urlscan.io logo urlscan.io
SecurityTrails logo

payspan.com Open in urlscan Pro
104.198.40.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ja.t.hubspotemail.net/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqM...
Effective URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_...
Submission Tags: phishing malicious Search All
Submission: On April 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 18 domains to perform 38 HTTP transactions. The main IP is 104.198.40.93, located in United States and belongs to GOOGLE, US. The main domain is payspan.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 1st 2020. Valid for: 3 months.
This is the only time payspan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
13 104.198.40.93 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 112.196.9.242 17917 (QTLTELECO...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
38 19
2    2606:4700::6812:a405 (United States)

ASN13335 (CLOUDFLARENET, US)
ja.t.hubspotemail.net
13    104.198.40.93 (United States)

ASN15169 (GOOGLE, US)
PTR: 93.40.198.104.bc.googleusercontent.com
payspan.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    112.196.9.242 (Ludhiana, India)

ASN17917 (QTLTELECOM-AS-AP Quadrant Televentures Limited, IN)
server2.chicmic.in
6    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2a02:26f0:3100:384::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
snap.licdn.com
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
Domain Requested by
13 payspan.com ja.t.hubspotemail.net
payspan.com
6 fonts.gstatic.com payspan.com
3 track.hubspot.com
2 px.ads.linkedin.com 1 redirects
2 ssl.google-analytics.com 1 redirects www.googletagmanager.com
2 js.hsforms.net payspan.com
js.hsforms.net
2 ja.t.hubspotemail.net 1 redirects
1 www.linkedin.com 1 redirects
1 snap.licdn.com js.hsadspixel.net
1 api.hubapi.com js.hsadspixel.net
1 stats.g.doubleclick.net payspan.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 forms.hsforms.com js.hsforms.net
1 server2.chicmic.in payspan.com
1 www.googletagmanager.com payspan.com
1 js.hs-scripts.com payspan.com
1 fonts.googleapis.com payspan.com
38 19

This site contains links to these domains. Also see Links.

Domain
www.payspanhealth.com
payspanstaging.wpengine.com
generatepress.com
Subject Issuer Validity Valid
hubspotemail.net
CloudFlare Inc ECC CA-2		 2019-10-20 -
2020-10-09		 a year crt.sh
payspan.com
Let's Encrypt Authority X3		 2020-04-01 -
2020-06-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-07 -
2020-10-09		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
server2.chicmic.in
Let's Encrypt Authority X3		 2020-03-10 -
2020-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
hubapi.com
CloudFlare Inc ECC CA-2		 2020-01-21 -
2020-10-09		 9 months crt.sh
hubspot.com
CloudFlare Inc ECC CA-2		 2019-12-04 -
2020-10-09		 10 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Frame ID: BC9EEB145956696377DEDA21261F09B6
Requests: 40 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: F26730A6AC259E10ACF8D107338CB983
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ja.t.hubspotemail.net/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfH... Page URL
  2. https://ja.t.hubspotemail.net/events/public/v1/track/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-... HTTP 307
    https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICK... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

