Submitted URL: https://4idq0.r.a.d.sendibm1.com/mk/cl/f/Vw9iB9aBgGMzTszYszWFoLK-Bf7IVP3zT0C64BUtDKl2xOkexhT5WVBygVscvJ__QW3a8ULc-O-aNKUe5a8QuMC0...
Effective URL: http://www.paradigmq.com/monsters/
Submission Tags: falconsandbox
Submission: On November 22 via api from US

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 57 HTTP transactions. The main IP is 192.124.249.103, located in United States and belongs to SUCURI-SEC, US. The main domain is www.paradigmq.com.
This is the only time www.paradigmq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
29 www.paradigmq.com www.paradigmq.com
4 bot.xola.com botcdn.xola.com
4 xola.com www.paradigmq.com
xola.com
botcdn.xola.com
3 fonts.gstatic.com www.paradigmq.com
2 elrond.xola.com botcdn.xola.com
2 stackpath.bootstrapcdn.com botcdn.xola.com
stackpath.bootstrapcdn.com
2 cdnjs.cloudflare.com xola.com
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
1 fonts.googleapis.com botcdn.xola.com
1 botcdn.xola.com xola.com
1 cdn.polyfill.io xola.com
1 www.google.de www.paradigmq.com
1 www.google.com www.paradigmq.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.google.dk www.paradigmq.com
1 www.googletagmanager.com www.paradigmq.com
1 4idq0.r.a.d.sendibm1.com 1 redirects
57 18
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
paradigmq.com
Starfield Secure Certificate Authority - G2
2020-10-12 -
2021-10-12
a year crt.sh
*.xola.com
Amazon
2020-10-25 -
2021-11-24
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.googleadservices.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google.dk
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.paradigmq.com/monsters/
Frame ID: 4A1356A6C823C326D5BB1C4050A7B0E5
Requests: 54 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://4idq0.r.a.d.sendibm1.com/mk/cl/f/Vw9iB9aBgGMzTszYszWFoLK-Bf7IVP3zT0C64BUtDKl2xOkexhT5WVBygVscvJ__QW3a... HTTP 302
    http://www.paradigmq.com/monsters/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

57
Requests

56 %
HTTPS

71 %
IPv6

14
Domains

18
Subdomains

16
IPs

5
Countries

2404 kB
Transfer

4936 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://4idq0.r.a.d.sendibm1.com/mk/cl/f/Vw9iB9aBgGMzTszYszWFoLK-Bf7IVP3zT0C64BUtDKl2xOkexhT5WVBygVscvJ__QW3a8ULc-O-aNKUe5a8QuMC0JZ6FXOHu55j9XGyAa5AF5vy2kjFFf-KuCz3-A0akhrXHZucCdk3U0yiPcIdZxWFa5Q65RdGo8ejMIfoXYl3pAAotKVfflhiUWg HTTP 302
    http://www.paradigmq.com/monsters/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.googleadservices.com/pagead/conversion/700078440/wcm?cc=ZZ&dn=3602075353&cl=ZYs5CPDv1bEBEOiy6c0C&ct_eid=2 HTTP 302
  • https://www.google.dk/pagead/attribution/wcm?cc=ZZ&dn=3602075353&cl=ZYs5CPDv1bEBEOiy6c0C

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.paradigmq.com/monsters/
Redirect Chain
  • https://4idq0.r.a.d.sendibm1.com/mk/cl/f/Vw9iB9aBgGMzTszYszWFoLK-Bf7IVP3zT0C64BUtDKl2xOkexhT5WVBygVscvJ__QW3a8ULc-O-aNKUe5a8QuMC0JZ6FXOHu55j9XGyAa5AF5vy2kjFFf-KuCz3-A0akhrXHZucCdk3U0yiPcIdZxWFa5Q65...
  • http://www.paradigmq.com/monsters/
70 KB
18 KB
Document
General
Full URL
http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
048594e11e9214b35ad54c9ae99f0ee5dd4008f1427d202b99a68f9e28abf610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.paradigmq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Sucuri/Cloudproxy
Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Sucuri-ID
19003
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Link
<https://www.paradigmq.com/wp-json/>; rel="https://api.w.org/", <https://www.paradigmq.com/wp-json/wp/v2/pages/3216>; rel="alternate"; type="application/json", <https://www.paradigmq.com/?p=3216>; rel=shortlink
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
X-Endurance-Cache-Level
0
Content-Encoding
gzip
X-Sucuri-Cache
MISS

