sberpay-securedpayment.ru Open in urlscan Pro
172.67.211.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Submission: On April 28 via manual (April 28th 2023, 6:51:03 am UTC) from IN — Scanned from US

Summary HTTP 136 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 2 countries across 28 domains to perform 136 HTTP transactions. The main IP is 172.67.211.185, located in United States and belongs to CLOUDFLARENET, US. The main domain is sberpay-securedpayment.ru.
TLS certificate: Issued by E1 on April 21st 2023. Valid for: 3 months.

This is the only time sberpay-securedpayment.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	172.67.211.185 172.67.211.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.5.192 35.190.5.192	15169 (GOOGLE) (GOOGLE)
1	34.111.78.58 34.111.78.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.203.47.152 34.203.47.152	14618 (AMAZON-AES) (AMAZON-AES)
1 6	3.209.96.37 3.209.96.37	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:141b:500... 2600:141b:5000:58e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	18.211.21.58 18.211.21.58	14618 (AMAZON-AES) (AMAZON-AES)
1	34.199.30.243 34.199.30.243	14618 (AMAZON-AES) (AMAZON-AES)
17	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
3	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:141b:900... 2600:141b:9000::1725:7bba	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:180d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:251... 2600:9000:2510:fe00:8:e7ba:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
2 7	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2 2	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1 2	69.169.86.39 69.169.86.39	29838 (AMC) (AMC)
1 2	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ec:3400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1	63.140.36.139 63.140.36.139	16509 (AMAZON-02) (AMAZON-02)
11	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
6	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.224.15.124 54.224.15.124	14618 (AMAZON-AES) (AMAZON-AES)
2	52.232.246.181 52.232.246.181	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
136	30

48 172.67.211.185 (United States)

ASN13335 (CLOUDFLARENET, US)

sberpay-securedpayment.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.5.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.5.190.35.bc.googleusercontent.com

cdn.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.78.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.78.111.34.bc.googleusercontent.com

a1.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.47.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-47-152.compute-1.amazonaws.com

164773174ba1.o3n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.209.96.37 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-96-37.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:141b:5000:58e::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.21.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-21-58.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.30.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-30-243.compute-1.amazonaws.com

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:821::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:9000::1725:7bba (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:180d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2510:fe00:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.65.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.169.86.38 (Woodbridge, United States) 2 redirects

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.169.86.39 (Woodbridge, United States) 1 redirects

ASN29838 (AMC, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

11690551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:3400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.36.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-139.data.adobedc.net

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:822::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.15.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-15-124.compute-1.amazonaws.com

report.uhg.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.232.246.181 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	sberpay-securedpayment.ru sberpay-securedpayment.ru	587 KB
17	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	964 KB
15	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 11690551.fls.doubleclick.net — Cisco Umbrella Rank: 430828	17 KB
12	google.com www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	2 KB
6	qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 85849 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1350	68 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	16 KB
6	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 277 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 61913	8 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	4 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
4	iperceptions.com universal.iperceptions.com — Cisco Umbrella Rank: 15145 api.iperceptions.com — Cisco Umbrella Rank: 14795	5 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	92 KB
2	mookie1.com 1 redirects ib.mookie1.com — Cisco Umbrella Rank: 5563	2 KB
2	ib-ibi.com 2 redirects global.ib-ibi.com — Cisco Umbrella Rank: 3359	939 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 451	959 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 631	7 KB
2	b0e8.com cdn.b0e8.com — Cisco Umbrella Rank: 17663 a1.b0e8.com — Cisco Umbrella Rank: 15807	22 KB
1	glassboxdigital.io report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 79212	2 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1442	633 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	optum.com smetrics.optum.com — Cisco Umbrella Rank: 55392	373 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	261 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	377 B
1	gbqofs.com cdn.gbqofs.com — Cisco Umbrella Rank: 9995	140 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
1	omtrdc.net unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 58721	860 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1516	517 B
1	o3n.io 164773174ba1.o3n.io	183 B
0	ninahale.net Failed analytics1.ninahale.net Failed
136	28

	Domain	Requested by
48	sberpay-securedpayment.ru	sberpay-securedpayment.ru
17	www.googletagmanager.com	sberpay-securedpayment.ru www.googletagmanager.com
11	www.google.com	sberpay-securedpayment.ru
11	googleads.g.doubleclick.net	www.googletagmanager.com
6	assets.adobedtm.com	sberpay-securedpayment.ru
5	siteintercept.qualtrics.com	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com cdn.gbqofs.com siteintercept.qualtrics.com
5	bat.bing.com	sberpay-securedpayment.ru bat.bing.com
5	dpm.demdex.net	1 redirects sberpay-securedpayment.ru
3	px.ads.linkedin.com	3 redirects
3	connect.facebook.net	sberpay-securedpayment.ru connect.facebook.net
2	api.iperceptions.com	cdn.gbqofs.com
2	11690551.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ib.mookie1.com	1 redirects sberpay-securedpayment.ru
2	global.ib-ibi.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	universal.iperceptions.com	sberpay-securedpayment.ru universal.iperceptions.com
2	s.yimg.com	sberpay-securedpayment.ru cdn.gbqofs.com
1	report.uhg.glassboxdigital.io	cdn.gbqofs.com
1	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	sberpay-securedpayment.ru
1	sp.analytics.yahoo.com	sberpay-securedpayment.ru
1	www.facebook.com	sberpay-securedpayment.ru
1	adservice.google.com	11690551.fls.doubleclick.net
1	smetrics.optum.com	sberpay-securedpayment.ru
1	www.google-analytics.com	www.googletagmanager.com
1	px4.ads.linkedin.com	sberpay-securedpayment.ru
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	cdn.gbqofs.com	sberpay-securedpayment.ru
1	snap.licdn.com	sberpay-securedpayment.ru
1	unitedhealthgroup.tt.omtrdc.net	sberpay-securedpayment.ru
1	cm.everesttech.net	1 redirects
1	unitedhealthgroup.demdex.net	sberpay-securedpayment.ru
1	164773174ba1.o3n.io	sberpay-securedpayment.ru
1	a1.b0e8.com	sberpay-securedpayment.ru
1	cdn.b0e8.com	sberpay-securedpayment.ru
0	analytics1.ninahale.net Failed	sberpay-securedpayment.ru
136	37

This site contains no links.

Subject Issuer	Validity	Valid
sberpay-securedpayment.ru E1	`2023-04-21` - `2023-07-20`	3 months	crt.sh
cdn.b0e8.com GTS CA 1D4	`2023-04-25` - `2023-07-24`	3 months	crt.sh
b0e8.com GTS CA 1D4	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.o3n.io R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-04` - `2023-05-05`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-11` - `2023-11-11`	a year	crt.sh
*.iperceptions.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
smetrics.optum.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
uhg.glassboxdigital.io Amazon RSA 2048 M01	`2023-03-01` - `2023-11-07`	8 months	crt.sh

This page contains 4 frames:

Primary Page: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Frame ID: 8F98E847AF36AB9BEE77746D8BB5D65D
Requests: 128 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 6D9D6E9A7B4C27DFA6FC01511BC8B1F0
Requests: 4 HTTP requests in this frame

Frame: https://11690551.fls.doubleclick.net/activityi;dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare
Frame ID: E628F7F301E3750EE8097A4E4F6C53F9
Requests: 2 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: D2D9024E9A64210CEB229465EA58EEAE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Infertility causes and treatment | UnitedHealthcare / Insurance, Payment, and Pricing United Healthgroup Trademark

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

136
Requests

95 %
HTTPS

45 %
IPv6

28
Domains

37
Subdomains

30
IPs

2
Countries

1950 kB
Transfer

5735 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://cm.everesttech.net/cm/dd?d_uuid=73398465150044255630073431695365619481 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEts0QAAAGPkOwNP

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzMzOTg0NjUxNTAwNDQyNTU2MzAwNzM0MzE2OTUzNjU2MTk0ODE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzMzOTg0NjUxNTAwNDQyNTU2MzAwNzM0MzE2OTUzNjU2MTk0ODE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEM9DYuXMA7J3QmIeX9Vke3s&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 70

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=sberpay-securedpayment.ru&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=sberpay-securedpayment.ru&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5454bc96-bb54-4cf7-b960-f58c82e35223

Request Chain 96

https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=73398465150044255630073431695365619481 HTTP 302
https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=73398465150044255630073431695365619481 HTTP 302
https://dpm.demdex.net/ibs:dpid=285689&dpuuid=73398465150044255630073431695365619481&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=73398465150044255630073431695365619481 HTTP 302
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=73398465150044255630073431695365619481

Request Chain 99

https://11690551.fls.doubleclick.net/activityi;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare HTTP 302
https://11690551.fls.doubleclick.net/activityi;dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare

Request Chain 101

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1898745%26time%3D1682664657730%26url%3Dhttps%253A%252F%252Fsberpay-securedpayment.ru%252Fplanned-parenthood-take-unitedhealthcare%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&cookiesTest=true&liSync=true&e_ipv6=AQLDkUuMYJnkmwAAAYfGoRUfhOjSu2ZlOwiv9aai-8GPNA-f4jvXFebdHE1-vFPAHMiEQg

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request planned-parenthood-take-unitedhealthcare Show response
sberpay-securedpayment.ru/ 153 KB
23 KB 632ms
294ms Document
text/html 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75fbba471a4c2a3ddd679a164955e3dd87450d3077371176a17ec5edf7216999