100 %
HTTPS

89 %
IPv6

18
Domains

19
Subdomains

19
IPs

6
Countries

643 kB
Transfer

2261 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ja.t.hubspotemail.net/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8ZvGMKJB9XCW4dG6yg56kT2rW4cQ3kk2MnrYcN4L5FZDKng6qW1Wg4dv4dtKR_N2MznrL5lSvXW8RCNR_5Pd8pBW6nPfjf4LNMj6W861YMD8S5FF2V33WT24Ftsz_W3Vpk-D96zRPSW6bT6L32mGvTBW4dnWJc69NG1wW6PqZy77fdm-8N6W3RDgHd1dNW18T0S-1VJrykW5lX8fq13bD4hN6dkl-_qcQXYW8TyTmD539kWzW1fdqd32dg9gQW4b0lQG4MFDqHW1GPLTy1jF2tVW49wRZM2_W8j3W4Q2HG13qZBstW8VHHtf6yxtSXVsM3zf1jb8XdW6X3bXy1fv4-cW3ny7-k4hR0nQW6fTBRh5JRtLHN4b0HsxH6gVcW756P2z55SvHpN4PspvWy9d1KVPFPMt893BMyW73R1h2224lghW1RZF9t1mF0YkW20T1qD6SpBkpW1dBCVX239KBcW62ckbt2LdjVlW8jqgnT1ZWxSyW8s6HPs8wzwmSW3Gc9QS1WxMq6W6hR06f4rYsVsW4PxjJZ3DlwBbVBdycF5DTz080 Page URL
  2. https://ja.t.hubspotemail.net/events/public/v1/track/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8ZvGMKJB9XCW4dG6yg56kT2rW4cQ3kk2MnrYcN4L5FZDKng6qW1Wg4dv4dtKR_N2MznrL5lSvXW8RCNR_5Pd8pBW6nPfjf4LNMj6W861YMD8S5FF2V33WT24Ftsz_W3Vpk-D96zRPSW6bT6L32mGvTBW4dnWJc69NG1wW6PqZy77fdm-8N6W3RDgHd1dNW18T0S-1VJrykW5lX8fq13bD4hN6dkl-_qcQXYW8TyTmD539kWzW1fdqd32dg9gQW4b0lQG4MFDqHW1GPLTy1jF2tVW49wRZM2_W8j3W4Q2HG13qZBstW8VHHtf6yxtSXVsM3zf1jb8XdW6X3bXy1fv4-cW3ny7-k4hR0nQW6fTBRh5JRtLHN4b0HsxH6gVcW756P2z55SvHpN4PspvWy9d1KVPFPMt893BMyW73R1h2224lghW1RZF9t1mF0YkW20T1qD6SpBkpW1dBCVX239KBcW62ckbt2LdjVlW8jqgnT1ZWxSyW8s6HPs8wzwmSW3Gc9QS1WxMq6W6hR06f4rYsVsW4PxjJZ3DlwBbVBdycF5DTz080?_ud=1aa12c98-3496-404f-87ed-e2fe81c5df9f&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1619438367&utmhn=payspan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=QuickPay%20MW%20%E2%80%93%20Payspan%20%7C%20Healthcare%20Reimbursement%20Solutions%20%7C%20Hospital%20Payment%20Systems&utmhid=440220113&utmr=-&utmp=%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D86100295%26_hsenc%3Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%26_hsmi%3D86100295&utmht=1586466101564&utmac=UA-75785696-1&utmgtm=2wg432MHDDM4&utmcc=__utma%3D188091689.2056474572.1586466101.1586466101.1586466101.1%3B%2B__utmz%3D188091689.1586466101.1.1.utmcsr%3Dhs_email%7Cutmccn%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%7Cutmcmd%3Demail%7Cutmcct%3D86100295%3B&utmjid=1963519803&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75785696-1&cid=2056474572.1586466101&jid=1963519803&_v=5.7.2&z=1619438367
Request Chain 39
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1158122&url=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D86100295%26_hsenc%3Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%26_hsmi%3D86100295&time=1586466101928 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1158122%26url%3Dhttps%253A%252F%252Fpayspan.com%252Fpr_april_2020_eml_quickpay_campaign_mw%252F%253Futm_campaign%253DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%2526utm_source%253Dhs_email%2526utm_medium%253Demail%2526utm_content%253D86100295%2526_hsenc%253Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%2526_hsmi%253D86100295%26time%3D1586466101928%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1158122&url=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D86100295%26_hsenc%3Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%26_hsmi%3D86100295&time=1586466101928&liSync=true

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8ZvGMKJB9XCW4dG6yg56kT2rW4cQ3kk2MnrYcN4L5FZDKng6qW1Wg4dv4dtKR_N2MznrL5lSvXW8RCNR_5Pd8pBW6nPfjf4LNMj6W861YMD8S5FF2V33W...
ja.t.hubspotemail.net/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ja.t.hubspotemail.net/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8ZvGMKJB9XCW4dG6yg56kT2rW4cQ3kk2MnrYcN4L5FZDKng6qW1Wg4dv4dtKR_N2MznrL5lSvXW8RCNR_5Pd8pBW6nPfjf4LNMj6W861YMD8S5FF2V33WT24Ftsz_W3Vpk-D96zRPSW6bT6L32mGvTBW4dnWJc69NG1wW6PqZy77fdm-8N6W3RDgHd1dNW18T0S-1VJrykW5lX8fq13bD4hN6dkl-_qcQXYW8TyTmD539kWzW1fdqd32dg9gQW4b0lQG4MFDqHW1GPLTy1jF2tVW49wRZM2_W8j3W4Q2HG13qZBstW8VHHtf6yxtSXVsM3zf1jb8XdW6X3bXy1fv4-cW3ny7-k4hR0nQW6fTBRh5JRtLHN4b0HsxH6gVcW756P2z55SvHpN4PspvWy9d1KVPFPMt893BMyW73R1h2224lghW1RZF9t1mF0YkW20T1qD6SpBkpW1dBCVX239KBcW62ckbt2LdjVlW8jqgnT1ZWxSyW8s6HPs8wzwmSW3Gc9QS1WxMq6W6hR06f4rYsVsW4PxjJZ3DlwBbVBdycF5DTz080
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:a405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7e614ed12123b9047e6178d323ec4d75a575a1f41376c2e55de1c7295b1678