Redirect headers

Content-Length
57
Content-Type
text/html; charset=utf-8
Date
Sun, 22 Nov 2020 13:49:14 GMT
Location
http://www.paradigmq.com/monsters/
X-Content-Type-Options
nosniff
X-Sib-Server
SENDINBLUE-red2-2
X-Xss-Protection
1
light_style.css
www.paradigmq.com/wp-content/plugins/jquery-collapse-o-matic/
1 KB
947 B
Stylesheet
General
Full URL
http://www.paradigmq.com/wp-content/plugins/jquery-collapse-o-matic/light_style.css?ver=1.6
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
8feeab8c1bf06b50257479af3e684756ee3e96f09c2f053ddd593c22a71e2de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Sep 2020 04:18:54 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
text/css
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wpcf7-redirect-frontend.min.css
www.paradigmq.com/wp-content/plugins/wpcf7-redirect/build/css/
316 B
611 B
Stylesheet
General
Full URL
http://www.paradigmq.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=5.5.3
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 29 Oct 2020 22:19:42 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
text/css
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
passster-public.min.css
www.paradigmq.com/wp-content/plugins/content-protector/assets/public/
2 KB
1 KB
Stylesheet
General
Full URL
http://www.paradigmq.com/wp-content/plugins/content-protector/assets/public/passster-public.min.css?ver=all
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
fc88f460ed210bdc5f2535b36ba1a6aa3d84ed621dabab776abcb14ca3440753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Sep 2020 17:38:29 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
text/css
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
www.paradigmq.com/wp-content/themes/Avada/assets/css/
106 KB
26 KB
Stylesheet
General
Full URL
http://www.paradigmq.com/wp-content/themes/Avada/assets/css/style.min.css?ver=7.1.1
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
c247ef258664c45ef724c5e6e8600e076b091187f9217b3f51d258b9e9227536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Oct 2020 20:04:29 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
text/css
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
b8fffb7b8c23bad40352031c5c1cdb43.min.css
www.paradigmq.com/wp-content/uploads/fusion-styles/
1 MB
163 KB
Stylesheet
General
Full URL
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
c9adbae6907efe878182a4623a4b36b818bd98a5ae392d579b58095bc75a5ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 08 Nov 2020 20:32:25 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
text/css
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
www.paradigmq.com/wp-includes/js/jquery/
95 KB
39 KB
Script
General
Full URL
http://www.paradigmq.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Oct 2020 23:48:22 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie.js
www.paradigmq.com/wp-content/plugins/content-protector/assets/public/
1 KB
1 KB
Script
General
Full URL
http://www.paradigmq.com/wp-content/plugins/content-protector/assets/public/cookie.js?ver=3.3.8
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Sep 2020 17:38:29 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
captcha.js
www.paradigmq.com/wp-content/plugins/content-protector/assets/public/
2 KB
1 KB
Script
General
Full URL
http://www.paradigmq.com/wp-content/plugins/content-protector/assets/public/captcha.js?ver=3.3.8
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
04836e640bee230128d79d604eb34cf065568a8608530369fbc169de408a0cb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Sep 2020 17:38:29 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
passster-public.min.js
www.paradigmq.com/wp-content/plugins/content-protector/assets/public/
5 KB
2 KB
Script
General
Full URL
http://www.paradigmq.com/wp-content/plugins/content-protector/assets/public/passster-public.min.js?ver=3.3.8.8
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
f16f58106a60c24490ea260438e8eca5fb5de8ecc113dc9528126516b8fe4e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Sep 2020 17:38:29 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-700078440
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2e7e042888380a83d21e8dfbc86a2292250c4116cd40dea4225a80f91302700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38703
x-xss-protection
0
last-modified
Sun, 22 Nov 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 Nov 2020 13:49:18 GMT
paradigmqlogo.png
www.paradigmq.com/wp-content/uploads/2019/08/
10 KB
11 KB
Image
General
Full URL
http://www.paradigmq.com/wp-content/uploads/2019/08/paradigmqlogo.png
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
5c14f83c84f12c249435a1feb3afbef407508e7c4eebbcae714b1fed33e588b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 05 Sep 2020 00:16:41 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
image/png
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
X-Sucuri-ID
19003
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10590
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
MomLogo.png
www.paradigmq.com/wp-content/uploads/2020/10/
622 KB
622 KB
Image
General
Full URL
http://www.paradigmq.com/wp-content/uploads/2020/10/MomLogo.png
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
5f08488f506fd4b922f06500aa7b7def59ac17164cf56235cac982abd63a0155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Oct 2020 20:24:34 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
image/png
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
X-Sucuri-ID
19003
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
636619
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
www.paradigmq.com/wp-includes/js/
14 KB
6 KB
Script
General
Full URL
http://www.paradigmq.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Oct 2020 23:48:22 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
egpdx.jpg
www.paradigmq.com/wp-content/uploads/2019/08/
5 KB
5 KB
Image
General
Full URL
https://www.paradigmq.com/wp-content/uploads/2019/08/egpdx.jpg
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
42cbeb37b99b9236bdd8afb9f43488c422ea85e034b9fba558eafe85248ae621
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Sep 2020 00:16:48 GMT
server
nginx
x-frame-options
SAMEORIGIN
x-endurance-cache-level
0
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
4862
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
www.paradigmq.com/wp-includes/css/dist/block-library/
53 KB
10 KB
Stylesheet
General
Full URL
http://www.paradigmq.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Oct 2020 23:48:21 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
text/css
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
theme.min.css
www.paradigmq.com/wp-includes/css/dist/block-library/
2 KB
1 KB
Stylesheet
General
Full URL
http://www.paradigmq.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.3
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Oct 2020 23:48:21 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
text/css
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
www.paradigmq.com/wp-content/plugins/contact-form-7/includes/js/
14 KB
5 KB
Script
General
Full URL
http://www.paradigmq.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 29 Oct 2020 22:19:40 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
collapse.js
www.paradigmq.com/wp-content/plugins/jquery-collapse-o-matic/js/
21 KB
6 KB
Script
General
Full URL
http://www.paradigmq.com/wp-content/plugins/jquery-collapse-o-matic/js/collapse.js?ver=1.6.23
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
ce71bd0b07d0835b92d387d4c3b715e6c452d9f772e62b15f37dee32eeb59bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Sep 2020 04:18:54 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wpcf7-redirect-frontend-script.js
www.paradigmq.com/wp-content/plugins/wpcf7-redirect/build/js/
8 KB
2 KB
Script
General
Full URL
http://www.paradigmq.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
746079d5a011239fcdcbb90b77c26db4b25140e1c314457a4fd880fe40045c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 29 Oct 2020 22:19:42 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
adbec66cce70d03937e1aeee909d2039.min.js
www.paradigmq.com/wp-content/uploads/fusion-scripts/
1 MB
347 KB
Script
General
Full URL
http://www.paradigmq.com/wp-content/uploads/fusion-scripts/adbec66cce70d03937e1aeee909d2039.min.js?ver=3.1.1
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
993ac158d33eadeff1319602e938e7c8c2a41cc4d134c9a6247b65f0c61b29fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Oct 2020 20:27:49 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
www.paradigmq.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
http://www.paradigmq.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Oct 2020 23:48:22 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
application/javascript
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
checkout.js
xola.com/
29 KB
29 KB
Script
General
Full URL
https://xola.com/checkout.js
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
6524738bee73552b2dcb59e1af693bd1a96e5ce9565981df620d792dfc3d87c5