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bed5facbc093ffe-YYZ
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 28 Apr 2023 06:50:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra9af%2FBEVABLJtUqV0U1L2s9NwkeJoe5%2BbuQeGLiwPjMHRhEpL8rM%2FcFvQLv1Ov252URP9dWCOlKOEZTXqJR1EvoNzscxCj8qyOaSPTK0hInmuliI8QAGoKNXKBDoGtefnLPlRBhYr46kP8z"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 clientlib-initial.min.25179b9d69c4eb7ffbbaca379f67cb15.js Show response
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/ 62 KB
22 KB 444ms
443ms Script
application/javascript 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.25179b9d69c4eb7ffbbaca379f67cb15.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc1e9425463c20eeca98f972e1c784d2051b22263c8d9c2452fed4f8c4a280c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQddBAJ4MHP1u48dmWfJztgP54zWJ3qZ58O%2FNlyZpFy1MuIuehSMS%2BYc6nDjes1zlGNtZeR88y3FGgQX0ABh0TLfjiqbuKWqhCOh8g13S1yQ4xR0sVDb73WbQ3IeNL7Wa6cSVCiSVji0gE%2Ft"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: max-age=14400
cf-ray: 7bed5fae9db73ffe-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-polyfills.min.5b1104898c4ac24650b52c1fb065e91e.js Show response
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/ 32 KB
12 KB 348ms
347ms Script
application/javascript 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-polyfills.min.5b1104898c4ac24650b52c1fb065e91e.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d767b2f329777c70c9bdbd7d43528d2752f337638347dec99ae9d25ce63bd94f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG%2BnERnYmYPeMYZ4KHlK2SLiYYRK6ql38koFnn2tPXi80TGIpDJ2WCOz59MXaf9euBYL20gWqpRJfbAl3NZ4vFE2y9VnXFkhNHv8eeuYP7DW%2B8WFIku3CAqqcixx1IwYHeDeKS4Azql0z0JQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: max-age=14400
cf-ray: 7bed5fae9db63ffe-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/ 216 KB
21 KB 621ms
620ms Stylesheet
text/css 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66c1422e0e8a04dbd71793dc58eed1b78c66ea115629e0a60fc94468ce7e1be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfNq9tFzEQpYFwjLm7aRcHbGFX5Whvkww8QDxRKYlnLwBpqTGa7fPPKtRTFl54%2BqHNqGb3jPZOq4diwfKHfjjzPrxKTGVenYlrA9ruABN9YyYTcT1vST1w%2Fiasf0D%2BMnqkuFqFjNN0GoC1zl"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
cache-control: max-age=14400
cf-ray: 7bed5fae9db33ffe-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/ 240 KB
33 KB 632ms
632ms Stylesheet
text/css 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9d1f560426caa59c7d6d08d551e7195ae552a97a2349ce30fc8473e87c5c11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JAKLXV1wAZ4Z4YX6uCPUbDfKsUa1iJVfvuNfQXYkr1SERxsmnU2FWl47xGEj6i50lAPTGI8AS0Nu5XUEVD1schHagYY9bomCS8j5CIIvLBTSiippdwYlwPxW%2F4MWL9ulGtl3T%2BJDEDn2C0k"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
cache-control: max-age=14400
cf-ray: 7bed5fae9db43ffe-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 launch-5e90c3319557.min.js Show response
sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/ 523 KB
130 KB 904ms
903ms Script
application/x-javascript 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a830a17ed9639cd15843520d199424fd83efdd525dbb6e7b6beffd30294414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1miNR7xijLVkGW9Eqny8BZezIeGFXYs5Axn%2BE0lpDCRctl2uHNnRdJ0a1zmMh7i5ofd1L0UxMFp%2BZV7ult7ICv1up8R4HXD04PhGCuer5lefTtkdpH0AI%2BLcOYsQ4uVVYtdB%2BLL1AeuT%2BdV"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: https://assets.adobedtm.com
cache-control: max-age=14400
cf-ray: 7bed5fb29bfc3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 U-mark-blue.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 708 B
910 B 349ms
348ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/U-mark-blue.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5edf7276713b08292c2eb988b2906b022b649352f50be3cabbebf81ce64065c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlTOr%2Buh7CKXkbVGv%2BlST9EqNn5PnlO3W%2BH%2F75FjihBtieISc8qzwukWDPV5RuFbeexX4HTXDluVtuofHj0hbg9PKq7647pEiTwt6mMf9eId3QQZ4WvBW2uwvFs70M5cVtQnhG22JLmHfedh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac053ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo-mobile.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 6 KB
3 KB 328ms
324ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/logo-mobile.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381559206b26b0c6a7d18503c24928a41c25fce278acea4be180ed013368436c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ldp5g0JtEP5bqDCUlz80kUOMkzSfkwqBkwlghYlRsZjgRVgBoRSSLZyorB2l8WqihI4O%2Fsh8b%2Fgv9qX%2FoXIcaMEeGrof8OeeIgsOG%2FTjgV2t9Yk7euxW3Fup7vnMTwMEG417uhTxq%2B%2BDH2oo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac073ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 UHC_MB_Lockup_Horiz_blu_RGB.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 6 KB
3 KB 341ms
338ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/UHC_MB_Lockup_Horiz_blu_RGB.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381559206b26b0c6a7d18503c24928a41c25fce278acea4be180ed013368436c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJmyW3pbHPPv6mwaB6D%2FmtpsfPwUMG873X%2FKjyKF64DWLlYJ93KXupC4XQyZSn0c03MxdcG2hRbjXpLoNbp%2B8hJlcXkcIsVMp1Qps69BGgvtJhCyoH2BHgEk6jCd2J7RbbKHz4d9f7jC1%2Fty"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac083ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 grp_mobile_find_doctor_icon.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 651 B
864 B 347ms
343ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/grp_mobile_find_doctor_icon.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c319d4176c641538e14c748cdb4cd7dc1651b4ec10ef767c586f2b1628003a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9nduoFW1D3cyQtzL0%2FIXJwbJLUK%2FIXnCJdl3c2ExiKCLVM0QUHy1QwIXmKfeF3%2FXTA8CiSHsLorp7GiHhjtn8ELpePC%2BxNz7sPz45gn4GaUF23cb74vMQv5kcXNfnKJ5QBqVNZXJafp5BHG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac093ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 grp_mobile_magnifier_icon.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 417 B
745 B 371ms
368ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/grp_mobile_magnifier_icon.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5992cbcead34bb80da9b732964325a78a8803a2f95bfa850e407401ec86a605

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpP0OoSPPHh5P8phwZ%2BOx5bzzZd%2Bkp4hdMzc0Hpky6XZggegFMLH0P2ZMz3RoZQ8lJyF9bs6015L2SeEPqGmBixXtD7my0mHYXKcnROQqGumyPAdcEtzw3cByedqAAKEL0mKbvBDd8xtaFaZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac0a3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 grp_mobile_signin_icon.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 481 B
771 B 347ms
344ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/grp_mobile_signin_icon.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da9ef2ac02ad19a29e41555f44ce5639db3ef8884ddd7c0364a02a61b51a400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLDtvw%2BnBR%2FqLe4RSDmuw9yRoWr6Hc%2FNv5e2ZZf%2BGZsybTKGUumoYIopVmxNzcZ8%2Blzb05DMJh9QijFOzi0IaSw4R5ipVGHdmDtJEBcHdnnjDtWVVhfaT%2FybH0PZUir%2F%2FYPYEaGZzn9MK1uy"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac0b3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 grp_mobile_hamburger_icon.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 372 B
701 B 354ms
351ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/grp_mobile_hamburger_icon.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8f572ad78aebce8a894413297899eabcbdc22acedd8da45d33224f1d67ac330

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKHgs%2BNXDlErvvVBuo4FEOC61PeRX8jIkvC1UFgbuYPrKECxv7atSpX7nFFCtAFE8xp74N1vrfOSz7On1qkV0Ca5L%2BdFAu4Iy4y6JGe8V3Dvk3eYaGQgXB3%2BqcFlNTxRJcLx8kdQp2YQoWxF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac0c3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 modal_fntt_close_dark.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 531 B
803 B 336ms
332ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/modal_fntt_close_dark.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1689129c5091c4dfd4b0fe3cd4f260d039eff5f1caabed6cb7c1f78227ef6106

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbnLZR%2BHZmZ0FZFQmJeAYziOperakgb8FEqwp8xEL1z9cy3DJpG%2FP9wkbzPAHgIiCAF3H3fjyJimOggb2ABq4UdhTB047PWmMN1J2WgZpVfYuxjF%2B%2FgTghjxIbd%2F7m9XJxIRpfFeAk84tGf5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac0d3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 illustration-care-752x390.jpeg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/health-and-wellness/health-topics/infertility/_jcr_content/root/regioncontainer-main/responsivegrid/container/container_219902903/image.c... 42 KB
42 KB 461ms
457ms Image
image/jpeg 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/health-and-wellness/health-topics/infertility/_jcr_content/root/regioncontainer-main/responsivegrid/container/container_219902903/image.coreimg.82.1280.jpeg/1648152425043/illustration-care-752x390.jpeg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0a21b30a6c7b8e8338c854c56405a0bf2665afa994b89dc877ff9d8c28e659

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QojRUdsy0axAYfeCFCzgZqkKTQxGJ6SkW%2FRL26QDCBVtreU1SQpPvdmKRVnjfASk04BF%2BJxWsglzYPmD7gP73SO0E1b0aL7JUifH3nrWha2qvelI9xNp1uXKXHPNUu%2F5z79CuzAfyBofirEs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 7bed5fb2ac0e3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Facebook.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 301 B
680 B 319ms
316ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/Facebook.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f51d9dbdd6aa842549b5800a3ddca18d4d909ba8e9a8b9ba1285a69e18ba3ec9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZpD8Jxo0nzalpzq3rgkbbDE56worjBlbPT2nu55bENsqLam5DJREKZZ3KBX1AxUJCGO7noBFGifNTyZZW%2BXJrf5Rr0AsAA6Q7RknbXKLHFq4vH%2BufDyOsfI9tJdFe%2FVS68s8uo4sAK9h1bP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac0f3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Twitter.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 847 B
949 B 362ms
358ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/Twitter.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec2d965ff55b2060cf4898ff3e3d86c59a3c50cb8f0008d6a5bf0aaf2cf40dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lrl4F2ryrTdAyrEfvj37IQeRh8UVS6HHqqW%2BVc5L9d6RsX0ScPskXlaWw%2FvRl4p5nVONXSt24nGGEItbSUNIUHUqDPwiPM2DFjCPqR1uyjiHfNIAADFuku7D5VE%2Fch0JS1UqEuddalgQhFXp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac103ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Linkedin.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 518 B
759 B 356ms
353ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/Linkedin.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4327c2b34a48a5279d1fa8908eb0f6de8ac81c70ef2c807d5f8023d1f8b993f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyUobblzxsbJXLLMv10Expje3BZWKwiKFPRGrapQQlXFheKfLMP5jVh0BgAzfoeG9diEG7cCQiil0hoh9SMR9yX6ruSX7BaJ6cdzTm69a%2Fp1L%2FdhzVOZwAZ4RxnFb10hhMa9UpGkFXe75zP1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac113ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Email.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 273 B
666 B 326ms
323ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/Email.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a32bd2114b4e409afac9f1289e9916eb13e2f07130cf31a3e91ed5f3ad3e223

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkK7roYOFQQGFZqn9%2BjBzuM9UwsBMXYxrZ8E8FBC7lJ3hIkOKTNdcGSTOmrMH7iMYFBhoaPNyGMsL1MqbmF4dJzcRJIJsuAr6pEjpq2WdPWtK7Uxl7lNA9lc3%2BPxv0CrbCay4kkRvK%2BM6x1b"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac133ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 uhc-wordmark-stacked-white-01.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 5 KB
2 KB 398ms
395ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3fd81c030319604cfed6e8f0eac6d8699dcaa4ee6a4b923a15e55823cf1025

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w71skTw%2Fb1tebd4MSKfPQ0CFKEzTstYO5R5%2FGNhvuW8LXhHshBiMpAujxv0xdz2gyy56vBG0W%2BCkRlZyV9zvihwH%2BeSmThMMlknMtc3nRedJtMIXCGaDy5lO0s%2Bls8TlIvW2sbnq4uDWIt75"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac143ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 icon-facebook-white.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 1020 B
948 B 342ms
339ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/icon-facebook-white.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f2f1423b5ceb30122c5aa5eb03fc58342490725714f0a231cd9f8c5da143cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKAol6wp7EMaYB8q8%2B1TMydnB7Pj2Dv0rYmh3dc7Ew%2FN8AqT3SIgqUCzf4XgNqU1ALnsQtdtZmyM3HCBuD9yrAciRtgtC2ik6YhxpL7eeJEj1Lg0p2yePnwd3oOhD3pvaOp5yelV1yrWYwcR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac163ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 icon-twitter-white.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 1 KB
1 KB 316ms
313ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/icon-twitter-white.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2356f617f58aee4cf1ee23420203d11255ccc4efe69b04bc998ced2da75349

