by-pay.net Open in urlscan Pro
104.21.51.155 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://by-pay.net/
Effective URL:
https://by-pay.net/
Submission: On April 16 via api (April 16th 2024, 7:03:07 pm UTC) from HU — Scanned from DE

Summary HTTP 111 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 27 domains to perform 111 HTTP transactions. The main IP is 104.21.51.155, located in and belongs to CLOUDFLARENET, US. The main domain is by-pay.net.
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.

This is the only time by-pay.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	104.21.51.155 104.21.51.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:26d... 2600:9000:26da:cc00:b:8b8c:d40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.17.32.208 52.17.32.208	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.203.47.152 34.203.47.152	14618 (AMAZON-AES) (AMAZON-AES)
1 1	20.221.105.198 20.221.105.198	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2600:1f18:24e... 2600:1f18:24e6:b902:7623:11a0:2b80:6002	14618 (AMAZON-AES) (AMAZON-AES)
17	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	54.170.54.208 54.170.54.208	16509 (AMAZON-02) (AMAZON-02)
1 1	99.81.63.100 99.81.63.100	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.225 66.235.152.225	15224 (OMNITURE) (OMNITURE)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1491	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:190d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20a... 2600:9000:20ae:f200:8:e7ba:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	63.140.62.222 63.140.62.222	15224 (OMNITURE) (OMNITURE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20a... 2600:9000:20ae:c000:8:e7ba:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.199.5.242 34.199.5.242	14618 (AMAZON-AES) (AMAZON-AES)
2	52.138.200.61 52.138.200.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
111	29

38 104.21.51.155 (None, )

ASN13335 (CLOUDFLARENET, US)

by-pay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:26da:cc00:b:8b8c:d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

abyss-cloud.uhg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.32.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-32-208.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.203.47.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-47-152.compute-1.amazonaws.com

164773174ba1.o3n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hub.uhg-monarchhealthcare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.221.105.198 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

uhc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

www.uhc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:24e6:b902:7623:11a0:2b80:6002 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.54.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-54-208.eu-west-1.compute.amazonaws.com

unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.63.100 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-63-100.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.225 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-225.data.adobedc.net

starget.uhc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1491 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:190d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ae:f200:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

11690551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ae:c000:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.5.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-5-242.compute-1.amazonaws.com

report.uhg.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.138.200.61 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	by-pay.net by-pay.net	1 MB
17	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	1 MB
6	qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 31461 siteintercept.qualtrics.com — Cisco Umbrella Rank: 915	70 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 340 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 6380	3 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 436	16 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 335	14 KB
5	browser-intake-datadoghq.com browser-intake-datadoghq.com — Cisco Umbrella Rank: 944	2 KB
5	uhg.com abyss-cloud.uhg.com — Cisco Umbrella Rank: 130898	148 KB
4	iperceptions.com universal.iperceptions.com — Cisco Umbrella Rank: 13935 api.iperceptions.com — Cisco Umbrella Rank: 12347	4 KB
3	uhc.com 1 redirects uhc.com — Cisco Umbrella Rank: 15086 www.uhc.com — Cisco Umbrella Rank: 75937 starget.uhc.com — Cisco Umbrella Rank: 71971	3 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 240 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 17925	2 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 73	69 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	84 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 661	7 KB
1	glassboxdigital.io report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 20745	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1562	633 B
1	doubleclick.net 11690551.fls.doubleclick.net — Cisco Umbrella Rank: 135531
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2548	242 B
1	optum.com smetrics.optum.com — Cisco Umbrella Rank: 16453	372 B
1	gbqofs.com cdn.gbqofs.com — Cisco Umbrella Rank: 6334	151 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 822	17 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1309	490 B
1	uhg-monarchhealthcare.com hub.uhg-monarchhealthcare.com	183 B
1	o3n.io 164773174ba1.o3n.io	183 B
0	ninahale.net Failed analytics1.ninahale.net Failed
0	liveperson.net Failed lptag.liveperson.net Failed
111	27

	Domain	Requested by
38	by-pay.net	by-pay.net
17	www.googletagmanager.com	by-pay.net www.googletagmanager.com
6	assets.adobedtm.com	by-pay.net
5	siteintercept.qualtrics.com	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com by-pay.net siteintercept.qualtrics.com
5	bat.bing.com	by-pay.net bat.bing.com
5	browser-intake-datadoghq.com	by-pay.net
5	abyss-cloud.uhg.com	by-pay.net
4	px.ads.linkedin.com	3 redirects by-pay.net
2	api.iperceptions.com	by-pay.net
2	www.youtube.com	by-pay.net www.youtube.com
2	universal.iperceptions.com	by-pay.net universal.iperceptions.com
2	connect.facebook.net	by-pay.net connect.facebook.net
2	s.yimg.com	by-pay.net
2	dpm.demdex.net	by-pay.net
1	report.uhg.glassboxdigital.io	by-pay.net
1	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	by-pay.net
1	www.facebook.com	by-pay.net
1	sp.analytics.yahoo.com	by-pay.net
1	px4.ads.linkedin.com	by-pay.net
1	www.linkedin.com	1 redirects
1	11690551.fls.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	smetrics.optum.com	by-pay.net
1	cdn.gbqofs.com	by-pay.net
1	snap.licdn.com	by-pay.net
1	starget.uhc.com	by-pay.net
1	cm.everesttech.net	1 redirects
1	unitedhealthgroup.demdex.net	by-pay.net
1	www.uhc.com	by-pay.net
1	uhc.com	1 redirects
1	hub.uhg-monarchhealthcare.com	by-pay.net
1	164773174ba1.o3n.io	by-pay.net
0	analytics1.ninahale.net Failed	by-pay.net
0	lptag.liveperson.net Failed	by-pay.net
111	34

This site contains links to these domains. Also see Links.

Domain
www.uhcprovider.com
member.uhc.com
welltoknotice.wpenginepowered.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
by-pay.net E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
abyss-cloud.optum.com COMODO RSA Organization Validation Secure Server CA	`2023-10-24` - `2024-10-23`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.o3n.io R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
starget.uhc.com COMODO RSA Organization Validation Secure Server CA	`2023-10-19` - `2024-10-18`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-04-02` - `2024-05-22`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-25` - `2024-04-24`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-16` - `2024-06-27`	2 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
gbqofs.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-11`	a year	crt.sh
*.iperceptions.com Amazon RSA 2048 M02	`2024-01-14` - `2025-02-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
smetrics.optum.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-23` - `2025-04-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
uhg.glassboxdigital.io Amazon RSA 2048 M03	`2023-09-09` - `2024-10-08`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://by-pay.net/
Frame ID: E82582077F9F9C1519B1B96400D4EFBE
Requests: 108 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: ACF162866C091E581518CF3C29D7510E
Requests: 1 HTTP requests in this frame

Frame: https://11690551.fls.doubleclick.net/activityi;src=11690551;type=optmbz;cat=globa0;ord=2166626713497;npa=1;auiddc=1993365246.1713294180;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe44f0v9135076373za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fby-pay.net%2F
Frame ID: B882BD632EBE6131590B02680BC7F676
Requests: 1 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 14B17440E04353CC530308685C119FC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Short term health insurance | UnitedHealthcare How Many Uninsured Are in the Coverage Gap and How Many.

Page URL History Show full URLs

http://by-pay.net/ HTTP 307
https://by-pay.net/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*aem-Grid
/etc/designs/
/etc\.clientlibs/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

111
Requests

95 %
HTTPS

53 %
IPv6

27
Domains

34
Subdomains

29
IPs

5
Countries

3086 kB
Transfer

9760 kB
Size

37
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.uhcprovider.com/
Title: Providers

Search URL Search Domain Scan URL

URL: https://member.uhc.com/plan-selector/automatic?portal=uhccom
Title: Members – sign in

Search URL Search Domain Scan URL

URL: https://welltoknotice.wpenginepowered.com/?page_id=23
Title: Notice of data security incident at WellTok

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UnitedHealthcare

Search URL Search Domain Scan URL

URL: https://www.instagram.com/unitedhealthcare/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/UnitedHealthcare

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/unitedhealthcare/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://by-pay.net/ HTTP 307
https://by-pay.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg HTTP 301
https://www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg

Request Chain 35

https://cm.everesttech.net/cm/dd?d_uuid=24806101446174489933474233071095741094 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh7LZAAAAEPb2wOJ

Request Chain 89

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1898745%26time%3D1713294180977%26li_adsId%3D2bdeee1d-ea83-4db5-9627-f1e6404eacc8%26url%3Dhttps%253A%252F%252Fby-pay.net%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQKku8PH-dh75AAAAY7oSoYGcy6lbe5ngJOSCZqB4t0ecNNZeUB7bScuBG4v7EZXyUdiRAc

111 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
by-pay.net/
Redirect Chain

http://by-pay.net/
https://by-pay.net/

112 KB
23 KB

167ms
84ms

Document
text/html

104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03924d3fec77196d478d1f28aae8905471acdd3179bf2bf413f32c5609cd489c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87566ece0df21919-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 16 Apr 2024 19:02:59 GMT
last-modified: Tue, 16 Apr 2024 17:24:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shGT4ERSWuvmSaP6a2mt%2BxyXzsWXidLV8%2BkdEoDmLxbWFBfsJ%2BklnGdOlqA8puRK41NpMC7JKD4Sa42firtPSqdGJ1mfePTE1VodfLYUro1w5Hl0fCeTVQQsWsKd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://by-pay.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js Show response
by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/ 255 KB
85 KB 157ms
157ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f62bc61a09caddbe2c87c2a4e2f74f8333892209f82f141ee7f4a0b100e52fb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 02:06:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkfoGQ4U%2Fp1leNLRqMdvhw8umGcgdPwmexgTpqeTiBPWo80dWOKoDeRShds72e2EKBCGjWSO8I7YsZtlLfkTxDjZhMd6Qrk9ENLxHxRjXfUjppkEsk4st8wgNZLb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ece9e951919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 clientlib-polyfills.min.3e8ad2b595e38d9836ecd1e79ae227f9.js Show response
by-pay.net/9fc9b7a3/sffadabf1e/43ddea/vwwwowl.guyhlck.pcroxmr/etc.clientlibs/uhcfoundation/clientlibs/ 32 KB
12 KB 123ms
122ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sffadabf1e/43ddea/vwwwowl.guyhlck.pcroxmr/etc.clientlibs/uhcfoundation/clientlibs/clientlib-polyfills.min.3e8ad2b595e38d9836ecd1e79ae227f9.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73219454aee2a1f99cd9de00731df9ff3fb1d4349eceb2a16562271e3d0cca8d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 02:06:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CHDKn6Y0ieHSRa3Eb9panDYM1eWiaSR6QfHbZxLZrBtqc%2BrIYl8FYeRb2u54izS3JXoZPzarFoLnYFdDNXiJD2gHCQmt07CCbghedhFIEts6DExgzS2%2FpvOG6Dt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ece9e9a1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css
by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/ 226 KB
21 KB 235ms
234ms Stylesheet
text/css 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a002936493c6365c951278a9d1eb42cf91c3be2676a5d48adbe205b64775f594