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
last-modified
Mon, 12 Oct 2020 10:42:45 GMT
server
nginx
x-powered-by
Express
etag
W/"73ab-1751c67cacd"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
29611
mem8YaGs126MiZpBA-UFVZ0df8pkAg.woff
fonts.gstatic.com/s/opensans/v18/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0df8pkAg.woff
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef84687ea3887cb44dc4d52ec27569a7b65f6ac8c87356b72ae1568a0e3ea9a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.paradigmq.com
Referer
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 11:21:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:27 GMT
server
sffe
age
440897
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12028
x-xss-protection
0
expires
Wed, 17 Nov 2021 11:21:01 GMT
ABOUTIMG.jpg
www.paradigmq.com/wp-content/uploads/2019/08/
169 KB
170 KB
Image
General
Full URL
https://www.paradigmq.com/wp-content/uploads/2019/08/ABOUTIMG.jpg
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
d59053a2ff4858e5cd98774bf60833639c0f0fc0072cf49949dc5ba581c98bef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Sep 2020 00:16:48 GMT
server
nginx
x-frame-options
SAMEORIGIN
x-endurance-cache-level
0
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
173189
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
footerblk2.jpg
www.paradigmq.com/wp-content/uploads/2019/08/
33 KB
34 KB
Image
General
Full URL
https://www.paradigmq.com/wp-content/uploads/2019/08/footerblk2.jpg
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
dddc49a6e2b6bed56eacb0f0ed68ee1d3ec15585f81a12362ad4eb31dec02e25
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Sep 2020 00:16:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
x-endurance-cache-level
0
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
33974
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icomoon.woff
www.paradigmq.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/
21 KB
21 KB
Font
General
Full URL
http://www.paradigmq.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
adb8f6a60466aa8292ca11f56ab5a2bed803719a1d32df096e8dca6224a6523a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
http://www.paradigmq.com
Referer
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Oct 2020 20:04:29 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
font/woff
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
X-Sucuri-ID
19003
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21112
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mem5YaGs126MiZpBA-UN7rgOUuhvKKSTjw.woff
fonts.gstatic.com/s/opensans/v18/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhvKKSTjw.woff
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
174da0210f4b41f3459d883328e6b839e4525c5f292664c2a8bcba1dc8374cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.paradigmq.com
Referer
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 18:29:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:25 GMT
server
sffe
age
69560
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11952
x-xss-protection
0
expires
Sun, 21 Nov 2021 18:29:58 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2RlV9Su1cai.woff
fonts.gstatic.com/s/robotoslab/v12/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2RlV9Su1cai.woff
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670aeadab801545b994fbbdf0379b3e06e37bc709b2283586915fa124ce10693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.paradigmq.com
Referer
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 19:20:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:24:04 GMT
server
sffe
age
66534
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15368
x-xss-protection
0
expires
Sun, 21 Nov 2021 19:20:24 GMT
fa-solid-900.woff2
www.paradigmq.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/
78 KB
79 KB
Font
General
Full URL
http://www.paradigmq.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
75f5349190725c85b426fdb66c683beb21b7804792d0770a9e84b28e7ace5d28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
http://www.paradigmq.com
Referer
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Oct 2020 20:04:29 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
font/woff2
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
X-Sucuri-ID
19003
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80272
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-regular-400.woff2
www.paradigmq.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/
13 KB
14 KB
Font
General
Full URL
http://www.paradigmq.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
41dc4f99f4101a4ae7956b5c23c2d40e04ffb928c7ebd989658d950b4e2f7c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
http://www.paradigmq.com
Referer
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Oct 2020 20:04:29 GMT
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
font/woff2
X-Sucuri-Cache
MISS
Cache-Control
max-age=315360000
X-Sucuri-ID
19003