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5nvAbDvFQ%2B1Ow3%2Fv3ZcN3SJb5nIkf2PU5M0GdW8NZi3BcixLPERg7dAkUDbHpkVY1MSP0AhssauCkN6z52zNcDGfWU3uQa9204DGIff60B1Isz5vAahGzY96P1vR8qBKXwrGLoKqsRRRkp%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac173ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 icon-instagram-white.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 2 KB
1 KB 344ms
341ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/icon-instagram-white.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cbbf4169eee3de4c8364f1f44e7d7dcdcf8f6e5e038b7d0e7c831e0c24633cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThY3rec15RJnPfrx8ZzkkWo0wd60yRInQfOOIK%2B6%2FrqKpvZgA1z7QEHF1FmRQAWfUEkkZbTHag6VKFUR6zCwCz6MCfMhibYotQz9zGpuYVBqFapGFVJpLwchfmgS8j2ry1HOfWt0W%2FvQooGi"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac183ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 icon-youtube-white.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 1 KB
1 KB 329ms
326ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/icon-youtube-white.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62659a31050f1ee81d20ec930f30d92c1f509f31b621286920d6053870656f06

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jss0pmf4r3%2FMxDlYpuqZcVUnKMMlSnx8LVFlp0FJG4POTO7D1v8QNswbORehX0xQweifRWfl8GOOLJAVTBPGK%2BGU28Z%2BdmFfB9ZWCnsMaVJqg9zVQvMnT4FXv8xB%2BJraIq2wZORl59iv41pU"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac193ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 icon-linkedin-white.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/ 1 KB
1 KB 317ms
314ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/dam/uhcdotcom/website-assets/icon-linkedin-white.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caecbd7df1cf56c93befb54bbbfd9f98121a0dc5c7e180ec29f8ac5fa1641804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdAyoJtGFcZN%2Fg%2BkNNcuNjKglKnQjNQT9%2B%2FMZesV0yOtu0Il6JUT6maMsvZTR5HD90o6Xah8lm3l7frxYPc0bdIYkWE6tCefE6OxXpvsbn96DJxYKeoFqfAliQjXk6oi%2FddJl1bjR5Mzyng6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac1a3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo-white.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 1015 B
1 KB 350ms
347ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/logo-white.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6207c72cb8808f45cd69d92925067512a9753108bd41dc7b43b7f21e98fafece

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWCLsW7CssqIfBWeb8Xe%2BCnngr2x0of69Km1f2vFUb08aED5WYkSWpyS5y0GhnFt04%2BK0%2BT%2FSXRtmBzl2woZaMANGUQU6xzepEzDLBNTgqVvKLRDQojFyrC86nxJQGqdzhW%2FihY1v8QIi54x"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fb2ac1b3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 clientlib-video.min.d2675ae5646b7690b5d2c74754e48789.js Show response
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/ 56 KB
18 KB 495ms
492ms Script
application/javascript 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-video.min.d2675ae5646b7690b5d2c74754e48789.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c56ef5dd2604167d793e6652f6660158e858e3d4fea6f2e2f0dcd284dd9a883

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STlo%2BarnJNZTGAQ%2BKfg%2FBcw5qAxJd252fCP3l%2F3GRGAdApQoDTVfJni7B%2F2sG%2FlrQg7o6s0WDepwm6hOjmvCQGYNOYhDYUlHIg6Dht201YluYnqQVZyaUpZFc1TKn4C523YAeKDzpnFB1wcc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: max-age=14400
cf-ray: 7bed5fb2ac1c3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 clientlib-site.min.5ce85bb5c0070a0cd729f241c9f11496.js Show response
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/ 319 KB
71 KB 620ms
617ms Script
application/javascript 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.5ce85bb5c0070a0cd729f241c9f11496.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23ba9ed58802755baf3a4e56c25fd1744f0b6db20d2a9925fb9ca06d8cc9ffa3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unuugevnO2cCBBX%2BSHGouFVufe8de6JM4ybV4fMzk9h7sXfEX%2FvxbKovYbr1JV2kCfejbxJs5yd1LUCMom53fMxqwBwyF9cnz6zV9RlCNSe%2FOnOyQiZjXcWznvb2N8umEMbEkKfZIbkR7LzR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: max-age=14400
cf-ray: 7bed5fb2ac1d3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 5.1.0 Show response
sberpay-securedpayment.ru/811b5240/https/8f2690/instant.page/ 3 KB
2 KB 356ms
355ms Script
text/javascript 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/instant.page/5.1.0
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f

Request headers

Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Origin: https://sberpay-securedpayment.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuCjLt%2FLx8jVJlFO%2BgxQ7jumRN%2BAti%2Fz1tsTk%2BYoqull8wDDInFLCTr7%2BMtB1PbKBFlJCkpiGRNBUk%2BfV34dKwNu8syrdd4RGvXLlqqKxJnMYrfXVSf2YzFtM%2BRq9DZ4giU7LXaUwyqGS87S"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cf-ray: 7bed5fb28bed3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 2ec93f.png
sberpay-securedpayment.ru/ 68 B
561 B 292ms
289ms Image
image/png 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/2ec93f.png
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkKaR7waoGSHuWYdHYEPLKNM5JckRmfZX6D%2FROHMZgwzQrSBfCsQwyKsM6%2FLjPvZWjXGX7USdaLGu9yni3XTECuqXjmaANOc1irvboYX1tI1zpAui3%2Bl95K5aayrUTFHzqaM5Q1KVF5mLbHv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 7bed5fb2ac1e3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 conv_v3.js Show response
cdn.b0e8.com/ 67 KB
22 KB 79ms
24ms Script
application/javascript 35.190.5.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.b0e8.com/conv_v3.js

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.5.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.5.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

b1c1a4244de33316bdab018bf75ff07e00117f979075cf8a0c2c7b932b66fe3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:19:50 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline';
age: 1865
x-guploader-uploadid: ADPycdsYkOzCe9vWQEIBzSh9_CtIBLLDwzqtMPzekoyeFcbuSjluISMGYpvsk2pCN77rUodHqR-N_JuDFtvHMSj2xdqb0HWTKCBR
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21618
last-modified: Mon, 13 Mar 2023 18:19:37 GMT
server: UploadServer
etag: "1da09eff1b7a39f87215784824e30f30"
vary: Accept-Encoding
x-goog-hash: crc32c=QUzV5A==, md5=HaCe/xt6OfhyFXhIJOMPMA==
x-goog-generation: 1678731577674397
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 21618
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 28 Apr 2023 07:19:50 GMT

GET
H2 200 brightedge3.php
a1.b0e8.com/ 35 B
226 B 98ms
33ms Image
image/gif 34.111.78.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.b0e8.com/brightedge3.php?id=f00000000121591&url=https%3A//sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare&ref=&title=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20/%20Insurance%2C%20Payment%2C%20and%20Pricing&metadesc=If%20you%u2019re%20having%20trouble%20geholt%20pregnant%2C%20known%20may%20not%20be%20alone.%20Get%20information%20about%20risk%20factors%20and%20options%20for%20infertility%20treatment.%20&metakeywords=
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.78.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.78.111.34.bc.googleusercontent.com
Software: bws/1.0 /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-be-pop: IAD-1-601
date: Fri, 28 Apr 2023 06:50:46 GMT
via: 1.1 google
last-modified: Tue, 29 Jun 2021 14:16:36 GMT
server: bws/1.0
etag: "60db2b44-23"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H/1.1 200
OK doc.gif
164773174ba1.o3n.io/files/x11o4txpj3p2mvm7e70ugynn2/ 43 B
183 B 178ms
60ms Image
image/gif 34.203.47.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://164773174ba1.o3n.io/files/x11o4txpj3p2mvm7e70ugynn2/doc.gif?l=https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare&r=
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.203.47.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-47-152.compute-1.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 06:50:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 980 B
1 KB 358ms
39ms XHR
application/json 3.209.96.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1682664656706

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.209.96.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-96-37.compute-1.amazonaws.com

Software

Resource Hash

4c88accf36a9abd5eba912c6a2b03150bad18406a932ef85006e3689cab5846b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sberpay-securedpayment.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-2-v047-05a6b0fd3.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 8lWlodNnRuQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://sberpay-securedpayment.ru
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 566
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 134ms
29ms Script
application/x-javascript 2600:141b:5000:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:58e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sberpay-securedpayment.ru
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Fri, 28 Apr 2023 07:50:56 GMT

GET
H3 200 floodlight-v2.js Show response
sberpay-securedpayment.ru/content/dam/uhcdotcom/en/js/ 9 KB
4 KB 326ms
325ms Script
application/javascript 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/content/dam/uhcdotcom/en/js/floodlight-v2.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d02266586567d3889ef80ab66eae3f377deaab9bb42ba209e8fb7e9890371458

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzC4kIRiP0a9E4LMY88NhbfrZSCpk%2FEFU0YreJdUc7gJTeyuCveRDSAzFS%2BrJlPN0dFKSfCqbdRkSyXkmexO%2Bny%2BZkgaEHKgBZ3ccqobuzjC%2BVSFSHUEZioFlG2r71Ehw9jb0mnr22a4OyEp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7bed5fb8b8183ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 RC1f53459021f04c49b68b6a5ab7d7b72e-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/ 974 B
781 B 119ms
56ms Script
application/x-javascript 2600:141b:5000:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/RC1f53459021f04c49b68b6a5ab7d7b72e-source.min.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:58e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 16f11bf3f7eb6aa4e6bc3899e9f3c0d0ab296d45d7541d6a1ea52e794e4a7a13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2023 07:09:07 GMT
server: AkamaiNetStorage
etag: "7c302e080575f14a398bdad1c843128a:1681888147.429781"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sberpay-securedpayment.ru
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 509
expires: Fri, 28 Apr 2023 07:50:56 GMT

GET
H2 200 RC66932473453d4e868ca5fe2308dd07fd-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/ 531 B
579 B 118ms
55ms Script
application/x-javascript 2600:141b:5000:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/RC66932473453d4e868ca5fe2308dd07fd-source.min.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:58e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 27e4978065d6e1580851cde10deea0d07624292a64510e82f61c9fe2c56c4d41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2023 07:09:07 GMT
server: AkamaiNetStorage
etag: "7c302e080575f14a398bdad1c843128a:1681888147.429781"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sberpay-securedpayment.ru
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 307
expires: Fri, 28 Apr 2023 07:50:56 GMT

GET
H2 200 RCbb1cb1b5257f4ef5adf1ce164cf5c011-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/ 1 KB
813 B 90ms
27ms Script
application/x-javascript 2600:141b:5000:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/RCbb1cb1b5257f4ef5adf1ce164cf5c011-source.min.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:58e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 75857c905db51fd750c965398629273deed8aef98f3e4a17930e38ab5d055d44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2023 07:09:07 GMT
server: AkamaiNetStorage
etag: "7c302e080575f14a398bdad1c843128a:1681888147.429781"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sberpay-securedpayment.ru
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 541
expires: Fri, 28 Apr 2023 07:50:56 GMT

GET
H2 200 RC747202e1d4974be3bb5108a91dc33658-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/ 2 KB
1 KB 116ms
54ms Script
application/x-javascript 2600:141b:5000:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/RC747202e1d4974be3bb5108a91dc33658-source.min.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:58e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7c6c71d6aac28e8a82729150bd05ee4be877ecb33d0a3b7d6e42043e860a053c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:56 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2023 07:09:07 GMT
server: AkamaiNetStorage
etag: "7c302e080575f14a398bdad1c843128a:1681888147.429781"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sberpay-securedpayment.ru
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1050
expires: Fri, 28 Apr 2023 07:50:56 GMT