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 02:06:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sbwuYiksisz0wQRaHhhFnL2OmZ45nP6QarmkZtpWJVD%2BQxT9JeChYXsIvLUsntlmHvDR2Uq875pemzGpsPv1qR5Z2ipwAvFXH9QOwYYtMZ1wFS2Y2BJozXu6e1my"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ece9e9c1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/ 576 KB
51 KB 244ms
243ms Stylesheet
text/css 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c72cd933de1c0942fbeb8b9cc680349ba28be2a749792e223eee3f92e13a53

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 02:06:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=icLGwhYnb35opd1FJLsaG%2FEwgMis0d1pjOP9RssatMKTaZTLg2XOWyHWh7ST4QrvWYMWHoJfFd%2BZdu5PduxH%2BxahALT1LoJk0nwsvsyJ7qpEGXe9visQMfW0YEzU"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ece9ea11919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 clientlib-livechat.min.143a6046d1e2182e6a51006e0afd6baf.css
by-pay.net/9fc9b7a3/s87/43ddea/cwwwswq.culhgco.qcoopms/etc.clientlibs/uhcfoundation/clientlibs/ 1 KB
1 KB 109ms
108ms Stylesheet
text/css 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s87/43ddea/cwwwswq.culhgco.qcoopms/etc.clientlibs/uhcfoundation/clientlibs/clientlib-livechat.min.143a6046d1e2182e6a51006e0afd6baf.css
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efe6705c4be1187ea37cbb36047614f27a19cbf540cea9892f7a15824f99ec6e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 02:06:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gjBTcUgXGAEwP124afImBSosazHgJzAZE7X%2Bzo2Y0ala3z9H6d1AJIvqQBdXaGHn73zI7nzPFxoJ4wnm4qDbidmrKvSeiLPo6xrctafcy3rWUS1qzE%2Fh2IQX1vyD"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ece9ea41919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 launch-5e90c3319557.min.js Show response
by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/ 540 KB
131 KB 83ms
82ms Script
application/x-javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3391dd1b8b0cd7b5f6b3d36494742d2fe55ee0f234877381cf6567797dea902d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RcNUADM9CnpIjkZNLmnX41NUQtHCs7YZ3OQNW8aFrtzGNu6JO8GR1amFs2ZUGlbLuZvs7lII1jnw5a90Jn%2BU1Uk3sizKueXHZea9erfBqaNYjUeIZtwB3TDfft3i"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: https://assets.adobedtm.com
cache-control: max-age=14400
cf-ray: 87566ed048f71919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header.css
by-pay.net/9fc9b7a3/se51757b/43ddea/lwtwywo.juchxcy.lcsohmm/uhccom-api/static/app/v-1.5.0/ 157 KB
18 KB 246ms
245ms Stylesheet
text/css 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/se51757b/43ddea/lwtwywo.juchxcy.lcsohmm/uhccom-api/static/app/v-1.5.0/header.css
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8fc53cdae3b946b74985f656d0fd02916b1aa28728ca2e45f3cd5dcc15d79e0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:02:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GN02efEu8hPI66077IO74fBtSVwl9ykhaaFp9gr85F0bhu3Inb%2FBup%2F%2BfibuiFAY6mH8ih9kiOOVMHDiAnGRNwsduj8cVvgXq9B%2BuIjULVWv2i8ME%2Bc88Zz65f%2BG"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ece9ea61919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 uhc-header-component.parcel.js Show response
by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/ 945 KB
227 KB 253ms
253ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/uhc-header-component.parcel.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30542f7650a4a2419c4f18ec15debea61fb13556594705316b482b1d3d90db0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 02:06:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DcXvz3Yw3R8Svzc0WITBC8ObjJvqU2Dul6WU1TSAe7chTMp2XFTQO05sz7x1WNIBU7J9GlLatjxrzVC5gY2mT%2FFZPn2dHmOgKGLZbWgm96GZ%2BkfiAf9FOq2lwCGm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ece9ea81919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 original
by-pay.net/9fc9b7a3/s2c26d17ac/43ddea/fwvwlwl.puehzcg.scwodmt/content/dam/uhcdotcom/foundation/images/full-width/short-term-split-hero-img-desktop-1920x725.jpg/jcr:content/renditions/ 284 B
671 B 76ms
75ms Image
image/jpeg 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/9fc9b7a3/s2c26d17ac/43ddea/fwvwlwl.puehzcg.scwodmt/content/dam/uhcdotcom/foundation/images/full-width/short-term-split-hero-img-desktop-1920x725.jpg/jcr:content/renditions/original
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94a6d02a327e442fce70e1accac9a3f1ea754bf01df9965149d4fe8051360dc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=11RbDjQTGH6wCuAPwnacKLRfYP%2B%2BuUdLwF%2FSIM1cIS59FF8a8nYCapaF21PUunTVRht0oG7RIaxtY%2F4YB0H6I%2BEo3bIGsIXPKOjt10d1aQmFwBs4SMDNWxsINPYf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 87566ece9ea91919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UHOneDataMap-2021-all.js Show response
by-pay.net/9fc9b7a3/s6198bda3c6/43ddea/jwewswt.tuphpcr.wcxozmj/content/dam/uhcdotcom/en/js/ 8 KB
2 KB 62ms
62ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s6198bda3c6/43ddea/jwewswt.tuphpcr.wcxozmj/content/dam/uhcdotcom/en/js/UHOneDataMap-2021-all.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0bfba68da2ee5b397bd8232c6c1ab0291d9478daf036b83143386be55ec85f1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CPx5uWfH1S%2Bjg20O0TVJ%2FTM1XNbkNu86N1Yc69LJk8PTCIqjA9dMeT2G8M%2BsDrWoOrBQ31rxcH5wY1GdbskE40eQp6ejRCf36LGJSmLcZPQ0fOb7wP4CTngYMcjn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ece9eaa1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tfnUpdate-v3.js Show response
by-pay.net/9fc9b7a3/scb93e/43ddea/awlwuwo.mudhlcw.vcdoumd/content/dam/uhcdotcom/en/js/ 7 KB
3 KB 52ms
52ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/scb93e/43ddea/awlwuwo.mudhlcw.vcdoumd/content/dam/uhcdotcom/en/js/tfnUpdate-v3.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d431d05327b5a609365ea90d43e8c5fa3ca1f15769fb7ffa22f5e273fd8a71a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ATcRzWXK6wErW%2Bd5ZTUcCyuDYaONuSKnSbtH1aqotTL%2FWJXu6r%2BREPzAxauc9TDcscHVUUV0G%2F8vk8VIxp0F13y1gaRJV1jD9qE9PKQUo3%2BoqMw2KsFHgTvOOlW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ecf0f3a1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cq5dam.web.1280.1280.jpeg
by-pay.net/9fc9b7a3/sfd84a0/43ddea/jwcwdwe.zuthlcs.ychotmt/content/dam/uhcdotcom/en/Videos/youtube-video-thumbnails/Youtube-q3-9yQ_MKg0-Video-Thumbnail.jpg/_jcr_content/renditions/ 284 B
709 B 50ms
49ms Image
image/jpeg 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/9fc9b7a3/sfd84a0/43ddea/jwcwdwe.zuthlcs.ychotmt/content/dam/uhcdotcom/en/Videos/youtube-video-thumbnails/Youtube-q3-9yQ_MKg0-Video-Thumbnail.jpg/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94a6d02a327e442fce70e1accac9a3f1ea754bf01df9965149d4fe8051360dc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8P1ybQCXwM9S43uEY2SW1vuaJ%2Bunj7OnEwdgSc6pmdhFsLp2gA0rtA%2FLiq1wXvPfVTWWirs%2BXclWgABqOxZ2OrbhnIxy%2B9HVjCTDxz2QqOAoYUD9XZKlnFKLNZS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 87566ecf1f571919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 footer.css
by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/ 24 KB
4 KB 193ms
193ms Stylesheet
text/css 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99bfccb342ab0c0a7508e4c2b0ed9377d70d8e604d155999869053d7131e6767

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFVKVHSmtqk7wO4wVFpsMIuqgOk0WCSA59Xm4eV9LMfwYpXgPkkQFekaq%2BCnitQB2SOkzgdPmjhxe6zNMlKlyoTsAUK0SCdBsHcGvP0JQHWyWdl9jjtUGmY9fGt8"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ecf5faa1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 uhc-footer-component.parcel.js Show response
by-pay.net/9fc9b7a3/se2a4/43ddea/zwvwjwq.fuvhccj.gcwoamj/uhccom-api/static/app/v-1.3.0/ 758 KB
206 KB 182ms
182ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/se2a4/43ddea/zwvwjwq.fuvhccj.gcwoamj/uhccom-api/static/app/v-1.3.0/uhc-footer-component.parcel.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d739d66df8f62ebcba410b522f5dbd7b8ea70e612dacf475efb7a448a2ddd25

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vAoZSFqlGdoyPUqD3EFs2MiqK824nkdXJpfEO%2BjKFj7oL6cXpPh0K36HGwYiEA8fwBE6PMFWTthiBY7biOjacqMmhAwk17EWCIJjYoEt%2BPrfkCEL7ho%2FGBrvv6c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ecf6fc31919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 clientlib-video.min.517c8d13c5a8d4991e78bc79678c6a3b.js Show response
by-pay.net/9fc9b7a3/seda980/43ddea/xwlwzwo.muzhycu.xccohmu/etc.clientlibs/uhcfoundation/clientlibs/ 61 KB
19 KB 70ms
70ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/seda980/43ddea/xwlwzwo.muzhycu.xccohmu/etc.clientlibs/uhcfoundation/clientlibs/clientlib-video.min.517c8d13c5a8d4991e78bc79678c6a3b.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e78c1ddf06080ddcb313fa288a74e92787efd7acf30137921cad5fbdffbe589b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sS4WwTWvsBZeYYrv5yjpib0x33qeol1gKMdfeeB6z8JwCPFUXciPNPUQGDNRZqgjwgUjbyrvP6ALjnEZPfZf6zT1OLI3wZVQmJkp%2Bc1n9ce8fuktrT%2FNolDnmRe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed048ff1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 clientlib-site.min.32a3933d2715fcd63531ab2638b25ec1.js Show response
by-pay.net/9fc9b7a3/s505d002/43ddea/bwhwpwc.auohtcm.zchonmo/etc.clientlibs/uhcfoundation/clientlibs/ 331 KB
72 KB 76ms
76ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s505d002/43ddea/bwhwpwc.auohtcm.zchonmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.32a3933d2715fcd63531ab2638b25ec1.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ddb7e6a6ee4b8b6b43a5a29c9b72e178548137ed6748fea1be96205a1081d8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWnABuytdqidLOpej%2BV1fW1anJs1%2FarCz%2FoRkw7vX9d9Hiqo4Pm1wC6BL5rZ9wg5id7PpqgX%2FCQUzRc2W%2FDyhKzIWw6eS%2FhBp8LSnP7P3Or%2FBhPdWeEEEnkWsyIO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed049031919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 5.1.0 Show response
by-pay.net/9fc9b7a3/s04142/43ddea/eionnsutxacnnts.hpcafgfez/ 3 KB
1 KB 107ms
107ms Script
text/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s04142/43ddea/eionnsutxacnnts.hpcafgfez/5.1.0
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f