Request headers

:method
GET
:authority
ja.t.hubspotemail.net
:scheme
https
:path
/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8ZvGMKJB9XCW4dG6yg56kT2rW4cQ3kk2MnrYcN4L5FZDKng6qW1Wg4dv4dtKR_N2MznrL5lSvXW8RCNR_5Pd8pBW6nPfjf4LNMj6W861YMD8S5FF2V33WT24Ftsz_W3Vpk-D96zRPSW6bT6L32mGvTBW4dnWJc69NG1wW6PqZy77fdm-8N6W3RDgHd1dNW18T0S-1VJrykW5lX8fq13bD4hN6dkl-_qcQXYW8TyTmD539kWzW1fdqd32dg9gQW4b0lQG4MFDqHW1GPLTy1jF2tVW49wRZM2_W8j3W4Q2HG13qZBstW8VHHtf6yxtSXVsM3zf1jb8XdW6X3bXy1fv4-cW3ny7-k4hR0nQW6fTBRh5JRtLHN4b0HsxH6gVcW756P2z55SvHpN4PspvWy9d1KVPFPMt893BMyW73R1h2224lghW1RZF9t1mF0YkW20T1qD6SpBkpW1dBCVX239KBcW62ckbt2LdjVlW8jqgnT1ZWxSyW8s6HPs8wzwmSW3Gc9QS1WxMq6W6hR06f4rYsVsW4PxjJZ3DlwBbVBdycF5DTz080
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Thu, 09 Apr 2020 21:01:39 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d35e89ea95900ab042a3860b1bba110fc1586466099; expires=Sat, 09-May-20 21:01:39 GMT; path=/; domain=.hubspotemail.net; HttpOnly; SameSite=Lax
referrer-policy
no-referrer
vary
Accept-Encoding
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58172a22794a96e0-FRA
content-encoding
br
Primary Request /
payspan.com/pr_april_2020_eml_quickpay_campaign_mw/
Redirect Chain
  • https://ja.t.hubspotemail.net/events/public/v1/track/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8Zv...
  • https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsm...
39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Requested by
Host: ja.t.hubspotemail.net
URL: https://ja.t.hubspotemail.net/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8ZvGMKJB9XCW4dG6yg56kT2rW4cQ3kk2MnrYcN4L5FZDKng6qW1Wg4dv4dtKR_N2MznrL5lSvXW8RCNR_5Pd8pBW6nPfjf4LNMj6W861YMD8S5FF2V33WT24Ftsz_W3Vpk-D96zRPSW6bT6L32mGvTBW4dnWJc69NG1wW6PqZy77fdm-8N6W3RDgHd1dNW18T0S-1VJrykW5lX8fq13bD4hN6dkl-_qcQXYW8TyTmD539kWzW1fdqd32dg9gQW4b0lQG4MFDqHW1GPLTy1jF2tVW49wRZM2_W8j3W4Q2HG13qZBstW8VHHtf6yxtSXVsM3zf1jb8XdW6X3bXy1fv4-cW3ny7-k4hR0nQW6fTBRh5JRtLHN4b0HsxH6gVcW756P2z55SvHpN4PspvWy9d1KVPFPMt893BMyW73R1h2224lghW1RZF9t1mF0YkW20T1qD6SpBkpW1dBCVX239KBcW62ckbt2LdjVlW8jqgnT1ZWxSyW8s6HPs8wzwmSW3Gc9QS1WxMq6W6hR06f4rYsVsW4PxjJZ3DlwBbVBdycF5DTz080
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
d532359e19d5dc48eaf3c512064f2faf4de0861bc68f6dccb5a17d0252cefc01

Request headers

:method
GET
:authority
payspan.com
:scheme
https
:path
/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://ja.t.hubspotemail.net/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8ZvGMKJB9XCW4dG6yg56kT2rW4cQ3kk2MnrYcN4L5FZDKng6qW1Wg4dv4dtKR_N2MznrL5lSvXW8RCNR_5Pd8pBW6nPfjf4LNMj6W861YMD8S5FF2V33WT24Ftsz_W3Vpk-D96zRPSW6bT6L32mGvTBW4dnWJc69NG1wW6PqZy77fdm-8N6W3RDgHd1dNW18T0S-1VJrykW5lX8fq13bD4hN6dkl-_qcQXYW8TyTmD539kWzW1fdqd32dg9gQW4b0lQG4MFDqHW1GPLTy1jF2tVW49wRZM2_W8j3W4Q2HG13qZBstW8VHHtf6yxtSXVsM3zf1jb8XdW6X3bXy1fv4-cW3ny7-k4hR0nQW6fTBRh5JRtLHN4b0HsxH6gVcW756P2z55SvHpN4PspvWy9d1KVPFPMt893BMyW73R1h2224lghW1RZF9t1mF0YkW20T1qD6SpBkpW1dBCVX239KBcW62ckbt2LdjVlW8jqgnT1ZWxSyW8s6HPs8wzwmSW3Gc9QS1WxMq6W6hR06f4rYsVsW4PxjJZ3DlwBbVBdycF5DTz080

Response headers

status
200
server
nginx
date
Thu, 09 Apr 2020 21:01:40 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-ua-compatible
IE=edge
link
<https://payspan.com/wp-json/>; rel="https://api.w.org/" <https://payspan.com/?p=8309>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 5
x-cache-group
normal
content-encoding
br