GET
H/1.1 200
OK dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 6D9D 7 KB
3 KB 192ms
40ms Document
text/html 3.209.96.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.209.96.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-96-37.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sberpay-securedpayment.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-2-v047-076294b25.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: h9LSTZ87QV0=
content-encoding: gzip
date: Fri, 28 Apr 2023 06:50:57 GMT
last-modified: Thu, 27 Apr 2023 14:39:32 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZEts0QAAAGPkOwNP
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=73398465150044255630073431695365619481
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEts0QAAAGPkOwNP

42 B
940 B

40ms
39ms

Image
image/gif

3.209.96.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEts0QAAAGPkOwNP

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

HTTP/1.1

Server

3.209.96.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-96-37.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v047-063880f64.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Kw9SvEibQzU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEts0QAAAGPkOwNP
Date: Fri, 28 Apr 2023 06:50:57 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 360 B
860 B 149ms
47ms XHR
application/json 34.199.30.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=a5cbfac103a640a2ad1408d8d7388dfe&version=2.10.0

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.30.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-30-243.compute-1.amazonaws.com

Software

Resource Hash

968ff76651421d0cf5e05a4e9089f04f04541d0bf5b921a2fd679d17debddf99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sberpay-securedpayment.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://sberpay-securedpayment.ru
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: ae5b9de5566c105384faccf058bdd6a1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 95ms
39ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3720026ba0880d4c1949d74f14f16ff9af4d6470308e170c08566376b1bb750e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47168
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 50ms
47ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9549424&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0895f4f31d4c5f94786c3a1c71c293de568a95033bdb47e60832fa7e34ff142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47193
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
69 KB 40ms
38ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8faed3eed4c4ca749ecbbad7c71398b2c75c2ac0d76dd778d4f910ada503402e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70426
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 93ms
91ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-845491994&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07323da6d0d8793923e844e540397cab4d2bf8afa9f77e7d0540dfe5413cff5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66433
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
66 KB 57ms
53ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-877013082&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

272de4ad11921990f01439fe8d414d4a4bfb0071bc03b9db1d60bb85aea6b70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67775
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 53ms
48ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-963648696&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21a10df10e2088b69a6b29c34937386dde2970e6d72cfd833f65662203f0c3a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66560
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 88ms
83ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1002783284&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8fba2879d021df3261c2626d6a6a843984d18de2d9b98699b4006e85f809243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52047
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 66ms
62ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1031996425&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb12a22e0d8aea5a6d56b664cc2b10382d9f2c26adacd117097b40dcc88dbf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52049
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 71ms
67ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1035216045&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc47b0748d1170dcbff15de68090b482230b3b9e33ba6575fb9791144f9e63dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52127
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 115ms
111ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1066495647&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ce40c78c07cf66d96cd157b24fa2185b260b6cc87d67be664a83e79f87f7775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52013
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 119ms
115ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067173439&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d38507187f07b3bdc5589591101533c60ff0f5156e9daacf29d3a75169661b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52013
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
66 KB 127ms
124ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801664645&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63a801b68c44fcd1c6091443e17dfa2d54b0c41eeef072a3b1032f5c5de1aed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67602
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 126ms
124ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HZQWR2GYM4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63e05e9757122b87a39d38df8a1135b8b8c891d34758f3ead88cf4d314d0a3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79116
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
69 KB 127ms
125ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10851563334&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e30bc73ffafe002869a517a34bd88b539cb5c78729239ad4135c059a9a5dc433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70563
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 125ms
123ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11726966&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14f9ac65b52872a7a415923b77c822a4115e928ad9a9440b9e928849219c053f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47172
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 118ms
116ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8560775&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f0a42b6398a9b167bf1a0331fa529a1542c9022957bdeee411a5accd112e8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47177
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 115ms
113ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11690551&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3902f73c1636f63876772eadb32c2f861c17254ba619e9f796dfe24ce9f2197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47184
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 06:50:57 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 457ms
34ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:46 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: R6WZXR17H1QK22KP
age: 12
x-amz-server-side-encryption: AES256
x-amz-id-2: QY6eUdVkW5y9XCqhnwvyrP8Gnsuwy7GDsY0hLO/fYR8eTO42qIV7O4inISPZgWbqf9cDJVH8D0RDwBXDX3xEPQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 90ms
28ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Apr 2023 06:50:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: OtI0BmnsJHk5lcvV8xNNKwZAPgO3n+WPF4Qwyt9IxVr/KFs9zfjX+BVd2ZrcbYJKDS/iZJDx5IDpDJcBeOhxmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 117ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 28 Apr 2023 06:50:56 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B13145CFC1134B998AD9CA7A5C4A7690 Ref B: NYCEDGE1306 Ref C: 2023-04-28T06:50:57Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12036

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 124ms
31ms Script
application/x-javascript 2600:141b:9000::1725:7bba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::1725:7bba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=9688
accept-ranges: bytes
content-length: 4777

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/uhg/uhc/p/ 462 KB
140 KB 155ms
80ms Script
application/javascript 2606:4700::6812:180d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/uhg/uhc/p/detector-dom.min.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17fff3cbc2e4e7148a2ed0b20e5f550739630a6ff4d979cb023bf3f41367bc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
x-amz-version-id: wL9Ckgwu_8Ng.UnjjZeluNOIO39cIirW
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 26 Apr 2023 17:37:31 GMT
server: cloudflare
etag: W/"d76359298a84da5bf7bae5b212c9e36d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7bed5fbc4c3ad163-BUF
x-amz-cf-id: hxShoJe9R59cOGJgPWapXyEDw_5Dr-ljSaJyUdSCihqL8F_Dlw0ZeQ==
expires: Fri, 28 Apr 2023 10:50:57 GMT

GET
H2 200 wrapper.js Show response
universal.iperceptions.com/ 9 KB
4 KB 133ms
30ms Script
application/javascript 2600:9000:2510:fe00:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/wrapper.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:fe00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Apr 2023 06:46:16 GMT
content-encoding: gzip
via: 1.1 ad22d4e4410fd07809425488bf6e79be.cloudfront.net (CloudFront)
content-md5: d5YIeO59lrTqhttidyvULA==
age: 280
x-amz-cf-pop: JFK50-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
last-modified: Mon, 22 Mar 2021 18:02:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 544f535e-701e-0041-6658-79c1db000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: 0o3yXbMFCoUa4j8v9zPvk5bk0CN4-ton9pLHAf70fbbAwLF9JkihKw==

GET pixel.png
analytics1.ninahale.net/ 0
0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEM9DYuXMA7J3QmIeX9Vke3s&google_cver=1
dpm.demdex.net/ Frame 6D9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzMzOTg0NjUxNTAwNDQyNTU2MzAwNzM0MzE2OTUzNjU2MTk0ODE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzMzOTg0NjUxNTAwNDQyNTU2MzAwNzM0MzE2OTUzNjU2MTk0ODE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEM9DYuXMA7J3QmIeX9Vke3s&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

40ms
39ms

Image
image/gif

3.209.96.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEM9DYuXMA7J3QmIeX9Vke3s&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

HTTP/1.1

Server

3.209.96.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-96-37.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v047-0689e64bf.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tcMMBT7QQv8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEM9DYuXMA7J3QmIeX9Vke3s&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1031996425/ 2 KB
1 KB 74ms
73ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1031996425/?random=1682664657352&cv=11&fst=1682664657352&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1031996425&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

f876985603e672573619c599812e74a8833246db1d238fda0f9a53cd753eba87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1268
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1231592023559249 Show response
connect.facebook.net/signals/config/ 153 KB
43 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1231592023559249?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7455337ab058c73b7ebf25279cddab244104153032a82b0979a506d68db03028

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Apr 2023 06:50:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 43365
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gvp6hj+sptcu5X0NUDpy9n+zhS+6zaf1zBTJTfeXZcwds+adEZEGtA9WL82DEGNKreRIFOuGtYdXPPX4HwZTYA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1035216045/ 2 KB
2 KB 107ms
106ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035216045/?random=1682664657417&cv=11&fst=1682664657417&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1035216045&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

1f74afd53d3900ae8f894413d603f05f27c1c5ba2ebfe6e2b28cba3bcca715c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=5454bc96-bb54-4cf7-b960-f58c82e35223
dpm.demdex.net/ Frame 6D9D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=sberpay-securedpayment.ru&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=sberpay-securedpayment.ru&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5454bc96-bb54-4cf7-b960-f58c82e35223

42 B
940 B

39ms
39ms

Image
image/gif

3.209.96.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5454bc96-bb54-4cf7-b960-f58c82e35223

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

HTTP/1.1

Server

3.209.96.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-96-37.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v047-0b97fe500.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KNnpXA5kSO4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=5454bc96-bb54-4cf7-b960-f58c82e35223
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1002783284/ 2 KB
2 KB 109ms
109ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1002783284/?random=1682664657463&cv=11&fst=1682664657463&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1002783284&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

9294c718e9f22b6ca486562f5fec8bf767591f95d9be9fd3ea387f5baf65439b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 2 KB
2 KB 115ms
114ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1682664657485&cv=11&fst=1682664657485&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

f7a3d01d6a15a28a96842c7d22b0ca109b9d708c054c09454b55c5077e1a35e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1273
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963648696/ 2 KB
1 KB 112ms
111ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963648696/?random=1682664657506&cv=11&fst=1682664657506&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-963648696&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

eb1a005817b75d9f0b726186ff9bdd12796595762213c301fe03b4931de40be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 down.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 323 B
690 B 315ms
314ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/down.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc5351d1311b465c58a920846fba17c0b24e19fc563799abeba18c3ae8c4597e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKScFgZpAw9KfK3gbcMdgxSIyLwFKK%2BHHPnidkDjQfcY9XG9tKUUIj%2FDod0o2rkaHfFLUwvPpQsNJ0S707UX2dSTp5HDivG44cMxYOEspEiXo5tXuALVrHbtnXpZLxlHujKn%2Ft2MBhf2Qs1u"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd8ca53ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 caret_down_white.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 486 B
773 B 309ms
309ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/caret_down_white.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fc150121c58243d25c46de0302c550f6fa6cd69c7916ac48d77716e0492309

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUtsrOq4iU2mjFg%2F8RLeytMqtOm5pw0tsMjIe%2BGgpOIZA3LPraDpcXPYnvOVGcSS37KUliwy6dHSAXhf377lntppkJKndgJuPcOpkXW5SDF%2F53ArMTOa5QmddvSEZJ6vQvw75aP24wKe1XFD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd8ca73ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 search-desktop.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 775 B
890 B 311ms
310ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/search-desktop.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6240fd7d991e22e3fa4f74bbc87c2445c51d683971f5193808c664520d832d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Nviml%2Bb4%2F%2FCelS54yLWacS%2Fu%2F6%2BtQURRmeKMcj1erNKFALPNfRcKXTDwaTvHKBqQg3CIScJneiweiPegXeKb6A0eHImf6uqRXSpmQpO0BMsy94rncblfChH72Tu1podFOvGIFIXnBRxq0eP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9ca93ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 CTA_external_white.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 602 B
848 B 315ms
314ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_external_white.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5311a08c4bf52be77a75e2e2bf0ea7e1754673845f9feda56612b56a96423b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdwJWA3JR2d0hc1qNW%2FHE9UbRPtqAaRs3jcmHdeq9esOnUJQkJ1HH0jXGPFyUcc2Yj9hclQDMT53H7N8YOIlHOIog%2BQwF9UPgyu1AiiiHQPyer%2BWlGkaB0%2BveY4Hn3sm2scDYmwcjH%2F2YDy%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cab3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 caret_down_darkgrey.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 771 B
881 B 306ms
305ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/caret_down_darkgrey.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e17eb1bfb1bb0102ff3648db7bcf9bbbd59057b907e402e3fa9816d16655328