Request headers

Referer: https://by-pay.net/
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2F5rSohnm0g7HacAM40tUqIlvrAeLcxWJjJOagER3%2BCpKNwNc9dMYj%2FwkTCViTFdN8IBxf0knOwX4gJC%2ByKwgZF1ogjuQniBtu8DMLXF8W0nT2FIsJbg8%2BZDVCWm"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cf-ray: 87566eceded51919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 clientlib-livechat.min.97c708380f6c61c536c9dfcf828a40f0.js Show response
by-pay.net/9fc9b7a3/sda050d1b/43ddea/rwcwvwq.puyhtcm.qcnovmg/etc.clientlibs/uhcfoundation/clientlibs/ 16 KB
5 KB 72ms
71ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sda050d1b/43ddea/rwcwvwq.puyhtcm.qcnovmg/etc.clientlibs/uhcfoundation/clientlibs/clientlib-livechat.min.97c708380f6c61c536c9dfcf828a40f0.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f94db72716b7018bcab3aee60b0615800b609a51d0a092af7a82b9fb37d1ac

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:02:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmImh4xX2KSD1w4LJI%2B1FuCRkUR3dROF8N632xRWRE%2Fcf9mMQ%2BAzYHuZZh5XvOKqVNkDboG62vmZecDrx7FyjiTtt2%2FjmCPdbVeOkzbveRLnKVwzaRM7%2B7%2FHgNVj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed049041919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 navigation.svg Show response
abyss-cloud.uhg.com/cdn/assets/material/icons/filled/ 14 KB
4 KB 166ms
49ms Fetch
image/svg+xml 2600:9000:26da:cc00:b:8b8c:d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://abyss-cloud.uhg.com/cdn/assets/material/icons/filled/navigation.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/uhc-header-component.parcel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:cc00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 289a595fa4ed4be7e2a77b798da77a47120abfa69f39b93b72e9b783e651f8b1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Apr 2024 00:45:22 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 22:27:26 GMT
server: AmazonS3
age: 497859
x-amz-cf-pop: MUC50-P4
etag: W/"25a1a584adae848979f55678ce6654b0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
x-amz-cf-id: DnOpBgFbJypwLi0ya2T0FzoEyC8uc6cA7qbvXjxQ6z_fwimYAUOvCQ==

GET
H2 200 action.svg Show response
abyss-cloud.uhg.com/cdn/assets/material/icons/outlined/ 195 KB
51 KB 172ms
55ms Fetch
image/svg+xml 2600:9000:26da:cc00:b:8b8c:d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://abyss-cloud.uhg.com/cdn/assets/material/icons/outlined/action.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/uhc-header-component.parcel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:cc00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c120bf72e021c43d615fc30537b635896cc73a86f7b18f571238b62cf2790811

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Apr 2024 00:45:22 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 22:27:30 GMT
server: AmazonS3
age: 497859
x-amz-cf-pop: MUC50-P4
etag: W/"5b89aab78757705e8c5004544a20b036"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
x-amz-cf-id: 6FTqGqMaLtdgV6Xayrhy52HfZau4q793KruZfL7Nnk-FiiWBRObQmA==

GET
H2 200 hardware.svg Show response
abyss-cloud.uhg.com/cdn/assets/material/icons/filled/ 26 KB
7 KB 216ms
99ms Fetch
image/svg+xml 2600:9000:26da:cc00:b:8b8c:d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://abyss-cloud.uhg.com/cdn/assets/material/icons/filled/hardware.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s79d9/43ddea/dwmwhwu.luyhscq.ecnocms/uhccom-api/static/app/v-1.5.0/uhc-header-component.parcel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:cc00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf3bdab81ba4c11f3a1d3d3a1af071a128eb284b2fadde4a794c8526e45fd4a6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Apr 2024 01:02:34 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 22:27:22 GMT
server: AmazonS3
age: 496827
x-amz-cf-pop: MUC50-P4
etag: W/"d1727900c04276f0902b8fe486d6ec2c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
x-amz-cf-id: AVAm8lr1JohlIpMWDBlJTggcemDfqxC3VuYEaCpl21hGmhGgP1-33g==

GET
H3 200 U-mark-blue.svg
by-pay.net/content/dam/uhcdotcom/website-assets/ 427 B
715 B 50ms
49ms Image
image/svg+xml 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/content/dam/uhcdotcom/website-assets/U-mark-blue.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVAVgOs%2BWevFsVdHGOka%2FQ60mlhbyO4jegv0tmUqDwGvtBn9S01%2BZXs5TuIUcBFrEA1YULuJR1Qr0yJRR4lhO4xAQLnyH%2FwB0jBTUqYeWFA7CO%2BBf3dDcUsyhSKF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 87566ed16ab31919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 search%201.svg
by-pay.net/content/dam/uhcstore/ 427 B
714 B 58ms
58ms Image
image/svg+xml 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/content/dam/uhcstore/search%201.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROvwwyroXMIGqcVsDlVXCke5E4OY18HiChc8W%2Ftpc2wKOXS1GS034UyrRExVL58pAF5MlyA31HjsqCjRr%2B8huLA%2BOIexOBNEdGphthzGNzlST%2BJ9W28G0XAwG4Nu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 87566ed16ab61919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 id Show response
dpm.demdex.net/ 965 B
1 KB 188ms
58ms XHR
application/json 52.17.32.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1713294180053

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.17.32.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-32-208.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7529bae8d14815de77e23a7d1684715a23a1b3bd1cac0e4736960bd682a1d24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-2-v060-08af38d27.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Tue, 16 Apr 2024 19:03:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: OnwrmM6hQ0s=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://by-pay.net
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 550
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 156ms
54ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://by-pay.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Tue, 16 Apr 2024 20:03:00 GMT

GET
H3 200 floodlight-v2.js Show response
by-pay.net/content/dam/uhcdotcom/en/js/ 9 KB
4 KB 51ms
51ms Script
application/javascript 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/content/dam/uhcdotcom/en/js/floodlight-v2.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d02266586567d3889ef80ab66eae3f377deaab9bb42ba209e8fb7e9890371458

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zk5uZDcZpku9q0%2FCwjfM4XBYxXZ9BW0VLYukEbSy%2BbHRUtPpk8Glrb%2BVNRWZ96p2dEjEz3weZbG1G%2BO7H7gXtYFs%2BDHKpZxG193YbwQBecO7QMEnFzZB5K85tOba"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed1bb111919-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK doc.gif
164773174ba1.o3n.io/files/x11o4txpj3p2mvm7e70ugynn2/ 43 B
183 B 800ms
126ms Image
image/gif 34.203.47.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://164773174ba1.o3n.io/files/x11o4txpj3p2mvm7e70ugynn2/doc.gif?l=https://by-pay.net/&r=
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.203.47.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-47-152.compute-1.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 16 Apr 2024 19:03:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK image.gif
hub.uhg-monarchhealthcare.com/content/x11o4txpj3p2mvm7e70ugynn2/ 43 B
183 B 381ms
127ms Image
image/gif 34.203.47.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hub.uhg-monarchhealthcare.com/content/x11o4txpj3p2mvm7e70ugynn2/image.gif?l=https://by-pay.net/&r=
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.203.47.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-47-152.compute-1.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 16 Apr 2024 19:03:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 RCebd108586b254f4c8ef8b35548df3d40-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/ 577 B
581 B 51ms
50ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RCebd108586b254f4c8ef8b35548df3d40-source.min.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3a23de60518bafc0bdd564e4786bdca3a5e09ccfe07c7e88ded7bd819c1444a3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 09:11:49 GMT
server: AkamaiNetStorage
etag: "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://by-pay.net
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 328
expires: Tue, 16 Apr 2024 20:03:00 GMT

GET
H2 200 RC8713f7b607ec4b7e8bc1f65beb22a231-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/ 480 B
537 B 52ms
52ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RC8713f7b607ec4b7e8bc1f65beb22a231-source.min.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3fb3695cab709c4f65560c366fe1b1e14a76434827b534e386626d380c195b89

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 09:11:49 GMT
server: AkamaiNetStorage
etag: "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://by-pay.net
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 284
expires: Tue, 16 Apr 2024 20:03:00 GMT

GET
H2

200

uhc-wordmark-stacked-white-01.svg
www.uhc.com/content/dam/uhcdotcom/website-assets/
Redirect Chain

https://uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg
https://www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg

6 KB
2 KB

188ms
41ms

Image
image/svg+xml

2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC7) /

Resource Hash

357090e2f9d750e56fb2dde346e4127d042017e56d1d141ae640d50d4b65b7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-dispatcher: dispatcher3eastus2-28515848
date: Tue, 16 Apr 2024 19:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310961
x-vhost: uhccom-publish
x-cache: HIT
content-disposition: inline
content-length: 1890
last-modified: Wed, 13 Sep 2023 17:41:45 GMT
server: ECAcc (frc/4CC7)
etag: "19a6-6054112b30840-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Thu, 16 May 2024 19:03:01 GMT

Redirect headers

Location: https://www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg
Date: Tue, 16 Apr 2024 19:03:00 GMT
Server: Microsoft-Azure-Application-Gateway/v2
Connection: keep-alive
Content-Length: 195
Content-Type: text/html

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
345 B 501ms
260ms Fetch
application/json 2600:1f18:24e6:b902:7623:11a0:2b80:6002
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=91d37a34-9741-4667-9830-6789f79172c4&batch_time=1713294180247

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:7623:11a0:2b80:6002 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

f4e094175e5a94220ce2fcff492d493fee08501dc305d4f3dbb59995c713667a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 91d37a34-9741-4667-9830-6789f79172c4

GET tag.js
lptag.liveperson.net/tag/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 144ms
58ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2057bb58f499fb80545c263168f90fac938e153d7ab4e2be150ab6bfe9e95878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74700
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 dest5.html
unitedhealthgroup.demdex.net/ Frame ACF1 0
0 171ms
55ms Document
text/html 54.170.54.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.170.54.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-54-208.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 16 Apr 2024 19:03:00 GMT
dcs: dcs-prod-irl1-1-v060-034bc7748.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 9 Apr 2024 11:57:51 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: 1RKAOxmjTN8=

GET
H2

200

ibs:dpid=411&dpuuid=Zh7LZAAAAEPb2wOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=24806101446174489933474233071095741094
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh7LZAAAAEPb2wOJ

42 B
717 B

64ms
64ms

Image
image/gif

52.17.32.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh7LZAAAAEPb2wOJ

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Server

52.17.32.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-32-208.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

dcs: dcs-prod-irl1-1-v060-034bc7748.edge-irl1.demdex.com 6 ms
pragma: no-cache
date: Tue, 16 Apr 2024 19:03:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: zUq8i9cxSdc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zh7LZAAAAEPb2wOJ
Date: Tue, 16 Apr 2024 19:03:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
starget.uhc.com/rest/v1/ 360 B
836 B 216ms
74ms XHR
application/json 66.235.152.225
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://starget.uhc.com/rest/v1/delivery?client=unitedhealthgroup&sessionId=20ce2ebc72c94ff2b44b300027e0d3c0&version=2.10.0