Redirect headers

status
307
date
Thu, 09 Apr 2020 21:01:39 GMT
x-robots-tag
none
link
<https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295>; rel="canonical"
location
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
referrer-policy
no-referrer
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58172a236a4496e0-FRA
css
fonts.googleapis.com/ 		69 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COld+Standard+TT:regular,italic,700&display=swap
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1c83b5babda26c50c409dd8cc540837af6a0ca9160096a02f0e7abb732b4820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 21:01:40 GMT
server
ESF
date
Thu, 09 Apr 2020 21:01:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Apr 2020 21:01:40 GMT
autoptimize_3c1803be7aaf0a1ee7f1c301285f9905.css
payspan.com/wp-content/cache/autoptimize/css/ 		673 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payspan.com/wp-content/cache/autoptimize/css/autoptimize_3c1803be7aaf0a1ee7f1c301285f9905.css
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e198295e2511c5b17d6f92cc0a35bbe5912fbd1071222a5c20f65588f58e5c06

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 09 Apr 2020 21:01:40 GMT
content-encoding
br
last-modified
Tue, 07 Apr 2020 19:12:12 GMT
server
nginx
status
200
etag
W/"5e8cd08c-a85c1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.js
payspan.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payspan.com/wp-includes/js/jquery/jquery.js
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:40 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 04:24:57 GMT
server
nginx
status
200
etag
W/"5e38f219-17a69"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
v2.js
js.hsforms.net/forms/ 		420 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f10d9e8a1b6cd2053981c3516932d9c839508aa8aad7b771fe1befd41c4fcd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:40 GMT
via
1.1 7a99ed3f39c18af8fe138a695e5f657d.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
34334
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-amz-version-id
co0qKfCpgkPIBTcGinYN9wtDopmNgKEf
last-modified
Thu, 02 Apr 2020 11:26:06 GMT
server
cloudflare
etag
W/"b8f7568d1d43ecd1f80fc324e2262b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-amz-cf-pop
IAD89-C1
cf-ray
58172a289c64d705-FRA
x-amz-cf-id
tZD0Mnfq3h5mktlFbz-0d9nIdN8-1_GQ_WtyRojCYxvpnIbeI8NG_g==
lazysizes.min.js
payspan.com/wp-content/plugins/autoptimize/classes/external/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payspan.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.6.1
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ad59ddc1d9939ae9f117cb78c02bd1bfa5835823d8e4a95a2191b71f456ac959

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:40 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 04:25:02 GMT
server
nginx
status
200
etag
W/"5e38f21e-22ac"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
3489672.js
js.hs-scripts.com/ 		1 KB
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/3489672.js?integration=WordPress
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d8965c554cbf000327782b3032255a9dd2bca133f0e7740388df045e1bf2be

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:40 GMT
content-encoding
br
cf-cache-status
HIT
age
54
cf-polished
origSize=1256
status
200
access-control-max-age
3600
cf-bgj
minify
server
cloudflare
x-trace
2BBB0CB29B847625A15A1939F24B1CEEB5FE63CBB5000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://payspan.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
58172a287b8bd725-FRA
expires
Thu, 09 Apr 2020 21:02:40 GMT
autoptimize_73322603a520ff4afc7d5b314aefd120.js
payspan.com/wp-content/cache/autoptimize/js/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payspan.com/wp-content/cache/autoptimize/js/autoptimize_73322603a520ff4afc7d5b314aefd120.js
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f153a6e1ba72b8e200d2bd544087f0d265261beeff8c31191ae97ddb141094cd

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:40 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 05:16:37 GMT
server
nginx
status
200
etag
W/"5e38fe35-11b23"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-emoji-release.min.js
payspan.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payspan.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
content-encoding
br
last-modified
Tue, 04 Feb 2020 04:24:57 GMT
server
nginx
status
200
etag
W/"5e38f219-362a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHDDM4
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10dcf091a79b46c769df9e9ab1f34ba783be24009268162976bba206c63cf9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:40 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
23122
x-xss-protection
0
expires
Thu, 09 Apr 2020 21:01:40 GMT
truncated
/ 		62 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2b49ae118707bc6a883c9b5d33321c1c5744e5e61ba5338ef2e7e4086d1e1b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo1.png
server2.chicmic.in/SAG/payspan/wp-content/uploads/2019/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server2.chicmic.in/SAG/payspan/wp-content/uploads/2019/10/logo1.png
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
112.196.9.242 Ludhiana, India, ASN17917 (QTLTELECOM-AS-AP Quadrant Televentures Limited, IN),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
be61feaaaaa8531ca2045cf10cc7fbba558f62b6676ebe3e441ddfc8137d12c7

