content&v139=page%20track&v140=uhc&v141=uhc&v142=uhc.com&v143=website&v144=desktop&v145=D%3DpageName&v149=1713294312&v150=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F123.0.0.0%20safari%2F537.36&v152=D%3Dmid&v153=https%3A%2F%2Fby-pay.net%2F&v154=https%3A%2F%2Fby-pay.net%2F&v157=dcr%20-%20all%20pages%20-%20page%20load%20-%20aa%20-%20send%20beacon&v162=not%20logged%20in&v181=public&v182=individuals-families&v183=short-term-health-insurance&v188=en&v191=prospect&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1 Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.222 , United States, ASN15224 (OMNITURE, US), Reverse DNS ip-63-140-62-222.data.adobedc.net Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 19:05:12 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 17 Apr 2024 19:05:12 GMT server jag etag 3679271519405703168-4618626999176808454 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Mon, 15 Apr 2024 19:05:12 GMT
POST H2	202	rum Show response browser-intake-datadoghq.com/api/v2/	53 B 343 B	153ms 153ms	Fetch application/json	2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=8c463248-5d90-4254-a91c-309fa582b31f&batch_time=1713294312799 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash d04ad73a40dd864fded9744ef1f492f6e786e53ea954a6f8bc1ff0f75438722f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 16 Apr 2024 19:05:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id 8c463248-5d90-4254-a91c-309fa582b31f
GET H2	200	/ www.facebook.com/tr/	0 273 B	24ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1231592023559249&ev=PageView&dl=https%3A%2F%2Fby-pay.net&rl=&if=false&ts=1713294312835&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4124&fbp=fb.1.1713294312831.146804657&cs_est=true&pm=1&hrl=229f59&ler=empty&cdl=API_unavailable&it=1713294312257&coo=false&cs_cc=1&cas=7801014826596581%2C7553438904750993%2C7212566285532133%2C7210249945706774%2C7115382141921829%2C24536214642630499%2C5857953294268989%2C2239276222823340%2C1009366075833106&rqm=GET Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2759, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 16 Apr 2024 19:05:12 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/03dc2242/www-widgetapi.vflset/	216 KB 67 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/03dc2242/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 889b17a954d92c4905c6da78f51df1906a8826e9b4d0a9e3474d6b423558ec2b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 10:51:13 GMT content-encoding br x-content-type-options nosniff age 29639 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68429 x-xss-protection 0 last-modified Mon, 15 Apr 2024 04:14:42 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 16 Apr 2025 10:51:13 GMT
GET BLOB	200 OK	aab35e59-9d2f-450c-85a6-4f25fa729a46 https://by-pay.net/	148 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://by-pay.net/aab35e59-9d2f-450c-85a6-4f25fa729a46 Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 92b7e6ba375e8eb45682cc245e4a7f9b380b3c1d7d701ad3cd09e9fc38e5048c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Length 148 Content-Type application/javascript
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 192 B	114ms 114ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://by-pay.net/ sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:12 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 6AE18012FD974C7881A9708AEDE45453 Ref B: FRAEDGE2008 Ref C: 2024-04-16T19:05:13Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://by-pay.net x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYWO2rwzk8EOdYQRwO1UA==
POST H2	202	rum Show response browser-intake-datadoghq.com/api/v2/	53 B 344 B	211ms 210ms	Fetch application/json	2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=25f8965e-4d79-4e44-b588-4510dbdff49c&batch_time=1713294313380 Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b902:b9d0:82a2:33e2:c96b Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash 603523df9102976ea4b084b21e6c1bc6ff0f541783932ae2afa7ecb2f3ec6d9a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 16 Apr 2024 19:05:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff accept-encoding identity,gzip,x-gzip,deflate,x-deflate,zstd content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 53 dd-request-id 25f8965e-4d79-4e44-b588-4510dbdff49c