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.225 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-225.data.adobedc.net

Software

jag /

Resource Hash

238441ba6952c32bb9fbb73794f6844b61e074382375ed355447c55ca6bf3cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://by-pay.net
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 5871bb4b-59b3-48c4-b407-c5cfe552b59f

GET
H2 200 RC866574c7cf164bff835f84c1c8202384-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/ 974 B
762 B 66ms
66ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RC866574c7cf164bff835f84c1c8202384-source.min.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 97b974eb76c9d1a208f20fa334f8ced00b70a6b61ce967ccb5627fa83b28bc03

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 09:11:49 GMT
server: AkamaiNetStorage
etag: "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://by-pay.net
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 509
expires: Tue, 16 Apr 2024 20:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 157ms
156ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9549424&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f03590fdcd51edb61da36fa007e2f4f6423accf45039009bd5f90c885e93577c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72263
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 160ms
159ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6a949e46372b165b16dcd0b89d94180b622d2de27fdacb7110b5dfabad9b106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83378
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
77 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-845491994&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e71ff47b4a5106feca083fa1899124c48241c7639f8eac84bf06548a5e38f47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78607
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-877013082&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcab439c566024f091033ac920e6636c6da960560850239e87ab4d581269f834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80077
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 161ms
161ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-963648696&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ad3ee2cd19e62c58ea1cb4dd2ab7c3dc78314f36b28582e94a114100b440577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80187
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 158ms
158ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1002783284&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7900f98e3da074807c7a1fdb394c11ed2bab67d06698a7a3042bc6cca9a7208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77092
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1031996425&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7338ebca04a324eb1cdfa3c806a767a152e562cac2a3117c3bf969a9ea3c2835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77177
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 162 KB
61 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1035216045&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed10b57bbb7815ae0ec53d11bbfe94602f07a77ecb124f71f2a4e85997250bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62636
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
61 KB 165ms
165ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1066495647&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94b78b9152347c484966309d0ff47e05931b0fd7e369ae2dd9f7f4400422c302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62645
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 162 KB
61 KB 189ms
189ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067173439&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2f3d86aef3232595225579f6fd83bc2c5b7054f99d7c29b9684b5b7b9860f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62697
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 204ms
204ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801664645&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3accb35fbeba1fbef0df5561e080fd65982980a2e0369b3d48225b3f492d2464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80163
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
94 KB 197ms
197ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HZQWR2GYM4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

512e148558fb7d54355b8d0724ad5a980c8447d83e7c07bf1f28f640681ad5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
88 KB 191ms
191ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10851563334&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39a4c5665bcdbfaaabad1215492d6bdcec0ffc8b9fd7ff30ee579ec37204b27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90231
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 204ms
204ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11726966&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84eecdd3403b2763e95c7b2be16e5f42c1e7d9279e38935535084af2abc4d51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72280
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 193ms
193ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8560775&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7adc42f6534d3b47e3cd856337fafa39911ff9adf03a2b3598e75b73c2e5c0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72273
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 205ms
205ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11690551&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb2132d7e10b31029246cfa816e943574c640c08edf35c433fd95cb19e34d5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74582
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 401ms
40ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion: 1, 1
date: Tue, 16 Apr 2024 18:07:02 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: SAFKEWWDH5KETXYV
age: 3359
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: BGp814nXX8YLibvLGQ8UVifRFctXf0HA+UhQEbirmqnwbKm26cDttsITfOyPtz2cMWmM4lNcyBk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 401ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 19:03:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2789, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 6Oszb5xMPurUXArUuDTzxvuFyg8jWzVsFcdwr9uK45GzLl9jvP3J2rNDH6DzqqI6GBr/RBt5D5LSpVaJf65pmw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 422ms
62ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 16 Apr 2024 19:03:00 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A64FEB6C6A14C4588640F6BAEAB35AC Ref B: FRA31EDGE0513 Ref C: 2024-04-16T19:03:00Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 397ms
39ms Script
application/javascript 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 07:42:51 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=63116
accept-ranges: bytes
content-length: 17238

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/uhg/uhc/p/ 503 KB
151 KB 1959ms
1603ms Script
application/javascript 2606:4700::6812:190d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/uhg/uhc/p/detector-dom.min.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38dafa695dca28bd8f21b9f612b4c5dd20b3161dc3b464b3d6724b0912092221

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:02 GMT
x-amz-version-id: cYUvHKb9HSmJKjbdZC9hN1HBvjt2hdHt
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 7112
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Mar 2024 18:26:53 GMT
server: cloudflare
etag: W/"54edd75b9ad953a0e161e92daf2748ab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 87566ed67c439028-FRA
x-amz-cf-id: GgXHAXsKa1JcuwWQ3-Rk291XxHvjHAO4pphvu3pyFFfemikGEusYTA==
expires: Tue, 16 Apr 2024 23:03:02 GMT

GET
H2 200 wrapper.js Show response
universal.iperceptions.com/ 9 KB
4 KB 349ms
43ms Script
application/javascript 2600:9000:20ae:f200:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/wrapper.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:f200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Apr 2024 19:01:49 GMT
content-encoding: gzip
via: 1.1 86f0f41c4d8083f2bfc3d1c3d9719bbc.cloudfront.net (CloudFront)
content-md5: d5YIeO59lrTqhttidyvULA==
age: 70
x-amz-cf-pop: MUC50-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
last-modified: Mon, 22 Mar 2021 18:02:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1176322e-701e-0005-2030-901db7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: JK_-7c3p8XOS5kN9_CGrCXuHYrsC1c78BiqMut-aeJOlXGcIQ6aYpQ==

GET pixel.png
analytics1.ninahale.net/ 0
0

GET
H3 200 path.svg
by-pay.net/9fc9b7a3/sb122d3/43ddea/qwxwqwa.kuphocd.ccnolmz/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 427 B
708 B 70ms
70ms Image
image/svg+xml 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/9fc9b7a3/sb122d3/43ddea/qwxwqwa.kuphocd.ccnolmz/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/path.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a3D%2FptaqR25xy5szVtb5Hwm8z9wH2o3mqJXZ4GKGLuUXILVL5Ve0nYp84RXLeJl7Ec4AIVLcw8HRJL5l0eSdWYQtM3xHYwWSal5hgpiWGk%2BUINIvaF9e%2BLUTeKem"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 87566ed46e831919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UHCSans-Medium.woff2
by-pay.net/9fc9b7a3/sec43155e/43ddea/mahbvybsasm-mckltosuddj.oushpcw.qcdormm/cdn/assets/uhc/fonts/UHCSans/ 43 KB
43 KB 125ms
124ms Font
font/woff2 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sec43155e/43ddea/mahbvybsasm-mckltosuddj.oushpcw.qcdormm/cdn/assets/uhc/fonts/UHCSans/UHCSans-Medium.woff2
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0

Request headers

Referer: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKvy19pUyIQQ%2BZcn4EjY6aiGdhX%2FDfJzfNi8jbydzSrRqmnh385yfe0S%2F8%2Btjk0L29c67u1dID6TA5U%2F5GkdRwkO6AIWd4B3qvtQtpc8fBgACx%2FFp4X8pGl1VkqY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed49ecb1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 CTA_internal_digitalblue.svg
by-pay.net/9fc9b7a3/sca0500dd2/43ddea/wwowjwv.wughxcr.mctofmf/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 427 B
706 B 77ms
77ms Image
image/svg+xml 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/9fc9b7a3/sca0500dd2/43ddea/wwowjwv.wughxcr.mctofmf/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_internal_digitalblue.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKq4KBHRuTgDHy1m8gNi2Tddg0xPATjYcn8gZxgdeVLc8wbcFTuJBRInZNmPKPwgeF49l0jPCmqKY0dlmAWw5n9on93aMgSNC7g%2Fdnx8%2BH7njuJ8mRY3a4I4Kcbq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 87566ed46e8a1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 yt_icon_mono_light.png
by-pay.net/9fc9b7a3/s2ab1dc6c3/43ddea/dwawkwk.tujhdcq.dcbotms/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 68 B
489 B 78ms
78ms Image
image/png 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/9fc9b7a3/s2ab1dc6c3/43ddea/dwawkwk.tujhdcq.dcbotms/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/yt_icon_mono_light.png
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nQozRaejo5SwOWciTpHcKMCh6%2Bq2lXPsGJSWZPDugmw0mG5s6Z68jixzpYc9Uzs3OUda%2Fe%2BbfME3cSEjYpVO7hawT0qsQUVMojS5E%2B%2F3dlUTtogm4XrZi182SIc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 87566ed46e8c1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 caret_down_digitalblue.svg
by-pay.net/9fc9b7a3/s3e300de/43ddea/rwhwnwp.luxhlcc.jczoumw/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 427 B
708 B 79ms
78ms Image
image/svg+xml 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/9fc9b7a3/s3e300de/43ddea/rwhwnwp.luxhlcc.jczoumw/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/caret_down_digitalblue.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrdhnPOsKJJWgTBk%2F%2BIe1%2FBd4uEM50chIaFePfaF7dgpuJJcO4So6r0r7Di9PMwdwxZnvbxQqUJVloeazo816Yz%2BjgW%2Bqih1E72Cut2yl5e0L2c702mAiMoDI20r"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 87566ed46e911919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 caret_down_darkgrey.svg
by-pay.net/9fc9b7a3/s7efd2/43ddea/awvwyws.uubhlcu.kchoxmv/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 427 B
714 B 76ms
76ms Image
image/svg+xml 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by-pay.net/9fc9b7a3/s7efd2/43ddea/awvwyws.uubhlcu.kchoxmv/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/caret_down_darkgrey.svg
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/9fc9b7a3/s194e6/43ddea/kwhwwwx.tuxhwco.scaogmx/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.2063de4beff781e145c7aa6e2ff921a6.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ThuGQsUo75UH2VoQl%2BAF3uPdoeQNRU78mFgbWaSJLE66I5IvLq4ygGPsAGl1A%2F%2BN1VumsMdqyAN%2BWX9cDmKhk7UlJKSeDANGvmfN%2FFUtR0Xq0BaA%2BtT0Y%2FkvByw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 87566ed46e921919-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 402 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e464887c464e83310a0a535eeb81db59e153a1ca1a767d12505aab43735cc71

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H3 200 UHCSans-Bold.woff2
by-pay.net/9fc9b7a3/s3c71/43ddea/jacbiymsfsw-scplaomumdz.rughccn.rcpoomr/cdn/assets/uhc/fonts/UHCSans/ 43 KB
43 KB 114ms
113ms Font
font/woff2 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s3c71/43ddea/jacbiymsfsw-scplaomumdz.rughccn.rcpoomr/cdn/assets/uhc/fonts/UHCSans/UHCSans-Bold.woff2
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265