Request headers

Referer
https://payspan.com/wp-content/cache/autoptimize/css/autoptimize_3c1803be7aaf0a1ee7f1c301285f9905.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 21:01:41 GMT
Last-Modified
Sat, 05 Oct 2019 09:23:14 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"14cf-594265e3cf03a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5327
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COld+Standard+TT:regular,italic,700&display=swap
Origin
https://payspan.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1109209
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Sun, 28 Mar 2021 00:54:51 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COld+Standard+TT:regular,italic,700&display=swap
Origin
https://payspan.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 10:27:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:50 GMT
server
sffe
age
1074849
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13464
x-xss-protection
0
expires
Sun, 28 Mar 2021 10:27:31 GMT
generatepress.woff2
payspan.com/wp-content/themes/generatepress/fonts/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payspan.com/wp-content/themes/generatepress/fonts/generatepress.woff2
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer
https://payspan.com/wp-content/cache/autoptimize/css/autoptimize_3c1803be7aaf0a1ee7f1c301285f9905.css
Origin
https://payspan.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
last-modified
Tue, 04 Feb 2020 04:25:00 GMT
server
nginx
status
200
etag
"5e38f21c-4f0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1264
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COld+Standard+TT:regular,italic,700&display=swap
Origin
https://payspan.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
2606452
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:00:48 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COld+Standard+TT:regular,italic,700&display=swap
Origin
https://payspan.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 23:56:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
2581526
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:56:14 GMT
aafdf1e0-9020-4605-8b3a-d6405e55581b
forms.hsforms.com/embed/v3/form/3489672/ 		27 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/3489672/aafdf1e0-9020-4605-8b3a-d6405e55581b?callback=hs_reqwest_0&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46a7a80763673c1e62cce16082bb67d8830f7ad88531a8aea1faff3bcb6597e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B67C5471C7CA2CDBDA91803F5A1A94F1EB0B0A508000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
content-disposition
attachment; filename=no-rfd.txt
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58172a2dbd356347-FRA
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2f3e27d8791f2aac12b0b07d8434504ee80a45256b7c72a005e833f7dc50066

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65a18406f49c8f8b6b236ef5c6119657fea7e85f387af30d77ace08c6d40c655

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COld+Standard+TT:regular,italic,700&display=swap
Origin
https://payspan.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:19:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
2605354
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:19:07 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COld+Standard+TT:regular,italic,700&display=swap
Origin
https://payspan.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 10:27:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:06 GMT
server
sffe
age
210840
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13612
x-xss-protection
0
expires
Wed, 07 Apr 2021 10:27:41 GMT
3489672.js
js.hs-analytics.net/analytics/1586466000000/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1586466000000/3489672.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3489672.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
217146edd139cd6b58fc8cdfb7de14403f5a4c539678e075d6ccc3eed24ed2c7

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
content-encoding
br
cf-cache-status
HIT
age
55
x-amz-server-side-encryption
AES256
status
200
x-amz-request-id
477DE30AB441272A
x-amz-id-2
N8464KuA5WNBjdfJ8RBcG+8duFfPTJhMPXE3pDXtBqEN7WxtWBhUhsCV3n2kEwIF7XIyOBasrPI=
last-modified
Thu, 02 Apr 2020 14:51:06 GMT
server
cloudflare
etag
W/"f3ec92708286fc1ce89ba6a2a8dde707"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-ray
58172a2e0d7e96c2-FRA
expires
Thu, 09 Apr 2020 21:05:46 GMT
fb.js
js.hsadspixel.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3489672.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa5a29bd9155a6a8a0e4af8cb8aed939c9c73d454de40ffafa401838b485055

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
via
1.1 f37f104903bda438e8b0547be6e0c193.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
148
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
x-amz-version-id
qMSpo3sC.BiIj70bgxAXW9_Js1.PmD46
last-modified
Mon, 30 Mar 2020 01:16:13 GMT
server
cloudflare
etag
W/"7a80569fddf77c67bd7c33bdc750aea0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
58172a2e0a13177a-FRA
x-amz-cf-id
8NNDThWSmf30jabtpl1zz51FhsrTEjWPK68ZUmYq_ruh3PaImbQKVA==
3489672.js
js.hs-banner.com/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/3489672.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3489672.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b51ea2f33b801b358eac091a1e172ce509d6dcb5c935a6b6e4beef1ed1eb57

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
152
status
200
x-guploader-uploadid
AEnB2UpUe-vciOpep36S-DTBt10vV2cL6khAIUeOem7U0kqDwi77kNhwZ0p18JckK95jTHe1RZwasGVLEXXf1yRrNbfVCJMl4A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-ray
58172a2e0fb6649d-FRA
access-control-allow-origin
https://payspan.com
last-modified
Wed, 25 Mar 2020 16:14:19 GMT
server
cloudflare
etag
W/"30f9dc92941a5a84aeba92f8a7db3e3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
604800
x-goog-hash
crc32c=ekANvw==, md5=MPnckpQaWoSuupL4p9s+PQ==
content-type
text/javascript
x-goog-generation
1585152859979047
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
26600
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 09 Apr 2020 21:04:09 GMT
logo-bw.png
payspan.com/wp-content/uploads/2019/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payspan.com/wp-content/uploads/2019/10/logo-bw.png
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c7dc83ecc605c29c3064729205e26badc409d9b011ff6240ac40bdbc315f9708