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13584
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
conversion_async.js
www.googleadservices.com/pagead/
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-700078440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11761
x-xss-protection
0
server
cafe
etag
8854462785499610041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 22 Nov 2020 13:49:18 GMT
loader.js
www.gstatic.com/wcm/
539 B
522 B
Script
General
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-700078440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Jun 2020 00:15:00 GMT
server
sffe
age
2103
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
366
x-xss-protection
0
expires
Sun, 22 Nov 2020 14:14:15 GMT
call-tracking_2.js
www.gstatic.com/call-tracking/
51 KB
20 KB
Script
General
Full URL
http://www.gstatic.com/call-tracking/call-tracking_2.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 19 Nov 2020 13:41:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 17:15:00 GMT
Server
sffe
Age
259696
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
19708
X-XSS-Protection
0
Expires
Fri, 19 Nov 2021 13:41:02 GMT
wcm
www.google.dk/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/700078440/wcm?cc=ZZ&dn=3602075353&cl=ZYs5CPDv1bEBEOiy6c0C&ct_eid=2
  • https://www.google.dk/pagead/attribution/wcm?cc=ZZ&dn=3602075353&cl=ZYs5CPDv1bEBEOiy6c0C
80 B
569 B
XHR
General
Full URL
https://www.google.dk/pagead/attribution/wcm?cc=ZZ&dn=3602075353&cl=ZYs5CPDv1bEBEOiy6c0C
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Sun, 22 Nov 2020 13:49:18 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.dk/pagead/attribution/wcm?cc=ZZ&dn=3602075353&cl=ZYs5CPDv1bEBEOiy6c0C
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
http://www.paradigmq.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/700078440/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700078440/?random=1606052958502&cv=9&fst=1606052958502&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.paradigmq.com%2Fmonsters%2F&tiba=Monsters%20%7C%20paradigmQ&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b9b8e022241491e8c5f9ad66a18ed4010485658b90a8834e4d1b4cb23e101c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Nov 2020 13:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/700078440/
42 B
251 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/700078440/?random=1606052958502&cv=9&fst=1606050000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.paradigmq.com%2Fmonsters%2F&tiba=Monsters%20%7C%20paradigmQ&async=1&fmt=3&is_vtc=1&random=2017752839&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Nov 2020 13:49:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/700078440/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/700078440/?random=1606052958502&cv=9&fst=1606050000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.paradigmq.com%2Fmonsters%2F&tiba=Monsters%20%7C%20paradigmQ&async=1&fmt=3&is_vtc=1&random=2017752839&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Nov 2020 13:49:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframeResizer.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/2.8.10/
8 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/2.8.10/iframeResizer.min.js
Requested by
Host: xola.com
URL: https://xola.com/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d188ce0e476bf4994827347d4433fec168619bb7eb2adf13aaec6fced0caf7eb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
182917
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
2978
cf-request-id
0691d069bb000018e5d7910000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
etag
"5eb03e9f-2011"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YuIVcptk8ScoSjbmtO2K24DJor8dPpIFk3wUjexgpOpOAToXMGh4wcLLbWMlq6fhWSzs8wYqUkrozONk9s2N9C%2BLGDMgq2Avr09A6jGOEbBSXN2MiCD1mpTE%2F%2F%2B3d83POg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f631cef99a618e5-FRA
expires
Fri, 12 Nov 2021 13:49:18 GMT
polyfill.min.js
cdn.polyfill.io/v3/
184 B
572 B
Script
General
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?features=fetch,forEach,NodeList.prototype.forEach&callback=window.xola.populateLinksFromExternalLinks
Requested by
Host: xola.com
URL: https://xola.com/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b9018ed4aa45e03d15420d95b613414113547263b03d57c5a4cb4d14f21a9f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
400864
detected-user-agent
Chrome Mobile/83.0.4103
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length
120
referrer-policy
origin-when-cross-origin
last-modified
Tue, 17 Nov 2020 12:46:58 GMT
date
Sun, 22 Nov 2020 13:49:18 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
externalLinks
xola.com/
154 B
323 B
Fetch
General
Full URL
https://xola.com/externalLinks?button=5f88afb9cf200b13b77547fb
Requested by
Host: xola.com
URL: https://xola.com/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e67bae5cebcb742b11c4200d47725af65e67c9e713a50c16aa0cde04046989f9