GET H2	200	/ Show response zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/	10 KB 5 KB	75ms 39ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y Requested by Host: by-pay.net URL: https://by-pay.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87dae791345d8fbf4d0ee18923b1c3afdcf3ea0e93886cad3687dbb9305eedf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 60566 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"26bb-acWxaHU7iqLBH060YGVo2obG2vQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8756722a280a65df-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H/1.1	200 OK	cls_report Show response report.uhg.glassboxdigital.io/glassbox/reporting/a0542e07-7e48-6629-e0e8-daefbd48f7c3/	250 B 1 KB	298ms 95ms	XHR application/json	54.86.101.112 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://report.uhg.glassboxdigital.io/glassbox/reporting/a0542e07-7e48-6629-e0e8-daefbd48f7c3/cls_report?_cls_s=510d1e10-6b08-4fa5-9d5e-a8070d74925c%3A0&_cls_v=116e0b78-dada-41fa-89f1-1895a5be41f8&pv=2&f_cls_s=true Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.86.101.112 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-86-101-112.compute-1.amazonaws.com Software GlassBox Cligate / Resource Hash b5bc80ee793272d5346b91fde9afa8146a7f208370cf237c7924d9eddc67c028 Security Headers Name Value Content-Security-Policy default-src 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 19:05:17 GMT Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip Content-Security-Policy default-src 'self'; X-Content-Type-Options nosniff Connection keep-alive Content-Length 201 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Server GlassBox Cligate X-Frame-Options SAMEORIGIN vary origin Content-Type application/json access-control-allow-origin https://by-pay.net access-control-allow-credentials true GB-Server g5045 X-Robots-Tag noindex
GET H2	200	iFrame.html universal.iperceptions.com/ Frame 5B10	0 0	31ms 13ms	Document text/html	2600:9000:225e:7000:8:e7ba:7440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://universal.iperceptions.com/iFrame.html Requested by Host: universal.iperceptions.com URL: https://universal.iperceptions.com/wrapper.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://by-pay.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age 28 cache-control public,max-age=7200 content-encoding gzip content-md5 EWwLArd7NRLd/UFGafi8dA== content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 16 Apr 2024 19:04:49 GMT last-modified Thu, 21 Sep 2023 17:40:01 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 vary Accept-Encoding via 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront) x-amz-cf-id z2VhllgUGaJIPUQ3rMsI4WChy6RA-S6MsP0gITqbGpcpJGzY2UdgoA== x-amz-cf-pop FRA60-P4 x-cache Hit from cloudfront x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id c9e314d4-701e-0027-68a9-8f7381000000 x-ms-version 2009-09-19
GET H2	200	12.00593e070a6f1562a8b4.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	73 KB 21 KB	39ms 32ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=by-pay.net Requested by Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 59296 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 01 Apr 2024 18:13:43 GMT server cloudflare etag W/"125c9-18e9addfbd8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-ray 8756722aa89c65df-FRA
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	67 KB 6 KB	59ms 59ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca0cc4204b34d3ebfbd09fe58424be26a1083b9f42cda778575f53ca8116e271 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 16 Apr 2024 19:05:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report referrer-policy strict-origin-when-cross-origin server cloudflare content-type application/json access-control-allow-origin https://by-pay.net cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id 7cfbd2f598371247 timing-allow-origin * cf-ray 8756722ae8d965df-FRA
GET H3	200	favicon.ico by-pay.net/9fc9b7a3/s323/43ddea/kwfwfwk.xughecg.nchommn/etc/designs/uhcfoundation/resources/	894 B 1 KB	42ms 42ms	Other image/vnd.microsoft.icon	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s323/43ddea/kwfwfwk.xughecg.nchommn/etc/designs/uhcfoundation/resources/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b7b147d01fa1e179194747215e5c9131c452e65b19dc2f3df2f6569fb37ae2b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:17 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Apr 2024 19:05:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iG7G3G3WT9EWFCfUwssaz%2F36dCvzNgP9VZDXvEPm6MCKSxQlFZPgt9yqiqxZHNxxP9ndPGh8HRZ%2FQ9V69VqOxvDz2iY13UjwRpAyCz6pT87D0PV6ZiyXGzjTfVoO"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon cache-control max-age=14400 cf-ray 8756722ae9781ca9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico by-pay.net/9fc9b7a3/s6324ee02a/43ddea/dwrwxwq.muxhfcc.ccdovmu/etc/designs/uhcfoundation/resources/	894 B 1 KB	25ms 24ms	Other image/vnd.microsoft.icon	172.67.182.