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
last-modified
Tue, 04 Feb 2020 04:24:59 GMT
server
nginx
status
200
etag
"5e38f21b-b55"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2901
QuickpayDashboard.png
payspan.com/wp-content/uploads/2020/02/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payspan.com/wp-content/uploads/2020/02/QuickpayDashboard.png
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a7e92bf93cdacddb845ec95c8831188e82768bc5efe199b96baa4ebc5755341

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
last-modified
Tue, 11 Feb 2020 02:47:45 GMT
server
nginx
status
200
etag
"5e4215d1-1010b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
65803
Card.png
payspan.com/wp-content/uploads/2020/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payspan.com/wp-content/uploads/2020/02/Card.png
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
dd283302926d3b7ac53238fbc4a5e983ea9114968402b7fc7ca16f799b920e62

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
last-modified
Tue, 11 Feb 2020 02:48:30 GMT
server
nginx
status
200
etag
"5e4215fe-3860"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14432
Computer.png
payspan.com/wp-content/uploads/2020/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payspan.com/wp-content/uploads/2020/02/Computer.png
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f1bc8a8027a311f929851ab5b9ffcfac9534860d4bf98a382a2d9b7eca272ca9

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
last-modified
Tue, 11 Feb 2020 02:48:53 GMT
server
nginx
status
200
etag
"5e421615-2ead"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11949
Calendar.png
payspan.com/wp-content/uploads/2020/02/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payspan.com/wp-content/uploads/2020/02/Calendar.png
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
267fcc0a02f321bb58190ed445ac828835c72c2f800a088fe16aad302a71ec83

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
last-modified
Tue, 11 Feb 2020 02:49:08 GMT
server
nginx
status
200
etag
"5e421624-35e6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13798
MultipleCards.png
payspan.com/wp-content/uploads/2020/02/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payspan.com/wp-content/uploads/2020/02/MultipleCards.png
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.40.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.40.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
68efd4d302404c1053359b05a9e68a2e01dc8403d2cdeb9441fad30440392294

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
last-modified
Tue, 11 Feb 2020 02:49:18 GMT
server
nginx
status
200
etag
"5e42162e-49c3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18883
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHDDM4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2795
date
Thu, 09 Apr 2020 20:15:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
17168
expires
Thu, 09 Apr 2020 22:15:06 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1619438367&utmhn=payspan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=QuickPay...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75785696-1&cid=2056474572.1586466101&jid=1963519803&_v=5.7.2&z=1619438367
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75785696-1&cid=2056474572.1586466101&jid=1963519803&_v=5.7.2&z=1619438367
Requested by
Host: payspan.com
URL: https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 09 Apr 2020 21:01:41 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Apr 2020 21:01:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75785696-1&cid=2056474572.1586466101&jid=1963519803&_v=5.7.2&z=1619438367
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
371
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2.js
js.hsforms.net/forms/ Frame F267 		420 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f10d9e8a1b6cd2053981c3516932d9c839508aa8aad7b771fe1befd41c4fcd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
via
1.1 7a99ed3f39c18af8fe138a695e5f657d.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
34335
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-amz-version-id
co0qKfCpgkPIBTcGinYN9wtDopmNgKEf
last-modified
Thu, 02 Apr 2020 11:26:06 GMT
server
cloudflare
etag
W/"b8f7568d1d43ecd1f80fc324e2262b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-amz-cf-pop
IAD89-C1
cf-ray
58172a2edf16d705-FRA
x-amz-cf-id
tZD0Mnfq3h5mktlFbz-0d9nIdN8-1_GQ_WtyRojCYxvpnIbeI8NG_g==
json
api.hubapi.com/hs-script-loader-public/v1/config/ 		24 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/json?portalId=3489672
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f66515816221ef8288f0b95b4bdeabb4cac30beaa95b8d581b05d790374525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
Origin
https://payspan.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
24
server
cloudflare
x-trace
2B8024FA639143E30F2FFD9BDD1DDB52CB76D11B9D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://payspan.com
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
58172a2fcbf396fe-FRA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=3489672&ct=standard-page&rcu=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F&pu=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D86100295%26_hsenc%3Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%26_hsmi%3D86100295&t=QuickPay+MW+%E2%80%93+Payspan+%7C+Healthcare+Reimbursement+Solutions+%7C+Hospital+Payment+Systems&cts=1586466101705&vi=e5054c0a2a36763a05a0e903d9a2458c&nc=true&u=227461634.e5054c0a2a36763a05a0e903d9a2458c.1586466101702.1586466101702.1586466101702.1&b=227461634.1.1586466101702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58172a2fcc3c175e-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=aafdf1e0-9020-4605-8b3a-d6405e55581b&fci=a8e1b20c-e3ef-4e6b-bbcb-d3f1e0c77661&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=3489672&ct=standard-page&rcu=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F&pu=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D86100295%26_hsenc%3Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%26_hsmi%3D86100295&t=QuickPay+MW+%E2%80%93+Payspan+%7C+Healthcare+Reimbursement+Solutions+%7C+Hospital+Payment+Systems&cts=1586466101708&vi=e5054c0a2a36763a05a0e903d9a2458c&nc=true&u=227461634.e5054c0a2a36763a05a0e903d9a2458c.1586466101702.1586466101702.1586466101702.1&b=227461634.1.1586466101702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58172a2fcc3e175e-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=aafdf1e0-9020-4605-8b3a-d6405e55581b&fci=a8e1b20c-e3ef-4e6b-bbcb-d3f1e0c77661&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=3489672&ct=standard-page&rcu=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F&pu=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D86100295%26_hsenc%3Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%26_hsmi%3D86100295&t=QuickPay+MW+%E2%80%93+Payspan+%7C+Healthcare+Reimbursement+Solutions+%7C+Hospital+Payment+Systems&cts=1586466101709&vi=e5054c0a2a36763a05a0e903d9a2458c&nc=true&u=227461634.e5054c0a2a36763a05a0e903d9a2458c.1586466101702.1586466101702.1586466101702.1&b=227461634.1.1586466101702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 21:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
58172a2fcc3f175e-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:384::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 21:01:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=53391
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1158122&url=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_so...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1158122%26url%3Dhttps%253A%252F%252Fpayspan.com%252Fpr_april_2020_eml_quickpay_ca...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1158122&url=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_so...
0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1158122&url=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D86100295%26_hsenc%3Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%26_hsmi%3D86100295&time=1586466101928&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payspan.com/pr_april_2020_eml_quickpay_campaign_mw/?utm_campaign=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW&utm_source=hs_email&utm_medium=email&utm_content=86100295&_hsenc=p2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8&_hsmi=86100295
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 21:01:42 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
ZxU2w4NCBBZAu8NSnCsAAA==