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 Nov 2020 13:49:18 GMT
server
nginx
x-powered-by
Express
etag
W/"9a-wFzz9u0R19cENvjwJx3m7QUL7nc"
content-length
154
content-type
application/json; charset=utf-8
ajax-loader.gif
www.paradigmq.com/wp-content/assets/
22 KB
22 KB
Image
General
Full URL
http://www.paradigmq.com/wp-content/assets/ajax-loader.gif
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
Protocol
HTTP/1.1
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
434aa8695675a7f56354c872c5794bbc1c82a06d2580b7aed9732a34cac5103d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/wp-content/uploads/fusion-styles/b8fffb7b8c23bad40352031c5c1cdb43.min.css?ver=3.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 22 Nov 2020 13:49:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Sucuri/Cloudproxy
X-Frame-Options
SAMEORIGIN
X-Endurance-Cache-Level
0
Content-Type
text/html; charset=UTF-8
X-Sucuri-Cache
MISS
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sucuri-ID
19003
Connection
keep-alive
Link
<https://www.paradigmq.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Jan 1984 05:00:00 GMT
momBG.jpg
www.paradigmq.com/wp-content/uploads/2020/10/
126 KB
126 KB
Image
General
Full URL
https://www.paradigmq.com/wp-content/uploads/2020/10/momBG.jpg
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
4e7a08c3c0db92b766dae3c32c3ee3eea0472303fa3073e6d3a46be48a85ac00
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Oct 2020 20:22:37 GMT
server
nginx
x-frame-options
SAMEORIGIN
x-endurance-cache-level
0
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
128868
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
futuregame.jpg
www.paradigmq.com/wp-content/uploads/2019/08/
231 KB
232 KB
Image
General
Full URL
https://www.paradigmq.com/wp-content/uploads/2019/08/futuregame.jpg
Requested by
Host: www.paradigmq.com
URL: http://www.paradigmq.com/monsters/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
65b26d0e1d890bb2d4a8e216edc2ed6ff6925de7432a1097009b6bbaa670a238
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:19 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Sep 2020 00:16:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
x-endurance-cache-level
0
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
236716
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
easyXDM.min.js
cdnjs.cloudflare.com/ajax/libs/easyXDM/2.4.20/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/easyXDM/2.4.20/easyXDM.min.js
Requested by
Host: xola.com
URL: https://xola.com/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
266aad0852697363604e637789291d46a552531739a69d36e7d63fb9a464eabe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
182933
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
6504
cf-request-id
0691d06b0c000018e5af010000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:34 GMT
server
cloudflare
etag
"5eb03e3e-5100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CFlr4QWKgFKIUHiwUqvMfWNm4b8oxjiVZubO1pWICeoxq3nK6Jkr755yoRXprPKKZZ%2BEVXaOpJ0Ts03dEwF5z4G9EpWhhvLa%2FuAKmZrpmvdrQRLjRKBZy2yhVtB0WHWf%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f631cf1ae8e18e5-FRA
expires
Fri, 12 Nov 2021 13:49:18 GMT
client
botcdn.xola.com/
661 KB
201 KB
Script
General
Full URL
https://botcdn.xola.com/client
Requested by
Host: xola.com
URL: https://xola.com/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
17e2ee31c40a12b80551550b61ffd087a6488bd3fa8d43d3286c5e5018f45520