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfVk8ihb2HQ8NnkXvrD2jsnZBhJ%2FWzu2y%2B6W7kDI5RC%2FP9U723hP%2F%2BxEFzhVW0XDwnkSHmrGqELdB3roHSsVdkvKfyIqf9sUMQ%2BtW2hkXfSK6raT9aQ8tGR6cPFMYOAg%2F1LTb%2FrREHSYjsBO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cad3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 CTA_external_darkblue.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 602 B
849 B 312ms
311ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_external_darkblue.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d2262e8f5fa027a8672a07fd92b2737b3aef3382b58fcc3ab6851e29a69c9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRZAUvljrOb6iVkpGwxqg1BvCIxNqyx6s%2Fcotr3fl6sW4H92wFPiDSEmwSjHKzxUArqWQO0cr9xxK7cTfvRbv13D6TyFVeO2%2FQuXPQb9zWZE1%2F8r7uaXbus94E9JlHl0blbBz8f6kFjQSh4D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cb03ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 search-icon.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 2 KB
1 KB 328ms
327ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/search-icon.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de47e5b521e1ce1847da141b9f677295e2ea3dff2e41cb940d661e06eaa06219

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V04eEqkpEcphLu%2F5uKTHzb9rcuSFISA8BeulZehmduUSoaeRd3OlizK7W36H6h4BKGHZen3%2FHN8lzflHL5rmL%2FONemoYgRc5LEmn6Kq3MARTs3TFLI2j%2FR1OwkmfpOVwG5W%2F1Ibkf5lTpVff"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cb33ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 path.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 230 B
641 B 363ms
362ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/path.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1530e5d5c78250b57dcc22760d0142fd07311e8c4711c6d9733829ea2c6d3669

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cq05vloz2mWO5teIVIyY%2FJEfckkgtKNCna9U6E5J8PZ2dzsnOwvX8oet0kL5lX%2BbePVeqn3vVo1QkNExGNz4eymmh7UEzSIsPvcKg2uyS%2BlHVlPAOZS6sMbTJXimm7S2DirfcgqV4B9dlPkB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cb53ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bullet.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 258 B
663 B 309ms
309ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/bullet.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90006cf64ffdc4c9d9d45d175b6da08ddf4bb0e2b4b25745756a28bd31668abc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcTZYtisg%2BakSmE%2Foz7KEBnIdxjpcOVxCQq3WsxuyE%2FSsYWeyu5mRHEc0pFDG3vW%2BgDvCrXekCLNy3%2BRyZW%2BX16UwADBBCcJHnWc3Z8EjEhe4w9Zfj95vccKzd3jWhc7xjO2cTa8rv7P6lQX"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cb63ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 CTA_internal_digitalblue.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 494 B
785 B 340ms
340ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_internal_digitalblue.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 438c70909e5293b665d6f597c8d70637a81f380acbbc10fa85871c09e59fbd93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XbFHsQKQfXRiSacsZUrx4zOO8BHxz21Ur27CgT2i%2FRg43gWYX1zwwvLgx033EetemFEADZ%2BZ7mJ1l4YFBAwS32V6PD6jxSBwtUgJ%2Br9%2BfusSpeDfN3EZzHo7jUGX%2ByvAJOGajiVxjd1Hls1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cb83ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 UHCSansDigital-Bold.woff2
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 45 KB
45 KB 429ms
428ms Font
application/octet-stream 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSansDigital-Bold.woff2
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f920e2ff1a3dcaf7c83283c2b95941cfbe91f02cba81304bcda28095b1cc9c2

Request headers

Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Origin: https://sberpay-securedpayment.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9%2FxXppJ22UeiMfYKyF2MIjrDx1RHXzfrsL94ZTnEDChNW9l%2BrvzDIUcilBq0TjhA9pu9k4CK0V8dQIkNLK6L81MFKDWrllDVaEci%2BpYCy%2BnIbZwzZg%2FBIZFJV69Kfz5TP0jSPiVdVvVmvNx"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
cf-ray: 7bed5fbd9cb93ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Share.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 925 B
911 B 342ms
341ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/Share.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e050b9d4880de618ff21544c48ca3a5bad1e704c2edfd3214c6eee267958a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3ybEk%2Fku0AJCwhmgKNw%2BWifRZ7G4%2FB4aKDGE3G4JaDkaEUusLLTrfU5gGmgE8PJdDiO93G6Ctyk5ep2u4IUyBlJgsCRswP2hUGnX3EHCEHssT8HBYqRNZqImxi1O4GAxAl3%2BzoKU59ICM50"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cbb3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 CTA_external_digitalblue.svg
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 602 B
851 B 339ms
338ms Image
image/svg+xml 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_external_digitalblue.svg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84a6614e572f4ce4064d2ffc2a882f89d8b52cc66234eb99095fb3c5dd4aef73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.881abfd9f6f749ed6c93f51fa404f53a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Va6i5we5lxl88CQ7Fk5JIBu0PMrq3QcaFYnGFGKkj1mzzICG2rYkFXwim4QFF3x9%2BkkeNG7%2BacSqLei0HM8KPJc7yd%2F5Hgr9QfdxQHE3nzlPhEwuGcWy6OuROVcNGfm3Pc7%2FYEooJOMJYb1Q"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7bed5fbd9cbc3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 UHCSansDigital-MediumItalic.woff2
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 45 KB
45 KB 452ms
452ms Font
application/octet-stream 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSansDigital-MediumItalic.woff2
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e799bbfe34a7b3c18a39cda68b092ffb8eaf49b7b82cad234954e0c25c1c6f6c

Request headers

Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Origin: https://sberpay-securedpayment.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Fw8KP7W3%2FrtWCRW3gtf3rRZwgf00PwdKExUAYpxtoCgnURwsBzAd7WCNIulO2Y15je0HiuFQdTgubYaRczEw3HJ4wIgOv%2BOBGvDrA5lbVwhsOp0OmKdmERiBsioBprLTpj4NUo77T%2BqRepi"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
cf-ray: 7bed5fbdacbf3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 UHCSansDigital-Medium.woff2
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 44 KB
45 KB 439ms
439ms Font
application/octet-stream 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSansDigital-Medium.woff2
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1087c091dfe6ae5e44d78f6c19f2a1bd9f7b791d1ad91ee5e404d6823de1b309

Request headers

Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Origin: https://sberpay-securedpayment.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWoGJX640%2FnK%2F%2FPs3fyRtj0XiNhm%2F%2FuRrWdP%2B4yhhcUTxTFr9wFeaqJggfsDETDxQ%2FdIa4OBkHwIm0CngWyQyNNYd1DCoA8%2FmrhQk9cTHDqfJim%2Ful7gfyz0wcvXfwvedj64xp7Z%2FI7UspPT"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
cf-ray: 7bed5fbdacc33ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 UHCSerifHeadlineWeb-Semibold.woff
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 42 KB
42 KB 478ms
478ms Font
application/x-font-woff 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSerifHeadlineWeb-Semibold.woff
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72b75c2c79a93b5008e3f5de9b7cb66c0d1813bfdf8fae30268796e4aa43531

Request headers

Referer: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.fc4f755605b6a2ee6fd7f1de37e8f966.css
Origin: https://sberpay-securedpayment.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:58 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 06:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=robraZOjRKQpi5jxKZfGN1ryY36XBDkEqQx5NZSjiMx%2FcUdvqePEYo3l7c%2BiIB40BdZjVG0OwUYQgjq5YFgjV1G6sTSNSOYSDeDw7fYpP5ElP6fm3pxx%2BhzzGa7mhrR2CngSQOQzmvbsPlRX"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=14400
cf-ray: 7bed5fbdacc43ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/877013082/ 2 KB
1 KB 146ms
146ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/877013082/?random=1682664657570&cv=11&fst=1682664657570&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-877013082&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37591df2966123a936fd45843554dd018b219c4081018d651e68c7181b9ea541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1268
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/845491994/ 2 KB
1 KB 153ms
152ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845491994/?random=1682664657594&cv=11&fst=1682664657594&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-845491994&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

429bf5087bca301d21758fb8ed246dac18d961326c41eb13d338ddd05aa02445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 148007063.js Show response
bat.bing.com/p/action/ 0
118 B 98ms
98ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148007063.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 28 Apr 2023 06:50:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEAEB8C8F362421E90FC41380D62DD1E Ref B: NYCEDGE1306 Ref C: 2023-04-28T06:50:57Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148007063&Ver=2&mid=d6e2222c-ca24-4e9d-b810-3b7925e3d8ed&sid=07706680e59111eda9543f5923b7ceab&vid=077044a0e59111edb666a7bea9f2a375&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance,%20Payment,%20and%20Pricing&p=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&r=&lt=1943&evt=pageLoad&sv=1&rn=829225

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Apr 2023 06:50:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B82551CB4E94348943CBEC937634CA6 Ref B: NYCEDGE1306 Ref C: 2023-04-28T06:50:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 28088867.js Show response
bat.bing.com/p/action/ 0
135 B 66ms
66ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/28088867.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 28 Apr 2023 06:50:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7D1824B5EEA44A4793489F0F23027BF8 Ref B: NYCEDGE1306 Ref C: 2023-04-28T06:50:57Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
230 B 64ms
63ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=28088867&Ver=2&mid=418c1668-5d07-4001-a7ac-5334cbf64081&sid=07706680e59111eda9543f5923b7ceab&vid=077044a0e59111edb666a7bea9f2a375&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance,%20Payment,%20and%20Pricing&p=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&r=&lt=1943&evt=pageLoad&sv=1&rn=519985

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Apr 2023 06:50:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9EC572711C3748048C1038A4378367C9 Ref B: NYCEDGE1306 Ref C: 2023-04-28T06:50:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 6D9D
Redirect Chain

https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=73398465150044255630073431695365619481
https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=73398465150044255630073431695365619481
https://dpm.demdex.net/ibs:dpid=285689&dpuuid=73398465150044255630073431695365619481&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D
https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=73398465150044255630073431695365619481
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=73398465150044255630073431695365619481

120 B
928 B

29ms
28ms

Image
image/png

69.169.86.39
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=73398465150044255630073431695365619481
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: HTTP/1.1
Server: 69.169.86.39 Woodbridge, United States, ASN29838 (AMC, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 06:50:57 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: NY10
Content-Length: 120
Expires: -1

Redirect headers

Date: Fri, 28 Apr 2023 06:50:58 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbxx?go=244346&pid=268&xid=73398465150044255630073431695365619481
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: NY15
Content-Length: 223

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067173439/ 2 KB
1 KB 142ms
142ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067173439/?random=1682664657658&cv=11&fst=1682664657658&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1067173439&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a3209a83440be23ff383f251c965d929dee84b8f9b8d074f0ca6651d7f3bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066495647/ 2 KB
1 KB 155ms
154ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066495647/?random=1682664657685&cv=11&fst=1682664657685&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1066495647&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff95c788e1180eb6e66647e7a11aea9ec53a4773cb9e915c70a67e8267efc0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-par... Show response
11690551.fls.doubleclick.net/ Frame E628
Redirect Chain

https://11690551.fls.doubleclick.net/activityi;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-...
https://11690551.fls.doubleclick.net/activityi;dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsb...