Redirect headers

date
Thu, 09 Apr 2020 21:01:42 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
strict-transport-security
max-age=2592000
content-length
0
x-li-uuid
e0G1vINCBBZgiIo9GSsAAA==
server
Play
pragma
no-cache
x-li-pop
prod-efr5
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1158122&url=https%3A%2F%2Fpayspan.com%2Fpr_april_2020_eml_quickpay_campaign_mw%2F%3Futm_campaign%3DPR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D86100295%26_hsenc%3Dp2ANqtz--7pU6JnsMjsmxvXaglInClmrSDRaHG8RA3X7q6mt6jd0GaRtKgEKU3nACkj8_X0s97XbzgKaanYhkhESGG-MYozH-fBQNll3tDa4oHW8Xms73HSO8%26_hsmi%3D86100295&time=1586466101928&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer_content object| _hsq function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR function| hs_reqwest_0 object| lazySizesConfig object| offSide object| wpcf7 object| smooth object| leadin_wordpress object| hero function| generateStickyDebounce object| generateOffside object| closeElements object| slideoutLinks function| closeOffsideOnAction function| generate_parallax_element function| offside function| SmoothScroll object| wp function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| jQuery112405529398035710114 object| lazySizes object| twemoji object| google_tag_manager object| _gaq object| _hsp boolean| PIXELS_RAN object| _paq boolean| _hspb_loaded boolean| _hstc_loaded object| _gat object| gaGlobal boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk

9 Cookies

Domain/Path Name / Value
.payspan.com/ Name: hubspotutk
Value: e5054c0a2a36763a05a0e903d9a2458c
.payspan.com/ Name: __hssc
Value: 227461634.1.1586466101702
.payspan.com/ Name: __utma
Value: 188091689.2056474572.1586466101.1586466101.1586466101.1
.payspan.com/ Name: __utmz
Value: 188091689.1586466101.1.1.utmcsr=hs_email|utmccn=PR_APRIL_2020_EML_QUICKPAY_CAMPAIGN_MW|utmcmd=email|utmcct=86100295
.payspan.com/ Name: __utmb
Value: 188091689.1.10.1586466101
.payspan.com/ Name: __hstc
Value: 227461634.e5054c0a2a36763a05a0e903d9a2458c.1586466101702.1586466101702.1586466101702.1
.payspan.com/ Name: __utmt_UA-75785696-1
Value: 1
.payspan.com/ Name: __hssrc
Value: 1
.payspan.com/ Name: __utmc
Value: 188091689