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:09:57 GMT
content-encoding
gzip
etag
W/"a55c6-1725a533ae4"
last-modified
Thu, 28 May 2020 08:08:23 GMT
server
nginx/1.10.3 (Ubuntu)
age
2362
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
q67sCKzkjE3ldYbDiXcdvDQuBt-1QF3XrQ-tczHa-NkRYbs-kNLUdg==
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: botcdn.xola.com
URL: https://botcdn.xola.com/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
css
fonts.googleapis.com/
1 KB
538 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Maven+Pro
Requested by
Host: botcdn.xola.com
URL: https://botcdn.xola.com/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1392e666de3d08b2ef81f6be367d59eb99c00a5e17bf8ff6b9d0f3133afcc22a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 22 Nov 2020 12:39:27 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Sun, 22 Nov 2020 13:49:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 22 Nov 2020 13:49:19 GMT
5f88afb9cf200b13b77547fb
xola.com/api/buttons/
445 B
839 B
XHR
General
Full URL
https://xola.com/api/buttons/5f88afb9cf200b13b77547fb
Requested by
Host: botcdn.xola.com
URL: https://botcdn.xola.com/client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
0e61f4a66cdede24e4855061983481173092900053a3e4726814c2a1af07a379

Request headers

Accept
application/json, text/plain, */*
Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:19 GMT
content-encoding
gzip
x-newrelic-app-data
PxQBU1dbDwsTXFVbBAUHVEYdFGQHBDcQUQxLA1tMXV1dORYgUhVaDQpqGBkJD1lsUwsMD1hfaAQRRUJcDDkEB0QATRZMV1oQH1UXUQFRA1JIBhlRVVMNCxxJUE4VBFMCVQYFBldUVwAGWwwHCBoYVFIJSgRs
server
nginx
x-powered-by
Express
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60, public
access-control-allow-headers
Content-Type, User-Agent, If-Modified-Since, Cache-Control, Authorization, X-API-KEY, X-API-VERSION, X-APP, X-SELLER-ID, X-USER-ID, X-FULLSTORY-URL, X-RECAPTCHA-RESPONSE, X-Skip-WWW-Authenticate, X-File-Name, X-Requested-With
xolabot
xola.com/api/sellers/5ced881d738ffc1d5924f2bd/preferences/
55 B
687 B
XHR
General
Full URL
https://xola.com/api/sellers/5ced881d738ffc1d5924f2bd/preferences/xolabot
Requested by
Host: botcdn.xola.com
URL: https://botcdn.xola.com/client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
9ee8f27ba00b66b9509f5ef1565891d1dafa6cec9f017604788355409e475134

Request headers

Accept
application/json, text/plain, */*
Referer
http://www.paradigmq.com/monsters/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:19 GMT
content-encoding
gzip
x-newrelic-app-data
PxQBU1dbDwsTXFVbBAUHVEYdFGQHBDcQUQxLA1tMXV1dORYgUhVaDQpqGBkJD1lsQwENDlJDaBYWVFBWEAMNAVURZxpXVFVQXBFJE1QHVhABWFQEOQRdR0gLDQNVXkMWFlRQVhADDQFVQBRSFggEAgNVFVEfUQFVUg8bTFdPGgAFAVkGAgEPVQYGBARXVwFAHARZDktdaQ==
server
nginx
x-powered-by
Express
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
access-control-allow-headers
Content-Type, User-Agent, If-Modified-Since, Cache-Control, Authorization, X-API-KEY, X-API-VERSION, X-APP, X-SELLER-ID, X-USER-ID, X-FULLSTORY-URL, X-RECAPTCHA-RESPONSE, X-Skip-WWW-Authenticate, X-File-Name, X-Requested-With
/
elrond.xola.com/abilities/xolabot/
20 B
201 B
XHR
General
Full URL
https://elrond.xola.com/abilities/xolabot/?seller=5ced881d738ffc1d5924f2bd
Requested by
Host: botcdn.xola.com
URL: https://botcdn.xola.com/client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6e9b8ba5d89dfc1dd8e3a5a9f1b2395f95faab68f0e04853ce4a91cfd9483d3f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://www.paradigmq.com/monsters/
X-SESSION-ID
5fba6c5f2ccb87f89f82a47c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-USER-ID
5fba6c5f2ccb87f89f82a47b