443 B
367 B

45ms
45ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11690551.fls.doubleclick.net/activityi;dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11690551&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

d37463d976a3d734ff3b670f17c889353a91ae716ab7b507f8def890eb520aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sberpay-securedpayment.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 257
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:50:57 GMT
expires: Fri, 28 Apr 2023 06:50:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:50:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11690551.fls.doubleclick.net/activityi;dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1898745/domain/sberpay-securedpayment.ru/ 36 B
377 B 173ms
95ms XHR
application/json 2600:9000:21ec:3400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1898745/domain/sberpay-securedpayment.ru/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:3400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://sberpay-securedpayment.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: gzip
via: 1.1 ab95c5a0dcf51f52101ed4d59d15a2a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 34bjPTxut116e8GFP9uud7F1CFnfMJpQakjkRDOkQPCcRzA5KyHtAA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1898745%26time%3D1682664657730%26url%3Dhttps%253A%252F%252Fsberpay-securedpayment...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&cookiesTest=true&liSync=true&e_...

0
491 B

180ms
87ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&cookiesTest=true&liSync=true&e_ipv6=AQLDkUuMYJnkmwAAAYfGoRUfhOjSu2ZlOwiv9aai-8GPNA-f4jvXFebdHE1-vFPAHMiEQg
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FF4FB0683DA74B0CA1E72267F6EECAB8 Ref B: YTO01EDGE0708 Ref C: 2023-04-28T06:50:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6X+U9F6xBeLhqqPBlOQ==

Redirect headers

date: Fri, 28 Apr 2023 06:50:58 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 73B98CE39753459F9370620F6E025BC6 Ref B: EWR311000103047 Ref C: 2023-04-28T06:50:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1682664657730&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&cookiesTest=true&liSync=true&e_ipv6=AQLDkUuMYJnkmwAAAYfGoRUfhOjSu2ZlOwiv9aai-8GPNA-f4jvXFebdHE1-vFPAHMiEQg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6X+U6a455fe87dvR/gA==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10851563334/ 2 KB
1 KB 139ms
138ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10851563334/?random=1682664657754&cv=11&fst=1682664657754&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10851563334&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ecfe67a65aef8628eef8084c0c14bc15c566440bbacc5cd376f89524e445f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 global-alert.html Show response
sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/uhcdotcom/en/home/ 0
432 B 2038ms
2038ms XHR
text/html 172.67.211.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/uhcdotcom/en/home/global-alert.html
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.5ce85bb5c0070a0cd729f241c9f11496.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFXtlakRmtZgyE%2BjN3of%2FASRy4p1d45%2Fchd1VikUOLbcuXInL9hkCwZoQNYJ%2BznWuOs4h0Imt0jbE%2BXL4Iedzm0ev9d%2B2dKIG5l0xJ8NA%2BEBpNl3pj4iWb04FwQ5aapwc9J0nUZF9vbtOfwa"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7bed5fbf5dfa3ff7-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801664645/ 2 KB
1 KB 75ms
75ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801664645/?random=1682664657814&cv=11&fst=1682664657814&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&hn=www.googleadservices.com&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&auid=798476941.1682664657&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801664645&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5db0fd9817c550f2575b1839d10cfd0ecc4afabed4f82e31525dfa2f3b88b1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
261 B 94ms
37ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HZQWR2GYM4&gtm=45je34q0&_p=1257210143&cid=1608983391.1682664658&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682664657&sct=1&seg=0&dl=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&dt=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZQWR2GYM4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sberpay-securedpayment.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s25780190240515
smetrics.optum.com/b/ss/uhgenterprisecoreprod,uhguhcprd/1/JS-2.23.0-LDQM/ 43 B
373 B 329ms
87ms Image
image/gif 63.140.36.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.optum.com/b/ss/uhgenterprisecoreprod,uhguhcprd/1/JS-2.23.0-LDQM/s25780190240515?AQB=1&ndh=1&pf=1&t=28%2F3%2F2023%206%3A50%3A57%205%200&sdid=1476571D3D3BE353-36AFC6FF8F575747&mid=76532002812909882101075550121405128944&aamlh=7&ce=UTF-8&pageName=uhc%3Auhc.com%3Apublic%3Ahealth-and-wellness%3Ahealth-topics%3Ainfertility%3Ainfertility%20causes%20and%20treatment&g=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&c.&getPreviousValue=3.0.1&apl=4.0&inList=3.0&manageVars=3.0&lowerCaseVars=1.0&pt=3.0&.c&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=2.23.0%7Eproduction%7E2023-04-19t07%3A08%3A00z&v18=1-800-557-6718&c75=page%7Cuhc%3Auhc.com%3Apublic%3Ahealth-and-wellness%3Ahealth-topics%3Ainfertility%3Ainfertility%20causes%20and%20treatment&v100=content&v104=infertility&v139=page%20track&v140=uhc&v141=uhc&v142=uhc.com&v143=website&v144=desktop&v145=D%3DpageName&v149=1682664657&v150=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F112.0.5615.121%20safari%2F537.36&v152=D%3Dmid&v153=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&v154=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&v157=dcr%20-%20all%20pages%20-%20page%20load%20-%20aa%20-%20send%20beacon&v162=not%20logged%20in&v181=public&v182=health-and-wellness&v183=health-topics&v188=en&v191=prospect&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-139.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 29 Apr 2023 06:50:58 GMT
server: jag
etag: 3613494838317940736-4619780242609835199
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 27 Apr 2023 06:50:58 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1031996425/ 42 B
108 B 101ms
44ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1031996425/?random=1682664657352&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=859058521&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1035216045/ 42 B
108 B 103ms
47ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1035216045/?random=1682664657417&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=286855762&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=*;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare
adservice.google.com/ddm/fls/z/ Frame E628 42 B
401 B 98ms
41ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=*;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare

Requested by

Host: 11690551.fls.doubleclick.net
URL: https://11690551.fls.doubleclick.net/activityi;dc_pre=CNfL06n-y_4CFR1XDQodECsIbQ;src=11690551;type=optmbz;cat=globa0;ord=783956177775;gtm=45fe34q0;auiddc=798476941.1682664657;~oref=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://11690551.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 28ms
28ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Apr 2023 06:50:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZPpk5n90XZNiJdwF+oDK9DqrsOD9mm6DHw/j8ykZf40ffXHZUVkUEB36KyVDxpkYh8rYmkSjxQqrryxv9jNOWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801669703/ 42 B
455 B 57ms
43ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801669703/?random=1682664657485&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3107734190&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963648696/ 42 B
108 B 57ms
44ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963648696/?random=1682664657506&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=261845057&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10059574.json Show response
s.yimg.com/wi/config/ 2 B
484 B 119ms
49ms XHR
application/json 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10059574.json

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/uhc/p/detector-dom.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 8MXY7CM2R7A8D4P2
age: 1
content-length: 22
x-amz-id-2: mMNfTQO7aKB2j58zhNrTaI7keBls+3OQkL0CPYe9vfVAndnntb2vK1YVx88gCIhs5tRwYoYLBGQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 /
www.google.com/pagead/1p-user-list/877013082/ 42 B
108 B 46ms
45ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/877013082/?random=1682664657570&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=590877371&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/845491994/ 42 B
108 B 48ms
48ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/845491994/?random=1682664657594&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3428405060&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1002783284/ 42 B
108 B 47ms
47ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1002783284/?random=1682664657463&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3947840099&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1066495647/ 42 B
108 B 61ms
60ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1066495647/?random=1682664657685&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=852004096&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801664645/ 42 B
108 B 62ms
60ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801664645/?random=1682664657814&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=818831710&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10851563334/ 42 B
108 B 63ms
62ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10851563334/?random=1682664657754&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4291545446&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1067173439/ 42 B
108 B 61ms
61ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067173439/?random=1682664657658&cv=11&fst=1682661600000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&frm=0&tiba=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2172928226&rmt_tld=0&ipr=y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 108ms
30ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1231592023559249&ev=PageView&dl=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&rl=&if=false&ts=1682664658036&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682664658035.79739779&it=1682664657410&coo=false&rqm=GET

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Apr 2023 06:50:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 74ms
26ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2028%20Apr%202023%2006%3A50%3A58%20GMT&n=0&b=Infertility%20causes%20and%20treatment%20%7C%20UnitedHealthcare%20%2F%20Insurance%2C%20Payment%2C%20and%20Pricing&.yp=10059574&f=https%3A%2F%2Fsberpay-securedpayment.ru%2Fplanned-parenthood-take-unitedhealthcare&enc=UTF-8&yv=1.14.0&tagmgr=gtm%2Cadobe

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 28 Apr 2023 06:50:58 GMT

GET
BLOB 200
OK 68e8343e-de27-4fad-9a25-ebc13d5759a9
https://sberpay-securedpayment.ru/ 75 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sberpay-securedpayment.ru/68e8343e-de27-4fad-9a25-ebc13d5759a9
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 75
Content-Type: application/javascript

GET
H2 200 RC6ee5585bd7194b6b9e0c79be0c3c0f4f-source.min.js Show response
assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/ 577 B
602 B 28ms
28ms Script
application/x-javascript 2600:141b:5000:58e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/152e2e360a77/d90da24a66f7/RC6ee5585bd7194b6b9e0c79be0c3c0f4f-source.min.js
Requested by: Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/assets.adobedtm.com/512027f42d3c/152e2e360a77/launch-5e90c3319557.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:58e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8254210f7f6c3526088e458095d4a092ca06dbf507b999c8de70bda004610be5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:58 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2023 07:09:07 GMT
server: AkamaiNetStorage
etag: "7c302e080575f14a398bdad1c843128a:1681888147.429781"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sberpay-securedpayment.ru
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 330
expires: Fri, 28 Apr 2023 07:50:58 GMT

GET
H2 200 / Show response
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 116ms
37ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Requested by

Host: sberpay-securedpayment.ru
URL: https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

905e13cccc27944467d4248fdde83600eb67073a6e556f40ca3eaec1bc8e055b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 201772
cf-polished: origSize=9051
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"235b-pKmCzOyCPNxeMcqqOnrTKX+MeAY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bed5fc3cbdaa252-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 iFrame.html Show response
universal.iperceptions.com/ Frame D2D9 2 KB
1 KB 31ms
31ms Document
text/html 2600:9000:2510:fe00:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/iFrame.html
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:fe00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

Referer: https://sberpay-securedpayment.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 25
cache-control: public,max-age=7200
content-encoding: gzip
content-md5: Vmg/mBwwVR6Kl52r4KoGqg==
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:50:32 GMT
last-modified: Tue, 28 Jan 2020 16:03:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
via: 1.1 ad22d4e4410fd07809425488bf6e79be.cloudfront.net (CloudFront)
x-amz-cf-id: CQUEZ0NwScDriTro6Bu5XY0ZZaI7wucnNPOGkIQASDI7t5GlyXXVIw==
x-amz-cf-pop: JFK50-P5
x-cache: Hit from cloudfront
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c41c50e3-701e-004a-3e9d-79d9af000000
x-ms-version: 2009-09-19