Request headers

Referer: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cxq70oaGHvQZgurXiUs17xN5gODL8VvK223PMNLgDlViUZ66o3F8UW7u7R6uRC3u1feHuqeczRbv3wvWQY8CGwRJFo5pkNKEl1yQOV9ppI7vZbbft1ypM70M8qx"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed49ed01919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UHCSans-SemiBold.woff2
by-pay.net/9fc9b7a3/sf219d691/43ddea/xaubgyksbsv-wcglfozucdc.fuzhock.hcqovmm/cdn/assets/uhc/fonts/UHCSans/ 42 KB
42 KB 58ms
57ms Font
font/woff2 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sf219d691/43ddea/xaubgyksbsv-wcglfozucdc.fuzhock.hcqovmm/cdn/assets/uhc/fonts/UHCSans/UHCSans-SemiBold.woff2
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b536a49e330f9c2255e6eaaf84896d4617134f2b7d0f831d5654a11b399f0a4

Request headers

Referer: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 39
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FTTHRDr%2Flj0OZw6GfKS%2BV%2FhOaSVIqFL%2BEeRDJ%2B7EOphE3Qr537MVej32cumVMYBtWtKK7wHtY5SY1HKNHZHSeAitFrCCxgr3XSEFrEtV%2FCFMjOA%2B6YOI9I9vqLM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed49ed21919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UHCSans-Medium.woff2
by-pay.net/9fc9b7a3/s15663ae/43ddea/cagbwyosvsw-hcjldozufdx.rufhhcz.ucrommj/cdn/assets/uhc/fonts/UHCSans/ 43 KB
43 KB 60ms
58ms Font
font/woff2 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s15663ae/43ddea/cagbwyosvsw-hcjldozufdx.rufhhcz.ucrommj/cdn/assets/uhc/fonts/UHCSans/UHCSans-Medium.woff2
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0

Request headers

Referer: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 39
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2imAzL7TMCtLrWGGKd%2FcS8j35VznVpVyNTcm1BXiRmUNqPtlaDsl2wzQ5LrR6oChSrddHHU1%2BwxVWcK4aAKdPyYLLOksvdtnCsB9AV%2FleK410VtJwbT9EUkHS3Pp"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed49ed41919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UHCSans-Bold.woff2
by-pay.net/9fc9b7a3/sa2f183/43ddea/vajbvycsqsa-scvlxolupdc.auohrcq.xctomma/cdn/assets/uhc/fonts/UHCSans/ 43 KB
43 KB 123ms
122ms Font
font/woff2 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sa2f183/43ddea/vajbvycsqsa-scvlxolupdc.auohrcq.xctomma/cdn/assets/uhc/fonts/UHCSans/UHCSans-Bold.woff2
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265

Request headers

Referer: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oCDz6x%2FBHvb0qOoosuAIFuBn%2FDTYetFAhgPCL%2FGvdZJsxbYfkBI8AR1uXRR6LXqmDhnVQ792qSOmDkUI7XI0%2BsvAgJUa5g45gU8U17ADKW%2FS%2FURF6FVSNYanXpd4"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed49ed71919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UHCSerif-SemiBold.woff
by-pay.net/9fc9b7a3/s367a8a1/43ddea/yanbkyysnsa-hcqllouuidw.iuqhqcm.qceolmn/cdn/assets/uhc/fonts/UHCSerif/ 34 KB
35 KB 129ms
128ms Font
font/woff 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s367a8a1/43ddea/yanbkyysnsa-hcqllouuidw.iuqhqcm.qceolmn/cdn/assets/uhc/fonts/UHCSerif/UHCSerif-SemiBold.woff
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d5ff3529e4c41bce10c3e0fbc501048606372734d017b991dc2b72fbe3f813a

Request headers

Referer: https://by-pay.net/9fc9b7a3/sf6/43ddea/mwfwpwb.nuvhhcs.acbodmo/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.e30fbd79b4c95b39f491fc9fc9f9a516.css
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGV8vJsIweAggJywG5wPYT0SKFnHLdDCseSKhdAMqN0C3pQM69VyFesFV%2BNbG9GorFhJ36ReLgR5g8YJk4rUaZGtjjbCvbduLCbWN7DCS287j7jPpBb2Edf%2FBUOP"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed49eda1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UHCSerif-SemiBold.woff
by-pay.net/9fc9b7a3/sd169d/43ddea/taqbxyoscsn-tcylkomupdq.aufhqch.kcjozmq/cdn/assets/uhc/fonts/UHCSerif/ 34 KB
35 KB 61ms
60ms Font
font/woff 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sd169d/43ddea/taqbxyoscsn-tcylkomupdq.aufhqch.kcjozmq/cdn/assets/uhc/fonts/UHCSerif/UHCSerif-SemiBold.woff
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d5ff3529e4c41bce10c3e0fbc501048606372734d017b991dc2b72fbe3f813a

Request headers

Referer: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l33QCeVfQ4GS%2BsL%2B5JL6bkl9I8rS0osxGPVeiOWXEKHG0isNo%2F0g%2FaDibKZDK9KxWh15HtvNyNZYwPYzY%2FndzLEPwJFWR8Oem8jv19PrTwJEx8mL8g79%2FSQZlHJA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed49edc1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 UHCSans-BoldItalic.woff2
by-pay.net/9fc9b7a3/se406e1c182/43ddea/wambuyxsasl-cctlsorucdd.dubhmcb.lcrowmp/cdn/assets/uhc/fonts/UHCSans/ 45 KB
45 KB 65ms
63ms Font
font/woff2 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/se406e1c182/43ddea/wambuyxsasl-cctlsorucdd.dubhmcb.lcrowmp/cdn/assets/uhc/fonts/UHCSans/UHCSans-BoldItalic.woff2
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c2d6d9e3a83acd853b5c81c137dfeec7c1f1d470075f23d5639c02d14d6943

Request headers

Referer: https://by-pay.net/9fc9b7a3/sf0/43ddea/ewowjwl.pudhscj.rctoume/uhccom-api/static/app/v-1.3.0/footer.css
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 19:02:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6SiQGYKIear3ze2kfHbRhrV2eJd3tkJWCVYSxYFuLCB%2BtJgeB6AzLK5AThY32Lpp041HZQFbI3hbvoD5o1P7SX9jx1bwXBreu5a3kFFcE78sYIScYSVNPHFPDbG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 87566ed49ede1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 UHCSans-Bold.woff2
abyss-cloud.uhg.com/cdn/assets/uhc/fonts/UHCSans/ 43 KB
43 KB 65ms
63ms Font
font/woff2 2600:9000:26da:cc00:b:8b8c:d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://abyss-cloud.uhg.com/cdn/assets/uhc/fonts/UHCSans/UHCSans-Bold.woff2
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:cc00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265

Request headers

Referer: https://by-pay.net/
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Apr 2024 02:17:25 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 22:28:10 GMT
server: AmazonS3
age: 492336
x-amz-cf-pop: MUC50-P4
etag: "1a240fe1a2f3cb4e9f58fbf8ce1da4b1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
accept-ranges: bytes
content-length: 43840
x-amz-cf-id: TFG_oPjfgBe8o7MC5lA86xlNwoVa7dlBQqTT5JPOvwVaZRBlU9YA6w==

GET
H2 200 UHCSans-Medium.woff2
abyss-cloud.uhg.com/cdn/assets/uhc/fonts/UHCSans/ 43 KB
43 KB 49ms
47ms Font
font/woff2 2600:9000:26da:cc00:b:8b8c:d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://abyss-cloud.uhg.com/cdn/assets/uhc/fonts/UHCSans/UHCSans-Medium.woff2
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:cc00:b:8b8c:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0

Request headers

Referer: https://by-pay.net/
Origin: https://by-pay.net
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Apr 2024 02:17:25 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 22:28:11 GMT
server: AmazonS3
age: 492336
x-amz-cf-pop: MUC50-P4
etag: "e8afb1e292b4416438ff4125ab20621c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
accept-ranges: bytes
content-length: 43688
x-amz-cf-id: eGgPanUlIqxgBbC6cqJQTt81v-SJvjZJkG2GuCegXXn-E9TW6kiuWw==

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 323ms
61ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/seda980/43ddea/xwlwzwo.muzhycu.xccohmu/etc.clientlibs/uhcfoundation/clientlibs/clientlib-video.min.517c8d13c5a8d4991e78bc79678c6a3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e74935590b4a1ce97eaa8a4415ae0faa86b07792b1bd2bee5863266822a0dabf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 16 Apr 2024 19:03:00 GMT

GET
H2 200 RCe68dc57ab9c945329028bae13e407cfb-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/ 1 KB
797 B 42ms
42ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RCe68dc57ab9c945329028bae13e407cfb-source.min.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: afa7316a4e0b97e897772382dd455fec750788821e02548799a7bf484e924095

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 09:11:49 GMT
server: AkamaiNetStorage
etag: "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://by-pay.net
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 544
expires: Tue, 16 Apr 2024 20:03:00 GMT

GET
H2 200 RCa52dbbc12fcc4ca288684c47305557e0-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/ 2 KB
1 KB 43ms
43ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/e76583461fef/RCa52dbbc12fcc4ca288684c47305557e0-source.min.js
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s28/43ddea/uaeslsieqtpsr.vajdloybaetdztymv.uccoxmf/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1a8fb96deef3c37ebbc6216ebc7a5dc59e8899bb0d283de96d12036f9b88de64

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 09:11:49 GMT
server: AkamaiNetStorage
etag: "3d6cb1e3539afe31e329b9112f2caf03:1713258709.642406"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://by-pay.net
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1050
expires: Tue, 16 Apr 2024 20:03:00 GMT

GET
H3 451 global-alert.html Show response
by-pay.net/9fc9b7a3/sa297/43ddea/fwgwgwi.euwhpch.wcwovmo/content/uhcdotcom/en/home/ 0
392 B 1620ms
1620ms XHR
text/html 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/sa297/43ddea/fwgwgwi.euwhpch.wcwovmo/content/uhcdotcom/en/home/global-alert.html
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPgSCMrgvz3t71G%2BU56nw7VcZ2vsjQIseoARDt3uR9cZ3l%2FC6SQh9zElL0gWgYh8IlKZ2bRx5UAkdGkTZE2I0tRdC66NjOdrgOgNKHh9VFSVz3pbrB%2Fg1M0BY9HY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 87566ed4cf0e1919-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
343 B 254ms
249ms Fetch
application/json 2600:1f18:24e6:b902:7623:11a0:2b80:6002
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=c0f56696-64c5-48fb-b112-75b7aafe68d2&batch_time=1713294180608

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:7623:11a0:2b80:6002 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

f1e1f74032223073d118f7ac7d60a46e3a80253099f77090e2c7d5a4d49bab3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: c0f56696-64c5-48fb-b112-75b7aafe68d2