Response headers

access-control-allow-origin
*
date
Sun, 22 Nov 2020 13:49:19 GMT
cache-control
public, max-age=60
x-powered-by
Express
etag
W/"14-8pxBsKC9C5IkvQm331PsPj/8K8s"
content-length
20
content-type
application/json; charset=utf-8
/
elrond.xola.com/abilities/xolabot/
0
0
Other
General
Full URL
https://elrond.xola.com/abilities/xolabot/?seller=5ced881d738ffc1d5924f2bd
Protocol
H2
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-session-id,x-user-id
Origin
http://www.paradigmq.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 22 Nov 2020 13:49:19 GMT
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
x-session-id,x-user-id
activity
bot.xola.com/
0
157 B
XHR
General
Full URL
https://bot.xola.com/activity
Requested by
Host: botcdn.xola.com
URL: https://botcdn.xola.com/client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
http://www.paradigmq.com/monsters/
X-SESSION-ID
5fba6c5f2ccb87f89f82a47c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-USER-ID
5fba6c5f2ccb87f89f82a47b
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 22 Nov 2020 13:49:24 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
activity
bot.xola.com/
0
0
Other
General
Full URL
https://bot.xola.com/activity
Protocol
H2
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-session-id,x-user-id
Origin
http://www.paradigmq.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 22 Nov 2020 13:49:24 GMT
content-type
text/plain charset=UTF-8
content-length
0
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-USER-ID, X-SESSION-ID
access-control-max-age
1728000
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
http://www.paradigmq.com
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 13:49:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
activity
bot.xola.com/
0
157 B
XHR
General
Full URL
https://bot.xola.com/activity
Requested by
Host: botcdn.xola.com
URL: https://botcdn.xola.com/client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
http://www.paradigmq.com/monsters/
X-SESSION-ID
5fba6c5f2ccb87f89f82a47c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-USER-ID
5fba6c5f2ccb87f89f82a47b
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 22 Nov 2020 13:49:34 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
activity
bot.xola.com/
0
0
Other
General
Full URL
https://bot.xola.com/activity
Protocol
H2
Server
34.230.140.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-140-10.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-session-id,x-user-id
Origin
http://www.paradigmq.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 22 Nov 2020 13:49:34 GMT
content-type
text/plain charset=UTF-8
content-length
0
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-USER-ID, X-SESSION-ID
access-control-max-age
1728000

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| Cookies function| jCaptcha object| ps_ajax object| doc function| gtag object| dataLayer string| colomatduration string| colomatslideEffect string| colomatpauseInit string| colomattouchstart function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| google_tag_manager object| google_tag_data function| _googWcmImpl string| _googWcmAk object| wpcf7 object| google_js_reporting_queue number| google_srt function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl function| collapse_init function| swapTitle function| toggleState function| closeOtherGroups function| closeOtherRelMembers function| closeOtherTogMembers function| closeOtherMembers function| colomat_expandall function| colomat_collapseall object| wpcf7r object| wpcf7_redirect function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| xola function| iFrameResize object| twemoji object| wp object| cssua object| fusionMenuVars function| fusionNavClickExpandBtn function| fusionNavClickExpandSubmenuBtn function| fusionNavMegamenuPosition function| fusionNavMobilePosition function| fusionNavSubmenuDirection function| fusionNavSearchOverlay function| fusionNavCloseFlyoutSub function| fusionNavAltArrowsClass function| fusionNavRunAll function| fusionAdjustNavMobilePosition object| fusionRecentPostsVars object| formCreatorConfig object| fusionAnimationsVars function| fusionSetMobileAnimationData function| fusionSetAnimationData object| fusionVideoVars object| fusionJSVars object| fusion object| fusionMapsVars object| fusionLightboxVideoVars object| fusionLightboxVars function| avadaLightBoxInitializeLightbox object| fusionCarouselVars function| generateCarousel object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionInitTooltips object| fusionBlogVars object| avadaCommentVars function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| avadaFusionSliderVars function| updateVideoTag function| avadaFusionSlider object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles function| slidingBarHandling object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| getWaypointTopOffset object| avadaSidebarsVars function| fusionReSettStickySidebarStatus function| setStickySidebarStatus function| calcStickySidebarOffset function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| checkHoverTouchState function| getAdminbarHeight function| getWaypointOffset object| fusionVideoGeneralVars object| fusionTimeout undefined| prevCallback function| insertParam function| registerYoutubePlayers function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| onPlayerReady function| ytVidId function| playVideoAndPauseOthers function| fusionYouTubeTimeout object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| onYouTubeIframeAPIReady function| vimeoReady function| fusionInitVimeoPlayers function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionEqualHeightVars object| avadaPortfolioVars object| fusionTestimonialVars object| fusionTabVars function| getScrollBarWidth function| fusionInitGallery object| fusionCountersBox object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues function| fusionCalcColumnEqualHeights object| fusionBgImageVars object| Modernizr function| Color function| Chart object| lottie object| bodymovin object| jQuery1124045649122461924607 function| flatpickr object| fusionForms function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Waypoint object| browserPrefixes function| EventEmitter object| eventie function| imagesLoaded object| avadaLightBox object| $ilInstances function| YTReady function| onYouTubePlayerAPIReady object| _fusionImageParallaxImages function| Packery object| fusionEqualHeightsCids string| com_binding number| lastYPosition boolean| scrollDisabled string| fusionBaseFontSize string| responsiveTypeElements number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| easyXDM object| gascrolldepth function| setImmediate function| clearImmediate function| P object| YXZhaWxhYmxlWG9sYWJvdE1vZHVsZVBhY2thZ2Vz object| Xolabot object| fusionVimeoPlayers boolean| mobileMenuSepAdded number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $wpadminbarHeight number| $stickyTrigger_position number| $woo_store_notice number| $top_frame number| sticky_header_type number| $slider_offset number| $site_width boolean| $media_query_test_1 boolean| $media_query_test_2 boolean| $media_query_test_3 boolean| $media_query_test_4 number| $standardLogoHeight number| $logoMarginTop number| $logoMarginBottom number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height boolean| fusionAccordianClick