GET
H/1.1 200
OK cls_report Show response
report.uhg.glassboxdigital.io/glassbox/reporting/a0542e07-7e48-6629-e0e8-daefbd48f7c3/ 228 B
2 KB 167ms
39ms XHR
application/json 54.224.15.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://report.uhg.glassboxdigital.io/glassbox/reporting/a0542e07-7e48-6629-e0e8-daefbd48f7c3/cls_report?_cls_s=eb0b10f7-ceaf-4f6f-9d84-8b6556d0875a%3A0&_cls_v=84be9b36-9e83-4cde-859c-61c4c18d872d&pv=2&f_cls_s=true

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/uhc/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.15.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-15-124.compute-1.amazonaws.com

Software

GlassBox Cligate /

Resource Hash

416190516f080ccfe3f59b395f39d1cdd588818c8e9bd30eaab0120ccf4107e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 06:50:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
Content-Security-Policy: default-src 'self';
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 190
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
vary: origin
Content-Type: application/json
access-control-allow-origin: https://sberpay-securedpayment.ru
access-control-allow-credentials: true
GB-Server: g5025
X-Robots-Tag: noindex

GET
H2 200 10.13da654ebc4ff074d07c.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
20 KB 36ms
35ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/10.13da654ebc4ff074d07c.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=sberpay-securedpayment.ru

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f1c140ebf7e31e6a8015d357d53b986280a1f847cff8b69e42220c01eb52cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 189274
cf-polished: origSize=66409
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"10369-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bed5fc40c24a252-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 53 KB
5 KB 112ms
112ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/uhc/p/detector-dom.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d626697269534da98993b9fca556ebfd3a72985fb22b15d494b615eddeeef55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sberpay-securedpayment.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 06:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sberpay-securedpayment.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 1a2769a88948b246
cf-ray: 7bed5fc45c6fa252-YYZ
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 63ms
63ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.13da654ebc4ff074d07c.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=sberpay-securedpayment.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 132659
cf-polished: origSize=104979
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19a13-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bed5fc51d40a252-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

OPTIONS
H2 200 InviteTriggers
api.iperceptions.com/ Frame 0
0 179ms
35ms Preflight 52.232.246.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.246.181 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: securitytoken
Access-Control-Request-Method: GET
Origin: https://sberpay-securedpayment.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: securitytoken
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 28 Apr 2023 06:50:57 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 401 InviteTriggers Show response
api.iperceptions.com/ 0
54 B 36ms
36ms XHR
text/plain 52.232.246.181
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/uhc/p/detector-dom.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.246.181 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sberpay-securedpayment.ru/
accept-language: en-US,en;q=0.9
SecurityToken: ef6177e6-a195-4fc1-9b32-7636466e19b5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:50:58 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 200 5.07a6a69905ef056ba9ee.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
920 B 42ms
41ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/5.07a6a69905ef056ba9ee.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b46a29347f98c4452c9e512233641444def5ebf724cf4cc6a8b18709323204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 189275
cf-polished: origSize=2522
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9da-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bed5fc5adefa252-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.92310019cd9a5ffe1656.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 44ms
44ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.92310019cd9a5ffe1656.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee84f35cccd4482139bcd41e7e0b932961363f9a702082b36ecb0b48921c2fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sberpay-securedpayment.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 189275
cf-polished: origSize=29372
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72bc-1876c5a02b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7bed5fc5adf0a252-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics1.ninahale.net
URL: https://analytics1.ninahale.net/pixel.png?clientID=2c8b871e52d4e5f5db5ff84a82a45327e20df77edef961c4b6fa0e9c3d97ce5b&id=&id_fp=&host=sberpay-securedpayment.ru&page=/planned-parenthood-take-unitedhealthcare&pageURL=https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare&ref=&web_ts=2023-04-28T06:50:57.234Z&adobe_ecid=76532002812909882101075550121405128944&adobe_vid=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&hit_type=pageview

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sberpay-securedpayment.ru/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 15:43:36	Name: demdex Value: 73398465150044255630073431695365619481
.sberpay-securedpayment.ru/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.sberpay-securedpayment.ru/	1970-01-20 13:34:00	Name: _gcl_au Value: 1.1.798476941.1682664657
.sberpay-securedpayment.ru/	1970-01-20 21:00:24	Name: mbox Value: session#a5cbfac103a640a2ad1408d8d7388dfe#1682666518\|PC#a5cbfac103a640a2ad1408d8d7388dfe.34_0#1745909458
.everesttech.net/	1970-01-20 20:10:00	Name: everest_g_v2 Value: g_surferid~ZEts0QAAAGPkOwNP
.dpm.demdex.net/	1970-01-20 15:43:36	Name: dpm Value: 73398465150044255630073431695365619481
.adsrvr.org/	1970-01-20 20:11:27	Name: TDID Value: 5454bc96-bb54-4cf7-b960-f58c82e35223
.sberpay-securedpayment.ru/	1970-01-20 21:00:24	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19476%7CMCMID%7C76532002812909882101075550121405128944%7CMCAAMLH-1683269457%7C7%7CMCAAMB-1683269457%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1682671857s%7CNONE%7CMCSYNCSOP%7C411-19483%7CvVersion%7C5.5.0
.doubleclick.net/	1970-01-20 21:00:24	Name: IDE Value: AHWqTUnDGoWTvSS0sQ3uHeNUTp_FC-VIVMI6S-r5FYNW4XjZ1NRbeWPYrGojQxJb
.sberpay-securedpayment.ru/	1970-01-20 11:25:51	Name: _uetsid Value: 07706680e59111eda9543f5923b7ceab
.sberpay-securedpayment.ru/	1970-01-20 20:46:00	Name: _uetvid Value: 077044a0e59111edb666a7bea9f2a375
.sberpay-securedpayment.ru/	1970-01-20 11:24:26	Name: s_gpv_pagename Value: uhc%3Auhc.com%3Apublic%3Ahealth-and-wellness%3Ahealth-topics%3Ainfertility%3Ainfertility%20causes%20and%20treatment
.demdex.net/	1970-01-20 15:43:36	Name: dextp Value: 771-1-1682664657285\|903-1-1682664657454\|285689-1-1682664657650
.bat.bing.com/	1970-01-20 11:34:29	Name: MR Value: 0
.bing.com/	1970-01-20 20:46:00	Name: MUID Value: 29C4AB0F9E6465D917B1B80E9FB0645D
.adsrvr.org/	1970-01-20 20:11:27	Name: TDCPM Value: CAESEgoDYWFtEgsIsOrLv97v4zsQBRgFIAEoAjILCMaf0Ov07-M7EAU4AQ..
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: b1dvkd3drj10dgdzh13gibwk
.sberpay-securedpayment.ru/	1970-01-20 21:00:24	Name: _ga_HZQWR2GYM4 Value: GS1.1.1682664657.1.0.1682664657.0.0.0
.sberpay-securedpayment.ru/	1970-01-20 21:00:24	Name: _ga Value: GA1.1.1608983391.1682664658
.sberpay-securedpayment.ru/	1970-01-20 21:00:24	Name: _cls_v Value: 84be9b36-9e83-4cde-859c-61c4c18d872d
.sberpay-securedpayment.ru/	1969-12-31 23:59:59	Name: _cls_s Value: eb0b10f7-ceaf-4f6f-9d84-8b6556d0875a:0
.sberpay-securedpayment.ru/	1969-12-31 23:59:59	Name: s_cc Value: true
.linkedin.com/	1970-01-20 13:34:00	Name: li_sugr Value: 42a163a4-c128-41f4-9985-c36cdf3e2b55
.linkedin.com/	1970-01-20 20:10:00	Name: bcookie Value: "v=2&6b08be04-743b-42ee-8114-533064b93eba"
.linkedin.com/	1970-01-20 11:25:51	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3051:u=1:x=1:i=1682664657:t=1682751057:v=2:sig=AQGkpX1l8L4N8-YDTzw5lJWQsSd77-Nh"
sberpay-securedpayment.ru/	1970-01-20 11:25:51	Name: ln_or Value: eyIxODk4NzQ1IjoiZCJ9
.sberpay-securedpayment.ru/	1970-01-20 13:34:00	Name: _fbp Value: fb.1.1682664658035.79739779
.linkedin.com/	1970-01-20 12:07:36	Name: UserMatchHistory Value: AQLbewDjCzjGHgAAAYfGoRRf7uOPpHOGAp6d8I1WNwwkSMpgmU1cvmFslPSLHtVnsRFC1IDxZCFkTQ
.linkedin.com/	1970-01-20 12:07:36	Name: AnalyticsSyncHistory Value: AQLAzuH42JgM3AAAAYfGoRRfHcFcPy44UJpkhsdvcnhR0VVgnIfI5_PxJauE8Oha_PNiQqTA2kHOZ6rdk9RvXA
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: f3obmj32cmbn2wvli3l0oz0b
.www.linkedin.com/	1970-01-20 20:10:00	Name: bscookie Value: "v=1&20230428065058895899ed-7144-4803-86a7-2f7b2c03cf57AQHfxGvw9Em6EWg6-kSJKigNLW-MduDu"
.yahoo.com/	1970-01-20 20:10:22	Name: A3 Value: d=AQABBNJsS2QCEJlgZsGANjI9hLaZKxhoyRsFEgEBAQG-TGRVZNxH0iMA_eMAAA&S=AQAAAlfKjiiFlh0Ik4504OXMAmI
.ib.mookie1.com/	1970-01-20 20:11:27	Name: ibkukiuno Value: s=a3c80d46-36b7-484e-8aa2-e08d01317511&h=&v=744255075441&l=-8585189422272753329&op=&hl=0&vlu=3&tcs=1&dcc=-8585189422273743074
.ib.mookie1.com/	1970-01-20 20:11:27	Name: ibkukinet Value: 1611266343=-8585189422272753329&1611266343=-8585189422272753329
report.uhg.glassboxdigital.io/	1970-01-20 11:34:29	Name: AWSALBCORS Value: tVkCyyT34oA2vus0CaChafg6U1HZWilujHhPTPePj5vnJg553/GEWFkVfxJLJPBXEf/UV0f6NMtb1/aphRDoZVOrdvqzRU5A/+C2Ih5BIoBYIPDEuJfWE2FKTlvw
sberpay-securedpayment.ru/	1969-12-31 23:59:59	Name: ipe_s Value: ba296365-cd60-1305-90d5-3f569238f7c3