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://by-pay.net/9fc9b7a3/s6324ee02a/43ddea/dwrwxwq.muxhfcc.ccdovmu/etc/designs/uhcfoundation/resources/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.182.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b7b147d01fa1e179194747215e5c9131c452e65b19dc2f3df2f6569fb37ae2b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:17 GMT content-encoding br cf-cache-status HIT last-modified Tue, 16 Apr 2024 19:02:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 182 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qF2KZZ5Cw5IrN09aS8Wq5U02oALvD%2BjxNxbXIjiuinyhgOk%2BIkLKbZjvz5RvZov4lOA6AWTvdY6%2FwF2H9lgLbsJm1tQjX9aeCzKo7GeLnLP3E7jRLFQ3dWUqjeie"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control max-age=14400 cf-ray 8756722b49fc1ca9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	CoreModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	102 KB 30 KB	51ms 50ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise Requested by Host: siteintercept.qualtrics.com URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=by-pay.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 59296 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 01 Apr 2024 18:13:43 GMT server cloudflare etag W/"19639-18e9addfbd8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-ray 8756722b595165df-FRA
GET H2	200	7.7f92166a279ec8ccbb92.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	3 KB 1 KB	47ms 47ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/7.7f92166a279ec8ccbb92.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise Requested by Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 59296 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 01 Apr 2024 18:13:43 GMT server cloudflare etag W/"b52-18e9addfbd8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-ray 8756722c2a7d65df-FRA
GET H2	200	1.2211346a24b96c334744.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	29 KB 7 KB	46ms 46ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/1.2211346a24b96c334744.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise Requested by Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 19:05:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 59295 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 01 Apr 2024 18:13:43 GMT server cloudflare etag W/"73f8-18e9addfbd8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-ray 8756722c2a7e65df-FRA
GET H2	401	InviteTriggers Show response api.iperceptions.com/	0 31 B	69ms 66ms	XHR text/plain	52.138.200.61 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://api.iperceptions.com/InviteTriggers Requested by Host: by-pay.net URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://by-pay.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 SecurityToken ef6177e6-a195-4fc1-9b32-7636466e19b5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 19:05:17 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET access-control-allow-origin * cache-control no-cache content-length 0 expires -1
OPTIONS H2	200	InviteTriggers api.iperceptions.com/ Frame	0 0	156ms 33ms	Preflight	52.138.200.61 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://api.iperceptions.com/InviteTriggers Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Accept */* Access-Control-Request-Headers securitytoken Access-Control-Request-Method GET Origin https://by-pay.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers access-control-allow-headers securitytoken access-control-allow-origin * cache-control no-cache content-length 0 date Tue, 16 Apr 2024 19:05:17 GMT expires -1 pragma no-cache server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

lptag.liveperson.net

URL

https://lptag.liveperson.net/tag/tag.js?site=9518691

Domain

analytics1.ninahale.net

URL

https://analytics1.ninahale.net/pixel.png?clientID=2c8b871e52d4e5f5db5ff84a82a45327e20df77edef961c4b6fa0e9c3d97ce5b&id=&id_fp=&host=by-pay.net&page=/&pageURL=https://by-pay.net/&ref=&web_ts=2024-04-16T19:05:12.205Z&adobe_ecid=08954831641958055902111982226183256289&adobe_vid=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&hit_type=pageview