2 Console Messages

Source Level URL
Text
console-api debug URL: https://ja.t.hubspotemail.net/e2t/c/*N96pfhPxGdjBW3WYgPn1dF8fm0/*W4LYmwp4Q9HsrW1cqGsP7-JsxG0/5/f18dQhb0SfHG9c-lR0N7jCY1THyjJqMRbJfHdnGtnW3hHh995Cgxh0VnQ9Qq8Zvt8rW54lyTw8YztwfN8ZvGMKJB9XCW4dG6yg56kT2rW4cQ3kk2MnrYcN4L5FZDKng6qW1Wg4dv4dtKR_N2MznrL5lSvXW8RCNR_5Pd8pBW6nPfjf4LNMj6W861YMD8S5FF2V33WT24Ftsz_W3Vpk-D96zRPSW6bT6L32mGvTBW4dnWJc69NG1wW6PqZy77fdm-8N6W3RDgHd1dNW18T0S-1VJrykW5lX8fq13bD4hN6dkl-_qcQXYW8TyTmD539kWzW1fdqd32dg9gQW4b0lQG4MFDqHW1GPLTy1jF2tVW49wRZM2_W8j3W4Q2HG13qZBstW8VHHtf6yxtSXVsM3zf1jb8XdW6X3bXy1fv4-cW3ny7-k4hR0nQW6fTBRh5JRtLHN4b0HsxH6gVcW756P2z55SvHpN4PspvWy9d1KVPFPMt893BMyW73R1h2224lghW1RZF9t1mF0YkW20T1qD6SpBkpW1dBCVX239KBcW62ckbt2LdjVlW8jqgnT1ZWxSyW8s6HPs8wzwmSW3Gc9QS1WxMq6W6hR06f4rYsVsW4PxjJZ3DlwBbVBdycF5DTz080(Line 13)
Message:
toS
console-api log URL: https://payspan.com/wp-content/cache/autoptimize/js/autoptimize_73322603a520ff4afc7d5b314aefd120.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
ja.t.hubspotemail.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
payspan.com
px.ads.linkedin.com
server2.chicmic.in
snap.licdn.com
ssl.google-analytics.com
stats.g.doubleclick.net
track.hubspot.com
www.googletagmanager.com
www.linkedin.com
104.198.40.93
112.196.9.242
2606:4700::6810:5805
2606:4700::6811:45b0
2606:4700::6811:74b0
2606:4700::6811:ba49
2606:4700::6811:c8cc
2606:4700::6811:d3cc
2606:4700::6812:15bf
2606:4700::6812:a405
2606:4700::6813:9a53
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9d
2a02:26f0:3100:384::25ea
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
00f66515816221ef8288f0b95b4bdeabb4cac30beaa95b8d581b05d790374525
09b51ea2f33b801b358eac091a1e172ce509d6dcb5c935a6b6e4beef1ed1eb57
0f10d9e8a1b6cd2053981c3516932d9c839508aa8aad7b771fe1befd41c4fcd0
10dcf091a79b46c769df9e9ab1f34ba783be24009268162976bba206c63cf9a1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
217146edd139cd6b58fc8cdfb7de14403f5a4c539678e075d6ccc3eed24ed2c7
267fcc0a02f321bb58190ed445ac828835c72c2f800a088fe16aad302a71ec83
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a7e92bf93cdacddb845ec95c8831188e82768bc5efe199b96baa4ebc5755341
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
65a18406f49c8f8b6b236ef5c6119657fea7e85f387af30d77ace08c6d40c655
68efd4d302404c1053359b05a9e68a2e01dc8403d2cdeb9441fad30440392294
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
ad59ddc1d9939ae9f117cb78c02bd1bfa5835823d8e4a95a2191b71f456ac959
b2f3e27d8791f2aac12b0b07d8434504ee80a45256b7c72a005e833f7dc50066
b46a7a80763673c1e62cce16082bb67d8830f7ad88531a8aea1faff3bcb6597e
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
be61feaaaaa8531ca2045cf10cc7fbba558f62b6676ebe3e441ddfc8137d12c7
c7dc83ecc605c29c3064729205e26badc409d9b011ff6240ac40bdbc315f9708
cfa5a29bd9155a6a8a0e4af8cb8aed939c9c73d454de40ffafa401838b485055
d532359e19d5dc48eaf3c512064f2faf4de0861bc68f6dccb5a17d0252cefc01
da7e614ed12123b9047e6178d323ec4d75a575a1f41376c2e55de1c7295b1678
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd283302926d3b7ac53238fbc4a5e983ea9114968402b7fc7ca16f799b920e62
e198295e2511c5b17d6f92cc0a35bbe5912fbd1071222a5c20f65588f58e5c06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d8965c554cbf000327782b3032255a9dd2bca133f0e7740388df045e1bf2be
f153a6e1ba72b8e200d2bd544087f0d265261beeff8c31191ae97ddb141094cd
f1bc8a8027a311f929851ab5b9ffcfac9534860d4bf98a382a2d9b7eca272ca9
f1c83b5babda26c50c409dd8cc540837af6a0ca9160096a02f0e7abb732b4820
f2b49ae118707bc6a883c9b5d33321c1c5744e5e61ba5338ef2e7e4086d1e1b8