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4idq0.r.a.d.sendibm1.com
bot.xola.com
botcdn.xola.com
cdn.polyfill.io
cdnjs.cloudflare.com
elrond.xola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
stackpath.bootstrapcdn.com
www.google.com
www.google.de
www.google.dk
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paradigmq.com
xola.com
185.107.232.244
192.124.249.103
2001:4de0:ac19::1:b:3b
216.58.206.2
2606:4700::6810:135e
2a00:1450:4001:801::2003
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:816::2003
2a00:1450:4001:819::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2003
2a04:4e42:1b::621
34.230.140.10
65.9.86.101
04836e640bee230128d79d604eb34cf065568a8608530369fbc169de408a0cb7
048594e11e9214b35ad54c9ae99f0ee5dd4008f1427d202b99a68f9e28abf610
0e61f4a66cdede24e4855061983481173092900053a3e4726814c2a1af07a379
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
1392e666de3d08b2ef81f6be367d59eb99c00a5e17bf8ff6b9d0f3133afcc22a
174da0210f4b41f3459d883328e6b839e4525c5f292664c2a8bcba1dc8374cf5
17e2ee31c40a12b80551550b61ffd087a6488bd3fa8d43d3286c5e5018f45520
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
266aad0852697363604e637789291d46a552531739a69d36e7d63fb9a464eabe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9b8e022241491e8c5f9ad66a18ed4010485658b90a8834e4d1b4cb23e101c4
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
3b9018ed4aa45e03d15420d95b613414113547263b03d57c5a4cb4d14f21a9f0
41dc4f99f4101a4ae7956b5c23c2d40e04ffb928c7ebd989658d950b4e2f7c5d
42cbeb37b99b9236bdd8afb9f43488c422ea85e034b9fba558eafe85248ae621
434aa8695675a7f56354c872c5794bbc1c82a06d2580b7aed9732a34cac5103d
4e7a08c3c0db92b766dae3c32c3ee3eea0472303fa3073e6d3a46be48a85ac00
5c14f83c84f12c249435a1feb3afbef407508e7c4eebbcae714b1fed33e588b4
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
5f08488f506fd4b922f06500aa7b7def59ac17164cf56235cac982abd63a0155
6524738bee73552b2dcb59e1af693bd1a96e5ce9565981df620d792dfc3d87c5
65b26d0e1d890bb2d4a8e216edc2ed6ff6925de7432a1097009b6bbaa670a238
670aeadab801545b994fbbdf0379b3e06e37bc709b2283586915fa124ce10693
6e9b8ba5d89dfc1dd8e3a5a9f1b2395f95faab68f0e04853ce4a91cfd9483d3f
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
746079d5a011239fcdcbb90b77c26db4b25140e1c314457a4fd880fe40045c43
75f5349190725c85b426fdb66c683beb21b7804792d0770a9e84b28e7ace5d28
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8feeab8c1bf06b50257479af3e684756ee3e96f09c2f053ddd593c22a71e2de4
993ac158d33eadeff1319602e938e7c8c2a41cc4d134c9a6247b65f0c61b29fa
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9ee8f27ba00b66b9509f5ef1565891d1dafa6cec9f017604788355409e475134
a2e7e042888380a83d21e8dfbc86a2292250c4116cd40dea4225a80f91302700
adb8f6a60466aa8292ca11f56ab5a2bed803719a1d32df096e8dca6224a6523a
c247ef258664c45ef724c5e6e8600e076b091187f9217b3f51d258b9e9227536
c9adbae6907efe878182a4623a4b36b818bd98a5ae392d579b58095bc75a5ae4
ce71bd0b07d0835b92d387d4c3b715e6c452d9f772e62b15f37dee32eeb59bc6
d188ce0e476bf4994827347d4433fec168619bb7eb2adf13aaec6fced0caf7eb
d59053a2ff4858e5cd98774bf60833639c0f0fc0072cf49949dc5ba581c98bef
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dddc49a6e2b6bed56eacb0f0ed68ee1d3ec15585f81a12362ad4eb31dec02e25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67bae5cebcb742b11c4200d47725af65e67c9e713a50c16aa0cde04046989f9
ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef84687ea3887cb44dc4d52ec27569a7b65f6ac8c87356b72ae1568a0e3ea9a3
f16f58106a60c24490ea260438e8eca5fb5de8ecc113dc9528126516b8fe4e6e
fc88f460ed210bdc5f2535b36ba1a6aa3d84ed621dabab776abcb14ca3440753