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://analytics1.ninahale.net/pixel.png?clientID=2c8b871e52d4e5f5db5ff84a82a45327e20df77edef961c4b6fa0e9c3d97ce5b&id=&id_fp=&host=sberpay-securedpayment.ru&page=/planned-parenthood-take-unitedhealthcare&pageURL=https://sberpay-securedpayment.ru/planned-parenthood-take-unitedhealthcare&ref=&web_ts=2023-04-28T06:50:57.234Z&adobe_ecid=76532002812909882101075550121405128944&adobe_vid=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&hit_type=pageview Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://api.iperceptions.com/InviteTriggers Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://sberpay-securedpayment.ru/811b5240/https/8f2690/www.uhc.com/content/uhcdotcom/en/home/global-alert.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11690551.fls.doubleclick.net
164773174ba1.o3n.io
a1.b0e8.com
adservice.google.com
analytics1.ninahale.net
api.iperceptions.com
assets.adobedtm.com
bat.bing.com
cdn.b0e8.com
cdn.gbqofs.com
cdn.linkedin.oribi.io
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
ib.mookie1.com
match.adsrvr.org
px.ads.linkedin.com
px4.ads.linkedin.com
report.uhg.glassboxdigital.io
s.yimg.com
sberpay-securedpayment.ru
siteintercept.qualtrics.com
smetrics.optum.com
snap.licdn.com
sp.analytics.yahoo.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
universal.iperceptions.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
analytics1.ninahale.net
104.17.209.240
13.107.42.14
142.250.65.226
142.250.80.70
172.67.211.185
18.211.21.58
2001:4998:14:800::1000
2600:141b:5000:58e::1e80
2600:141b:9000::1725:7bba
2600:9000:21ec:3400:2:53b2:240:93a1
2600:9000:2510:fe00:8:e7ba:7440:93a1
2606:4700::6812:180d
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2004
2607:f8b0:4006:824::2002
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.209.96.37
3.33.220.150
34.111.78.58
34.199.30.243
34.203.47.152
35.190.5.192
52.232.246.181
54.224.15.124
63.140.36.139
69.169.86.38
69.169.86.39
76.13.32.146
07323da6d0d8793923e844e540397cab4d2bf8afa9f77e7d0540dfe5413cff5c
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0b3fd81c030319604cfed6e8f0eac6d8699dcaa4ee6a4b923a15e55823cf1025
0d626697269534da98993b9fca556ebfd3a72985fb22b15d494b615eddeeef55
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1087c091dfe6ae5e44d78f6c19f2a1bd9f7b791d1ad91ee5e404d6823de1b309
14f9ac65b52872a7a415923b77c822a4115e928ad9a9440b9e928849219c053f
1530e5d5c78250b57dcc22760d0142fd07311e8c4711c6d9733829ea2c6d3669
1689129c5091c4dfd4b0fe3cd4f260d039eff5f1caabed6cb7c1f78227ef6106
16f11bf3f7eb6aa4e6bc3899e9f3c0d0ab296d45d7541d6a1ea52e794e4a7a13
1c56ef5dd2604167d793e6652f6660158e858e3d4fea6f2e2f0dcd284dd9a883
1ecfe67a65aef8628eef8084c0c14bc15c566440bbacc5cd376f89524e445f17
1f74afd53d3900ae8f894413d603f05f27c1c5ba2ebfe6e2b28cba3bcca715c4
21a10df10e2088b69a6b29c34937386dde2970e6d72cfd833f65662203f0c3a2
23ba9ed58802755baf3a4e56c25fd1744f0b6db20d2a9925fb9ca06d8cc9ffa3
272de4ad11921990f01439fe8d414d4a4bfb0071bc03b9db1d60bb85aea6b70e
27e4978065d6e1580851cde10deea0d07624292a64510e82f61c9fe2c56c4d41
2d38507187f07b3bdc5589591101533c60ff0f5156e9daacf29d3a75169661b8
3720026ba0880d4c1949d74f14f16ff9af4d6470308e170c08566376b1bb750e
37591df2966123a936fd45843554dd018b219c4081018d651e68c7181b9ea541
381559206b26b0c6a7d18503c24928a41c25fce278acea4be180ed013368436c
3c319d4176c641538e14c748cdb4cd7dc1651b4ec10ef767c586f2b1628003a2
3cbbf4169eee3de4c8364f1f44e7d7dcdcf8f6e5e038b7d0e7c831e0c24633cf
416190516f080ccfe3f59b395f39d1cdd588818c8e9bd30eaab0120ccf4107e0
429bf5087bca301d21758fb8ed246dac18d961326c41eb13d338ddd05aa02445
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4327c2b34a48a5279d1fa8908eb0f6de8ac81c70ef2c807d5f8023d1f8b993f9
438c70909e5293b665d6f597c8d70637a81f380acbbc10fa85871c09e59fbd93
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fc150121c58243d25c46de0302c550f6fa6cd69c7916ac48d77716e0492309
4c88accf36a9abd5eba912c6a2b03150bad18406a932ef85006e3689cab5846b
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff
53f1c140ebf7e31e6a8015d357d53b986280a1f847cff8b69e42220c01eb52cf
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5a32bd2114b4e409afac9f1289e9916eb13e2f07130cf31a3e91ed5f3ad3e223
5da9ef2ac02ad19a29e41555f44ce5639db3ef8884ddd7c0364a02a61b51a400
5db0fd9817c550f2575b1839d10cfd0ecc4afabed4f82e31525dfa2f3b88b1b4
5ec2d965ff55b2060cf4898ff3e3d86c59a3c50cb8f0008d6a5bf0aaf2cf40dd
5edf7276713b08292c2eb988b2906b022b649352f50be3cabbebf81ce64065c8
5f0a42b6398a9b167bf1a0331fa529a1542c9022957bdeee411a5accd112e8d7
6207c72cb8808f45cd69d92925067512a9753108bd41dc7b43b7f21e98fafece
62659a31050f1ee81d20ec930f30d92c1f509f31b621286920d6053870656f06
63a801b68c44fcd1c6091443e17dfa2d54b0c41eeef072a3b1032f5c5de1aed3
63a830a17ed9639cd15843520d199424fd83efdd525dbb6e7b6beffd30294414
63e05e9757122b87a39d38df8a1135b8b8c891d34758f3ead88cf4d314d0a3f9
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6e17eb1bfb1bb0102ff3648db7bcf9bbbd59057b907e402e3fa9816d16655328
6f920e2ff1a3dcaf7c83283c2b95941cfbe91f02cba81304bcda28095b1cc9c2
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
7455337ab058c73b7ebf25279cddab244104153032a82b0979a506d68db03028
75857c905db51fd750c965398629273deed8aef98f3e4a17930e38ab5d055d44
75fbba471a4c2a3ddd679a164955e3dd87450d3077371176a17ec5edf7216999
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c6c71d6aac28e8a82729150bd05ee4be877ecb33d0a3b7d6e42043e860a053c
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a
8254210f7f6c3526088e458095d4a092ca06dbf507b999c8de70bda004610be5
84a6614e572f4ce4064d2ffc2a882f89d8b52cc66234eb99095fb3c5dd4aef73
8faed3eed4c4ca749ecbbad7c71398b2c75c2ac0d76dd778d4f910ada503402e
90006cf64ffdc4c9d9d45d175b6da08ddf4bb0e2b4b25745756a28bd31668abc
905e13cccc27944467d4248fdde83600eb67073a6e556f40ca3eaec1bc8e055b
9294c718e9f22b6ca486562f5fec8bf767591f95d9be9fd3ea387f5baf65439b
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
968ff76651421d0cf5e05a4e9089f04f04541d0bf5b921a2fd679d17debddf99
96d2262e8f5fa027a8672a07fd92b2737b3aef3382b58fcc3ab6851e29a69c9e
9a2356f617f58aee4cf1ee23420203d11255ccc4efe69b04bc998ced2da75349
9ce40c78c07cf66d96cd157b24fa2185b260b6cc87d67be664a83e79f87f7775
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3902f73c1636f63876772eadb32c2f861c17254ba619e9f796dfe24ce9f2197
a6240fd7d991e22e3fa4f74bbc87c2445c51d683971f5193808c664520d832d5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b17fff3cbc2e4e7148a2ed0b20e5f550739630a6ff4d979cb023bf3f41367bc8
b1a3209a83440be23ff383f251c965d929dee84b8f9b8d074f0ca6651d7f3bab
b1c1a4244de33316bdab018bf75ff07e00117f979075cf8a0c2c7b932b66fe3d
b5311a08c4bf52be77a75e2e2bf0ea7e1754673845f9feda56612b56a96423b5
bb12a22e0d8aea5a6d56b664cc2b10382d9f2c26adacd117097b40dcc88dbf4d
c5992cbcead34bb80da9b732964325a78a8803a2f95bfa850e407401ec86a605
c66c1422e0e8a04dbd71793dc58eed1b78c66ea115629e0a60fc94468ce7e1be
caecbd7df1cf56c93befb54bbbfd9f98121a0dc5c7e180ec29f8ac5fa1641804
cc1e9425463c20eeca98f972e1c784d2051b22263c8d9c2452fed4f8c4a280c8
cc5351d1311b465c58a920846fba17c0b24e19fc563799abeba18c3ae8c4597e
d02266586567d3889ef80ab66eae3f377deaab9bb42ba209e8fb7e9890371458
d37463d976a3d734ff3b670f17c889353a91ae716ab7b507f8def890eb520aff
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d72b75c2c79a93b5008e3f5de9b7cb66c0d1813bfdf8fae30268796e4aa43531
d767b2f329777c70c9bdbd7d43528d2752f337638347dec99ae9d25ce63bd94f
d8fba2879d021df3261c2626d6a6a843984d18de2d9b98699b4006e85f809243
d9f2f1423b5ceb30122c5aa5eb03fc58342490725714f0a231cd9f8c5da143cb
dc0a21b30a6c7b8e8338c854c56405a0bf2665afa994b89dc877ff9d8c28e659
dc47b0748d1170dcbff15de68090b482230b3b9e33ba6575fb9791144f9e63dc
de47e5b521e1ce1847da141b9f677295e2ea3dff2e41cb940d661e06eaa06219
e30bc73ffafe002869a517a34bd88b539cb5c78729239ad4135c059a9a5dc433
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e799bbfe34a7b3c18a39cda68b092ffb8eaf49b7b82cad234954e0c25c1c6f6c
e8f572ad78aebce8a894413297899eabcbdc22acedd8da45d33224f1d67ac330
eb1a005817b75d9f0b726186ff9bdd12796595762213c301fe03b4931de40be7
ee84f35cccd4482139bcd41e7e0b932961363f9a702082b36ecb0b48921c2fc0
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0895f4f31d4c5f94786c3a1c71c293de568a95033bdb47e60832fa7e34ff142
f1b46a29347f98c4452c9e512233641444def5ebf724cf4cc6a8b18709323204
f51d9dbdd6aa842549b5800a3ddca18d4d909ba8e9a8b9ba1285a69e18ba3ec9
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7a3d01d6a15a28a96842c7d22b0ca109b9d708c054c09454b55c5077e1a35e4
f876985603e672573619c599812e74a8833246db1d238fda0f9a53cd753eba87
f9e050b9d4880de618ff21544c48ca3a5bad1e704c2edfd3214c6eee267958a9
fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f
fc9d1f560426caa59c7d6d08d551e7195ae552a97a2349ce30fc8473e87c5c11
ff95c788e1180eb6e66647e7a11aea9ec53a4773cb9e915c70a67e8267efc0a7

sberpay-securedpayment.ru Open in urlscan Pro 172.67.211.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

95 %HTTPS

45 %IPv6

28 Domains

37 Subdomains

30 IPs

2 Countries

1950 kBTransfer

5735 kBSize

37 Cookies

0 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sberpay-securedpayment.ru Open in urlscan Pro
172.67.211.185 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

95 %
HTTPS

45 %
IPv6

28
Domains

37
Subdomains

30
IPs

2
Countries

1950 kB
Transfer

5735 kB
Size

37
Cookies

136 HTTP transactions
0 data transactions