GET
H2 200 s83334720814529
smetrics.optum.com/b/ss/uhgenterprisecoreprod,uhguhcprd/1/JS-2.23.0-LDQM/ 43 B
372 B 227ms
51ms Image
image/gif 63.140.62.222
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.optum.com/b/ss/uhgenterprisecoreprod,uhguhcprd/1/JS-2.23.0-LDQM/s83334720814529?AQB=1&ndh=1&pf=1&t=16%2F3%2F2024%2021%3A3%3A0%202%20-120&sdid=2700644BFC0D9DB4-78535BC9D26C44A8&mid=32800579653243929044602408398576543055&aamlh=6&ce=UTF-8&pageName=uhc%3Auhc.com%3Apublic%3Aindividuals-families%3Ashort-term-health-insurance%3Ashort%20term%20health%20insurance&g=https%3A%2F%2Fby-pay.net%2F&c.&getPreviousValue=3.0.1&apl=4.0&inList=3.0&manageVars=3.0&lowerCaseVars=1.0&pt=3.0&.c&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=2.23.0%7Eproduction%7E2024-04-16t09%3A10%3A46z&v18=1-800-557-6718&c75=page%7Cuhc%3Auhc.com%3Apublic%3Aindividuals-families%3Ashort-term-health-insurance%3Ashort%20term%20health%20insurance&v100=content&v139=page%20track&v140=uhc&v141=uhc&v142=uhc.com&v143=website&v144=desktop&v145=D%3DpageName&v149=1713294180&v150=mozilla%2F5.0%20%28iphone%3B%20cpu%20iphone%20os%2014_7_1%20like%20mac%20os%20x%29%20applewebkit%2F605.1.15%20%28khtml%2C%20like%20gecko%29%20version%2F14.1.2%20mobile%2F15e148%20safari%2F604.1&v152=D%3Dmid&v153=https%3A%2F%2Fby-pay.net%2F&v154=https%3A%2F%2Fby-pay.net%2F&v157=dcr%20-%20all%20pages%20-%20page%20load%20-%20aa%20-%20send%20beacon&v162=not%20logged%20in&v181=public&v182=individuals-families&v183=short-term-health-insurance&v188=en&v191=prospect&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 19:03:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 17 Apr 2024 19:03:00 GMT
server: jag
etag: 3679271237120950272-4618572156193526721
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15 Apr 2024 19:03:00 GMT

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
343 B 150ms
146ms Fetch
application/json 2600:1f18:24e6:b902:7623:11a0:2b80:6002
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=5074902b-ddd1-4cff-8711-13a3757dabb3&batch_time=1713294180704

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:7623:11a0:2b80:6002 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

f3de615d8143af81b7130f4b9dcf032ef3500b919570f05a8ccaf491135f9160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Apr 2024 19:03:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 5074902b-ddd1-4cff-8711-13a3757dabb3

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 149ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HZQWR2GYM4&gtm=45je44f0v871504411za200&_p=1713294180485&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=51518056.1713294181&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1713294180&sct=1&seg=0&dl=https%3A%2F%2Fby-pay.net%2F&dt=Short%20term%20health%20insurance%20%7C%20UnitedHealthcare%20How%20Many%20Uninsured%20Are%20in%20the%20Coverage%20Gap%20and%20How%20Many.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1499
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZQWR2GYM4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 19:03:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://by-pay.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activityi;src=11690551;type=optmbz;cat=globa0;ord=2166626713497;npa=1;auiddc=1993365246.1713294180;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe44f0v9135076373za200;gcd=13l3l3l...
11690551.fls.doubleclick.net/ Frame B882 0
0 305ms
193ms Document
text/html 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11690551.fls.doubleclick.net/activityi;src=11690551;type=optmbz;cat=globa0;ord=2166626713497;npa=1;auiddc=1993365246.1713294180;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe44f0v9135076373za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fby-pay.net%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11690551&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 278
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 19:03:01 GMT
expires: Tue, 16 Apr 2024 19:03:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
343 B 147ms
147ms Fetch
application/json 2600:1f18:24e6:b902:7623:11a0:2b80:6002
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=5b166a1b-1b4a-44df-b56e-325b25cda9f2&batch_time=1713294180973

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:7623:11a0:2b80:6002 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

f4d171cfde394b05f83416ad76573393c040782264c6342e1b59cd80e5d405a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Apr 2024 19:03:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 5b166a1b-1b4a-44df-b56e-325b25cda9f2

GET
H2 200 10059574.json Show response
s.yimg.com/wi/config/ 46 B
693 B 123ms
41ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10059574.json

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9ad9798c8040a3bbdd97e81527d830f03a1e7218a28ed908282c467272ecb419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

ats-carp-promotion: 1
date: Tue, 16 Apr 2024 19:00:54 GMT
x-amz-version-id: LmmS8hw7Ndk48F9u2G4uRbvKYKu8RrAq
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: ZYT0PWXRXDD4FZM7
age: 128
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: WIigPfZzs9v/tfjBE5SF2Suzocga/bIKdEjnRbotOy0UfwRUUQS1F2isaF6q6ldVRx3DH7PPoS8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 22 May 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 16 Apr 2024 18:40:24 GMT
server: ATS
etag: "aaffcae5d37f1f2b1f04f043482f2168"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/03dc2242/www-widgetapi.vflset/ 216 KB
67 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03dc2242/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889b17a954d92c4905c6da78f51df1906a8826e9b4d0a9e3474d6b423558ec2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 10:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68429
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 04:14:42 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 16 Apr 2025 10:51:13 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1898745%26time%3D1713294180977%26li_adsId%3D2bdeee1d-ea83-4db5-9627-f1e6404eacc8%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQKk...

0
266 B

318ms
222ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQKku8PH-dh75AAAAY7oSoYGcy6lbe5ngJOSCZqB4t0ecNNZeUB7bScuBG4v7EZXyUdiRAc
Requested by: Host: by-pay.net
URL: https://by-pay.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 87E41645349C453F8C066D74FB036B01 Ref B: FRAEDGE1206 Ref C: 2024-04-16T19:03:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYWO2MgNhFU7VHMQX+kww==

Redirect headers

date: Tue, 16 Apr 2024 19:03:01 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2A7DFF0FCCBD4EB2AEA4DC4C6BD65A68 Ref B: DUS30EDGE0308 Ref C: 2024-04-16T19:03:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1713294180977&li_adsId=2bdeee1d-ea83-4db5-9627-f1e6404eacc8&url=https%3A%2F%2Fby-pay.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQKku8PH-dh75AAAAY7oSoYGcy6lbe5ngJOSCZqB4t0ecNNZeUB7bScuBG4v7EZXyUdiRAc
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYWO2MbZ3Wb5hvbqUJWCg==

GET
H2 204 148007063.js Show response
bat.bing.com/p/action/ 0
117 B 64ms
64ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148007063.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 16 Apr 2024 19:03:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F05E3CFD286643EA917B9092FA2C0CF7 Ref B: FRA31EDGE0513 Ref C: 2024-04-16T19:03:01Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
229 B 143ms
143ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148007063&Ver=2&mid=d9e50656-8354-4f7d-a077-6cd581cef58d&sid=f2097760fc2311eeae6c5b4ddd7414da&vid=f2097b20fc2311ee85443508831cca66&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Short%20term%20health%20insurance%20%7C%20UnitedHealthcare%20How%20Many%20Uninsured%20Are%20in%20the%20Coverage%20Gap%20and%20How%20Many.&p=https%3A%2F%2Fby-pay.net%2F&r=&lt=846&evt=pageLoad&sv=1&rn=123401

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Apr 2024 19:03:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 02877A757A8542958B770C4655D54286 Ref B: FRA31EDGE0513 Ref C: 2024-04-16T19:03:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 28088867.js Show response
bat.bing.com/p/action/ 0
119 B 142ms
142ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/28088867.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 16 Apr 2024 19:03:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0DF5B93316044D36A8688FFD0366EE96 Ref B: FRA31EDGE0513 Ref C: 2024-04-16T19:03:01Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 140ms
140ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=28088867&Ver=2&mid=0bb4a4d1-e82e-4b55-b9af-376ffd456da0&sid=f2097760fc2311eeae6c5b4ddd7414da&vid=f2097b20fc2311ee85443508831cca66&vids=0&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Short%20term%20health%20insurance%20%7C%20UnitedHealthcare%20How%20Many%20Uninsured%20Are%20in%20the%20Coverage%20Gap%20and%20How%20Many.&p=https%3A%2F%2Fby-pay.net%2F&r=&lt=846&evt=pageLoad&sv=1&rn=344500

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Apr 2024 19:03:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8DF5FE15478D47A8A3C8256EB0E0A9DE Ref B: FRA31EDGE0513 Ref C: 2024-04-16T19:03:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1231592023559249 Show response
connect.facebook.net/signals/config/ 121 KB
25 KB 383ms
383ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1231592023559249?v=2.9.153&r=stable&domain=by-pay.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bafa7761b5d761ac184e6061ba9eee91669811cd321d0d08e04f3a830754c8ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 19:03:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=65, mss=1294, tbw=63182, tp=-1, tpl=-1, uplat=343, ullat=0
pragma: public
x-fb-debug: JgjT1qLiOdj2jJqSebyef9jp2jMEHAildg8/HziLHtA+oq9BOFBDvyvI1LBqhAv3o04I7FSpsY2/Nn2I+5H3/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 197ms
69ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2016%20Apr%202024%2019%3A03%3A01%20GMT&n=-2d&b=Short%20term%20health%20insurance%20%7C%20UnitedHealthcare%20How%20Many%20Uninsured%20Are%20in%20the%20Coverage%20Gap%20and%20How%20Many.&.yp=10059574&f=https%3A%2F%2Fby-pay.net%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm%2Cadobe

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 19:03:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 16 Apr 2024 19:03:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 120ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1231592023559249&ev=PageView&dl=https%3A%2F%2Fby-pay.net&rl=&if=false&ts=1713294181417&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4124&fbp=fb.1.1713294181414.1736635941&cs_est=true&pm=1&hrl=229f59&ler=empty&cdl=API_unavailable&it=1713294181002&coo=false&cs_cc=1&cas=7801014826596581%2C7553438904750993%2C7212566285532133%2C7210249945706774%2C7115382141921829%2C24536214642630499%2C5857953294268989%2C2239276222823340%2C1009366075833106&rqm=GET

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2758, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 19:03:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
342 B 249ms
249ms Fetch
application/json 2600:1f18:24e6:b902:7623:11a0:2b80:6002
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.8.0%2Capi%3Afetch%2Cenv%3Aunknown%2Cservice%3Auhccom%2Cversion%3A4.6.0&dd-api-key=pub85512767ec74c5f4d068002777a57acf&dd-evp-origin-version=5.8.0&dd-evp-origin=browser&dd-request-id=9ca534ae-9ccc-4cd1-adf1-b31da5b9cef0&batch_time=1713294182319

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:7623:11a0:2b80:6002 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

c7e01c9b9a29b23001d1a9bd279f52be8d56b078de2f8144cb6ffa61ad6ec618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Apr 2024 19:03:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 9ca534ae-9ccc-4cd1-adf1-b31da5b9cef0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
194 B 217ms
217ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Apr 2024 19:03:01 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5753839C2B9C4367B968232FCE35CA3C Ref B: DUS30EDGE0308 Ref C: 2024-04-16T19:03:02Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://by-pay.net
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYWO2MjqKQl4YlnFKoPrg==

GET
H2 200 / Show response
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 10 KB
5 KB 165ms
64ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Requested by

Host: by-pay.net
URL: https://by-pay.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87dae791345d8fbf4d0ee18923b1c3afdcf3ea0e93886cad3687dbb9305eedf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 60355
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"26bb-acWxaHU7iqLBH060YGVo2obG2vQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 87566ee1ea550b57-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 iFrame.html
universal.iperceptions.com/ Frame 14B1 0
0 118ms
40ms Document
text/html 2600:9000:20ae:c000:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/iFrame.html
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:c000:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 193
cache-control: public,max-age=7200
content-encoding: gzip
content-md5: EWwLArd7NRLd/UFGafi8dA==
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 18:59:49 GMT
last-modified: Thu, 21 Sep 2023 17:40:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
via: 1.1 fdac4411ecb7b0a694eea0076a271eb2.cloudfront.net (CloudFront)
x-amz-cf-id: OHz8Wri4fE9J7jXTN00d52i99Yb8SvwfGHOsK3OZILyNwty1nxNeYA==
x-amz-cf-pop: MUC50-P5
x-cache: Hit from cloudfront
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 917ea43d-801e-0010-5f30-90df2e000000
x-ms-version: 2009-09-19

GET
H/1.1 200
OK cls_report Show response
report.uhg.glassboxdigital.io/glassbox/reporting/a0542e07-7e48-6629-e0e8-daefbd48f7c3/ 250 B
1 KB 372ms
118ms XHR
application/json 34.199.5.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://report.uhg.glassboxdigital.io/glassbox/reporting/a0542e07-7e48-6629-e0e8-daefbd48f7c3/cls_report?_cls_s=2fe3525f-3274-4a65-8d95-2bab9f434357%3A0&_cls_v=49419fe9-a0d6-4b94-b873-00e5c32278f9&pv=2&f_cls_s=true

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.199.5.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-5-242.compute-1.amazonaws.com

Software

GlassBox Cligate /

Resource Hash

e18515e40e0bb31578dedc7457a1235c14af8a322cf7f8882c6e7cd01ed5e815

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 16 Apr 2024 19:03:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
Content-Security-Policy: default-src 'self';
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 205
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
vary: origin
Content-Type: application/json
access-control-allow-origin: https://by-pay.net
access-control-allow-credentials: true
GB-Server: g5025
X-Robots-Tag: noindex

GET
H2 200 12.00593e070a6f1562a8b4.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 73 KB
21 KB 67ms
61ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=by-pay.net

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 59161
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"125c9-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87566ee26aab0b57-AMS

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 72 KB
6 KB 200ms
200ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web

Requested by

Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36c481b6a666da13492e76a62948fd2eaf7b74c8853df7aa2d3887b3b9b76a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Apr 2024 19:03:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: application/json
access-control-allow-origin: https://by-pay.net
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 54941ce767746b67
timing-allow-origin: *
cf-ray: 87566ee2cb0c0b57-AMS

GET
H3 200 favicon.ico
by-pay.net/9fc9b7a3/s323/43ddea/kwfwfwk.xughecg.nchommn/etc/designs/uhcfoundation/resources/ 894 B
1 KB 74ms
74ms Other
image/vnd.microsoft.icon 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s323/43ddea/kwfwfwk.xughecg.nchommn/etc/designs/uhcfoundation/resources/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b7b147d01fa1e179194747215e5c9131c452e65b19dc2f3df2f6569fb37ae2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Apr 2024 19:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JnOoHd354NXzGq2WXbqn0gve7ZgoL%2BlGs7r4ZYYk3y38VMVjK%2Fi5lPDzQQlWdGDpSIHdtucbnnIwj6eQp1q8S6d2GGPWdd5rxvr51Z0ERPrnzGIz4c7jWcup159S"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 87566ee2db721919-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
by-pay.net/9fc9b7a3/s6324ee02a/43ddea/dwrwxwq.muxhfcc.ccdovmu/etc/designs/uhcfoundation/resources/ 894 B
1 KB 76ms
76ms Other
image/vnd.microsoft.icon 104.21.51.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://by-pay.net/9fc9b7a3/s6324ee02a/43ddea/dwrwxwq.muxhfcc.ccdovmu/etc/designs/uhcfoundation/resources/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.51.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b7b147d01fa1e179194747215e5c9131c452e65b19dc2f3df2f6569fb37ae2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 02:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AE%2Fx42J83CnprLvlQPFTytUSSLXNoNriibAJRrFjfCUUEdPTXQNFpLQ%2BxBvQSfHtF1z4zU7SUr2KwQ9N09eAhAxOtz7o6YP06PXm6lNcK74rAIv5yYD8Z2z%2FXVV%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 87566ee35c2a1919-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 401 InviteTriggers Show response
api.iperceptions.com/ 0
31 B 61ms
60ms XHR
text/plain 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Requested by: Host: by-pay.net
URL: https://by-pay.net/9fc9b7a3/s9fa8b67374/43ddea/wwxwswu.euohpcw.ccrovmm/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.26aaf3d02280c9e4b4444c7402440718.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://by-pay.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
SecurityToken: ef6177e6-a195-4fc1-9b32-7636466e19b5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 19:03:02 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: -1

OPTIONS
H2 200 InviteTriggers
api.iperceptions.com/ Frame 0
0 221ms
59ms Preflight 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: securitytoken
Access-Control-Request-Method: GET
Origin: https://by-pay.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: securitytoken
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Tue, 16 Apr 2024 19:03:02 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 61ms
61ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=by-pay.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 59162
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"19639-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87566ee49d1b0b57-AMS

GET
H2 200 7.7f92166a279ec8ccbb92.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 60ms
59ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.7f92166a279ec8ccbb92.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 59161
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"b52-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87566ee53da40b57-AMS

GET
H2 200 1.2211346a24b96c334744.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 58ms
58ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.2211346a24b96c334744.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://by-pay.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Apr 2024 19:03:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 59161
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"73f8-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87566ee53da50b57-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lptag.liveperson.net
URL: https://lptag.liveperson.net/tag/tag.js?site=9518691

Domain: analytics1.ninahale.net
URL: https://analytics1.ninahale.net/pixel.png?clientID=2c8b871e52d4e5f5db5ff84a82a45327e20df77edef961c4b6fa0e9c3d97ce5b&id=&id_fp=&host=by-pay.net&page=/&pageURL=https://by-pay.net/&ref=&web_ts=2024-04-16T19:03:00.501Z&adobe_ecid=32800579653243929044602408398576543055&adobe_vid=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&hit_type=pageview

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.by-pay.net/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-21 00:14:06	Name: demdex Value: 24806101446174489933474233071095741094
.by-pay.net/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.by-pay.net/	1970-01-20 22:04:30	Name: _gcl_au Value: 1.1.1993365246.1713294180
.by-pay.net/	1970-01-21 05:30:54	Name: mbox Value: session#20ce2ebc72c94ff2b44b300027e0d3c0#1713296041\|PC#20ce2ebc72c94ff2b44b300027e0d3c0.37_0#1776538981
by-pay.net/	1970-01-20 22:04:30	Name: ifp_params Value: {"tfn":"1-800-557-6718"}
.by-pay.net/	1970-01-20 19:54:55	Name: s_gpv_pagename Value: uhc%3Auhc.com%3Apublic%3Aindividuals-families%3Ashort-term-health-insurance%3Ashort%20term%20health%20insurance
.dpm.demdex.net/	1970-01-21 00:14:06	Name: dpm Value: 24806101446174489933474233071095741094
.by-pay.net/	1970-01-21 05:30:54	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19830%7CMCMID%7C32800579653243929044602408398576543055%7CMCAAMLH-1713898980%7C6%7CMCAAMB-1713898980%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1713301380s%7CNONE%7CMCSYNCSOP%7C411-19837%7CvVersion%7C5.5.0
.demdex.net/	1970-01-21 00:14:06	Name: dextp Value: 771-1-1713294180439\|903-1-1713294180540\|285689-1-1713294180641
.by-pay.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.by-pay.net/	1970-01-21 05:30:54	Name: _ga_HZQWR2GYM4 Value: GS1.1.1713294180.1.0.1713294180.0.0.0
.by-pay.net/	1970-01-21 05:30:54	Name: _ga Value: GA1.1.51518056.1713294181
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: AH45KbIdLYY
.youtube.com/	1970-01-21 00:14:06	Name: VISITOR_INFO1_LIVE Value: c4rDESe69Yc
.youtube.com/	1970-01-21 00:14:06	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgOA%3D%3D
.doubleclick.net/	1970-01-21 05:16:30	Name: IDE Value: AHWqTUkBaRpzgUaBadC8rSoTnjDkKjkX3_WApxnOqSzG06kb8CTT90uLfyvHiYJI_jA
.by-pay.net/	1970-01-20 19:56:20	Name: _uetsid Value: f2097760fc2311eeae6c5b4ddd7414da
.by-pay.net/	1970-01-21 05:16:30	Name: _uetvid Value: f2097b20fc2311ee85443508831cca66
.bing.com/	1970-01-21 05:16:30	Name: MUID Value: 0F5030B68EE96835011B24D58F626983
.yahoo.com/	1970-01-21 04:40:51	Name: A3 Value: d=AQABBGXLHmYCECmrNUEBn5eEgctHz3mBCKoFEgEBAQEcIGYoZuAOyiMA_eMAAA&S=AQAAAkq-Y29jV0pgAxMC8pGNjj8
.linkedin.com/	1970-01-20 22:04:30	Name: li_sugr Value: 4bf5961e-d66f-4851-8a57-7a2ce7fe2033
.linkedin.com/	1970-01-21 04:40:30	Name: bcookie Value: "v=2&0f1c2060-5c91-480a-8e50-20bca6e69175"
.linkedin.com/	1970-01-20 19:56:20	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2783:u=1:x=1:i=1713294181:t=1713380581:v=2:sig=AQGIJ6L6jhphoMtz6o7QbgmOtQsL9fHZ"
.by-pay.net/	1970-01-20 22:04:30	Name: _fbp Value: fb.1.1713294181414.1736635941
.linkedin.com/	1970-01-20 20:38:06	Name: UserMatchHistory Value: AQKBWFuP8jMfdgAAAY7oSoRAZRayY9XIM5RrirSvSexoWEt1_hwefsPcn-K6iJanNSvNdfEf3lrTGA
.linkedin.com/	1970-01-20 20:38:06	Name: AnalyticsSyncHistory Value: AQLKtrypaU_3uQAAAY7oSoRA2l2xXYCf3ltdIetu_ovf6po_O041rGiB_AhW4H__Seuebf7N8Z0dJgFDo4-f0w
.www.linkedin.com/	1970-01-21 04:40:30	Name: bscookie Value: "v=1&202404161903012eef77e0-2ea1-4b61-8cf9-eb7b27908ec7AQEsf6iwVLNHtNaV8hnyWl_D7qits2b6"
.linkedin.com/	1970-01-21 00:14:06	Name: li_gc Value: MTswOzE3MTMyOTQxODE7MjswMjFaVNRr4jatVeGt0jiPOxvEU/ZjxwCt6yUAUYoKApkIBg==
.by-pay.net/	1970-01-21 05:30:54	Name: _cls_v Value: 49419fe9-a0d6-4b94-b873-00e5c32278f9
.by-pay.net/	1969-12-31 23:59:59	Name: _cls_s Value: 2fe3525f-3274-4a65-8d95-2bab9f434357:0
report.uhg.glassboxdigital.io/	1970-01-20 20:04:58	Name: AWSALBCORS Value: 3KP+zGQe/v/YG4N6h4wCsucLAeb+piLZSmkqh15yIOIF/3Mk9DnUZAioEUowAtjXhATxQFX7w60PpyZUiApXEGLZ8IRdI6jU9F/FyT5uYjvjiI1uuWedHyq1ovAz
report.uhg.glassboxdigital.io/	1969-12-31 23:59:59	Name: _cls_cfgver Value: 0
report.uhg.glassboxdigital.io/	1969-12-31 23:59:59	Name: _cls_s Value: 2fe3525f-3274-4a65-8d95-2bab9f434357:0
report.uhg.glassboxdigital.io/	1969-12-31 23:59:59	Name: _cls_v Value: 49419fe9-a0d6-4b94-b873-00e5c32278f9
by-pay.net/	1969-12-31 23:59:59	Name: ipe_s Value: 08c03a6b-c313-a59a-f500-ea3fc1ea53b3
by-pay.net/	1970-01-20 19:54:55	Name: _dd_s Value: rum=2&id=7b1f5796-8841-45fa-9aeb-7e790d7ed529&created=1713294180215&expire=1713295080215

78 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://analytics1.ninahale.net/pixel.png?clientID=2c8b871e52d4e5f5db5ff84a82a45327e20df77edef961c4b6fa0e9c3d97ce5b&id=&id_fp=&host=by-pay.net&page=/&pageURL=https://by-pay.net/&ref=&web_ts=2024-04-16T19:03:00.501Z&adobe_ecid=32800579653243929044602408398576543055&adobe_vid=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&hit_type=pageview Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1231592023559249?v=2.9.153&r=stable&domain=by-pay.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 94) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://by-pay.net/9fc9b7a3/sa297/43ddea/fwgwgwi.euwhpch.wcwovmo/content/uhcdotcom/en/home/global-alert.html Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://by-pay.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.iperceptions.com/InviteTriggers Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11690551.fls.doubleclick.net
164773174ba1.o3n.io
abyss-cloud.uhg.com
analytics1.ninahale.net
api.iperceptions.com
assets.adobedtm.com
bat.bing.com
browser-intake-datadoghq.com
by-pay.net
cdn.gbqofs.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
hub.uhg-monarchhealthcare.com
lptag.liveperson.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
report.uhg.glassboxdigital.io
s.yimg.com
siteintercept.qualtrics.com
smetrics.optum.com
snap.licdn.com
sp.analytics.yahoo.com
starget.uhc.com
uhc.com
unitedhealthgroup.demdex.net
universal.iperceptions.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
www.uhc.com
www.youtube.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
analytics1.ninahale.net
lptag.liveperson.net
104.17.208.240
104.21.51.155
13.107.42.14
142.250.186.166
20.221.105.198
2001:4860:4802:32::36
212.82.100.181
2600:1f18:24e6:b902:7623:11a0:2b80:6002
2600:9000:20ae:c000:8:e7ba:7440:93a1
2600:9000:20ae:f200:8:e7ba:7440:93a1
2600:9000:26da:cc00:b:8b8c:d40:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:190d
2620:1ec:21::14
2620:1ec:c11::237
2a00:1288:80:807::2
2a00:1450:4001:81d::200e
2a00:1450:4001:831::2008
2a02:26f0:3500:16::215:1491
2a02:26f0:3500:587::1e80
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.199.5.242
34.203.47.152
52.138.200.61
52.17.32.208
54.170.54.208
63.140.62.222
66.235.152.225
99.81.63.100
03924d3fec77196d478d1f28aae8905471acdd3179bf2bf413f32c5609cd489c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
11ddb7e6a6ee4b8b6b43a5a29c9b72e178548137ed6748fea1be96205a1081d8
12f94db72716b7018bcab3aee60b0615800b609a51d0a092af7a82b9fb37d1ac
1a8fb96deef3c37ebbc6216ebc7a5dc59e8899bb0d283de96d12036f9b88de64
1ad3ee2cd19e62c58ea1cb4dd2ab7c3dc78314f36b28582e94a114100b440577
1d739d66df8f62ebcba410b522f5dbd7b8ea70e612dacf475efb7a448a2ddd25
2057bb58f499fb80545c263168f90fac938e153d7ab4e2be150ab6bfe9e95878
238441ba6952c32bb9fbb73794f6844b61e074382375ed355447c55ca6bf3cc6
289a595fa4ed4be7e2a77b798da77a47120abfa69f39b93b72e9b783e651f8b1
2d431d05327b5a609365ea90d43e8c5fa3ca1f15769fb7ffa22f5e273fd8a71a
3391dd1b8b0cd7b5f6b3d36494742d2fe55ee0f234877381cf6567797dea902d
357090e2f9d750e56fb2dde346e4127d042017e56d1d141ae640d50d4b65b7ce
36c481b6a666da13492e76a62948fd2eaf7b74c8853df7aa2d3887b3b9b76a5d
38dafa695dca28bd8f21b9f612b4c5dd20b3161dc3b464b3d6724b0912092221
39a4c5665bcdbfaaabad1215492d6bdcec0ffc8b9fd7ff30ee579ec37204b27a
39c72cd933de1c0942fbeb8b9cc680349ba28be2a749792e223eee3f92e13a53
3a23de60518bafc0bdd564e4786bdca3a5e09ccfe07c7e88ded7bd819c1444a3
3accb35fbeba1fbef0df5561e080fd65982980a2e0369b3d48225b3f492d2464
3fb3695cab709c4f65560c366fe1b1e14a76434827b534e386626d380c195b89
442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
512e148558fb7d54355b8d0724ad5a980c8447d83e7c07bf1f28f640681ad5cf
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
73219454aee2a1f99cd9de00731df9ff3fb1d4349eceb2a16562271e3d0cca8d
7338ebca04a324eb1cdfa3c806a767a152e562cac2a3117c3bf969a9ea3c2835
7529bae8d14815de77e23a7d1684715a23a1b3bd1cac0e4736960bd682a1d24e
773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73
7adc42f6534d3b47e3cd856337fafa39911ff9adf03a2b3598e75b73c2e5c0c6
7b7b147d01fa1e179194747215e5c9131c452e65b19dc2f3df2f6569fb37ae2b
7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84eecdd3403b2763e95c7b2be16e5f42c1e7d9279e38935535084af2abc4d51a
87dae791345d8fbf4d0ee18923b1c3afdcf3ea0e93886cad3687dbb9305eedf5
889b17a954d92c4905c6da78f51df1906a8826e9b4d0a9e3474d6b423558ec2b
8f62bc61a09caddbe2c87c2a4e2f74f8333892209f82f141ee7f4a0b100e52fb
94b78b9152347c484966309d0ff47e05931b0fd7e369ae2dd9f7f4400422c302
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
97b974eb76c9d1a208f20fa334f8ced00b70a6b61ce967ccb5627fa83b28bc03
984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b
99bfccb342ab0c0a7508e4c2b0ed9377d70d8e604d155999869053d7131e6767
9ad9798c8040a3bbdd97e81527d830f03a1e7218a28ed908282c467272ecb419
9b536a49e330f9c2255e6eaaf84896d4617134f2b7d0f831d5654a11b399f0a4
9d5ff3529e4c41bce10c3e0fbc501048606372734d017b991dc2b72fbe3f813a
9e464887c464e83310a0a535eeb81db59e153a1ca1a767d12505aab43735cc71
a002936493c6365c951278a9d1eb42cf91c3be2676a5d48adbe205b64775f594
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a7c2d6d9e3a83acd853b5c81c137dfeec7c1f1d470075f23d5639c02d14d6943
a8fc53cdae3b946b74985f656d0fd02916b1aa28728ca2e45f3cd5dcc15d79e0
afa7316a4e0b97e897772382dd455fec750788821e02548799a7bf484e924095
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b7900f98e3da074807c7a1fdb394c11ed2bab67d06698a7a3042bc6cca9a7208
bafa7761b5d761ac184e6061ba9eee91669811cd321d0d08e04f3a830754c8ba
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
bf3bdab81ba4c11f3a1d3d3a1af071a128eb284b2fadde4a794c8526e45fd4a6
c0bfba68da2ee5b397bd8232c6c1ab0291d9478daf036b83143386be55ec85f1
c120bf72e021c43d615fc30537b635896cc73a86f7b18f571238b62cf2790811
c7e01c9b9a29b23001d1a9bd279f52be8d56b078de2f8144cb6ffa61ad6ec618
c8d03735b0c005231eb0e39003b3ee6d25fddd0810254ea362d7173a7022f85c
c94a6d02a327e442fce70e1accac9a3f1ea754bf01df9965149d4fe8051360dc
d02266586567d3889ef80ab66eae3f377deaab9bb42ba209e8fb7e9890371458
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e18515e40e0bb31578dedc7457a1235c14af8a322cf7f8882c6e7cd01ed5e815
e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad
e2f3d86aef3232595225579f6fd83bc2c5b7054f99d7c29b9684b5b7b9860f08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71ff47b4a5106feca083fa1899124c48241c7639f8eac84bf06548a5e38f47d
e74935590b4a1ce97eaa8a4415ae0faa86b07792b1bd2bee5863266822a0dabf
e78c1ddf06080ddcb313fa288a74e92787efd7acf30137921cad5fbdffbe589b
eb2132d7e10b31029246cfa816e943574c640c08edf35c433fd95cb19e34d5f1
ed10b57bbb7815ae0ec53d11bbfe94602f07a77ecb124f71f2a4e85997250bfd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe6705c4be1187ea37cbb36047614f27a19cbf540cea9892f7a15824f99ec6e
f03590fdcd51edb61da36fa007e2f4f6423accf45039009bd5f90c885e93577c
f1e1f74032223073d118f7ac7d60a46e3a80253099f77090e2c7d5a4d49bab3e
f30542f7650a4a2419c4f18ec15debea61fb13556594705316b482b1d3d90db0
f3de615d8143af81b7130f4b9dcf032ef3500b919570f05a8ccaf491135f9160
f4d171cfde394b05f83416ad76573393c040782264c6342e1b59cd80e5d405a4
f4e094175e5a94220ce2fcff492d493fee08501dc305d4f3dbb59995c713667a
f6a949e46372b165b16dcd0b89d94180b622d2de27fdacb7110b5dfabad9b106
fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f
fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0
fcab439c566024f091033ac920e6636c6da960560850239e87ab4d581269f834

by-pay.net Open in urlscan Pro 104.21.51.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

95 %HTTPS

53 %IPv6

27 Domains

34 Subdomains

29 IPs

5 Countries

3086 kBTransfer

9760 kBSize

37 Cookies

7 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

by-pay.net Open in urlscan Pro
104.21.51.155 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

95 %
HTTPS

53 %
IPv6

27
Domains

34
Subdomains

29
IPs

5
Countries

3086 kB
Transfer

9760 kB
Size

37
Cookies

111 HTTP transactions
1 data transactions