www.paladinprepare.com Open in urlscan Pro
52.212.43.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://acelatruck.salesloftlinks.com/t/102375/c/eef2161d-b4d1-4e61-9b1a-27f501fe9fde/NB2HI4DTHIXS653XO4XHAYLMMFSGS3TQOJSXAYLSMUXGG33N...
Effective URL:
https://www.paladinprepare.com/pmec
Submission: On December 29 via api (December 29th 2021, 6:15:51 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 49 HTTP transactions. The main IP is 52.212.43.230, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.paladinprepare.com.
TLS certificate: Issued by R3 on December 17th 2021. Valid for: 3 months.

This is the only time www.paladinprepare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.83.229.111 54.83.229.111	14618 (AMAZON-AES) (AMAZON-AES)
1	52.212.43.230 52.212.43.230	16509 (AMAZON-02) (AMAZON-02)
18	2600:9000:224... 2600:9000:224a:3600:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.232.99 52.222.232.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.111.9.64 23.111.9.64	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	3.225.62.7 3.225.62.7	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
49	15

1 54.83.229.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-229-111.compute-1.amazonaws.com

acelatruck.salesloftlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.43.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-43-230.eu-west-1.compute.amazonaws.com

www.paladinprepare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:224a:3600:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.64 (United States)

ASN33438 (HIGHWINDS2, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.62.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-62-7.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	website-files.com assets.website-files.com	882 KB
9	gstatic.com fonts.gstatic.com	201 KB
4	googletagmanager.com www.googletagmanager.com	184 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	salesloft.com scout-cdn.salesloft.com scout.salesloft.com	4 KB
2	facebook.com www.facebook.com	386 B
2	crazyegg.com script.crazyegg.com	3 KB
2	facebook.net connect.facebook.net	113 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	8 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	ucarecdn.com ucarecdn.com	95 KB
1	paladinprepare.com www.paladinprepare.com	6 KB
1	salesloftlinks.com 1 redirects acelatruck.salesloftlinks.com	522 B
0	qlzn6i1l.com Failed www.qlzn6i1l.com Failed
49	14

	Domain	Requested by
18	assets.website-files.com	www.paladinprepare.com assets.website-files.com
9	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	www.paladinprepare.com www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	www.paladinprepare.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
2	connect.facebook.net	www.paladinprepare.com connect.facebook.net
1	scout-cdn.salesloft.com	www.paladinprepare.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.paladinprepare.com
1	ucarecdn.com	www.paladinprepare.com
1	ajax.googleapis.com	www.paladinprepare.com
1	www.paladinprepare.com
1	acelatruck.salesloftlinks.com	1 redirects
0	www.qlzn6i1l.com Failed	www.paladinprepare.com
49	16

This site contains links to these domains. Also see Links.

Domain
assets.website-files.com
instagram.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.paladinprepare.com R3	`2021-12-17` - `2022-03-17`	3 months	crt.sh
*.website-files.com Amazon	`2021-11-12` - `2022-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ucarecdn.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-08` - `2022-01-06`	3 months	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-07` - `2022-04-09`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.paladinprepare.com/pmec
Frame ID: 29ABDB61FEB418837FA2C16A573096EA
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PMEC

Page URL History Show full URLs

https://acelatruck.salesloftlinks.com/t/102375/c/eef2161d-b4d1-4e61-9b1a-27f501fe9fde/NB2HI4DTHIXS653XO4XHAYLMMFSG... HTTP 302
https://www.paladinprepare.com/pmec Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

67 %
IPv6

14
Domains

16
Subdomains

15
IPs

3
Countries

1549 kB
Transfer

2813 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/61c4cee088dbcf05b14593c6_Paladin%20Cube_20211012_V.2%20(2).pdf
Title: DOWNLOAD BROCHURE

Search URL Search Domain Scan URL

URL: http://instagram.com/acelainc

Search URL Search Domain Scan URL

URL: https://www.facebook.com/acelatruckcompany/

Search URL Search Domain Scan URL

URL: https://twitter.com/acelatruckco

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/acela-truck-company-inc./

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://acelatruck.salesloftlinks.com/t/102375/c/eef2161d-b4d1-4e61-9b1a-27f501fe9fde/NB2HI4DTHIXS653XO4XHAYLMMFSGS3TQOJSXAYLSMUXGG33NF5YG2ZLD/www-paladinprepare-com-pmec HTTP 302
https://www.paladinprepare.com/pmec Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pmec Show response
www.paladinprepare.com/
Redirect Chain

https://acelatruck.salesloftlinks.com/t/102375/c/eef2161d-b4d1-4e61-9b1a-27f501fe9fde/NB2HI4DTHIXS653XO4XHAYLMMFSGS3TQOJSXAYLSMUXGG33NF5YG2ZLD/www-paladinprepare-com-pmec
https://www.paladinprepare.com/pmec

18 KB
6 KB

359ms
182ms

Document
text/html

52.212.43.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.212.43.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-43-230.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: d7bb57b5d6aecf76e2ec1eadfb4f197d250295dc8f3dd3675bbf8a08a66eeb81

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: openresty
date: Wed, 29 Dec 2021 18:15:45 GMT
content-type: text/html
content-length: 5929
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 0
x-served-by: cache-iad-kcgs7200043-IAD, cache-dub4322-DUB
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1640801745.388916,VS0,VE145
vary: Accept-Encoding
x-cluster-name: eu-west-1-prod-eks-15

Redirect headers

Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Dec 2021 18:15:45 GMT
Location: https://www.paladinprepare.com/pmec
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: aa70935e6a8bca7939d9b36c0578bee7
X-Runtime: 0.045905
X-XSS-Protection: 1; mode=block
Content-Length: 101
Connection: keep-alive

GET
H2 200 acelasv.f4e31de6e.min.css
assets.website-files.com/5f99eb8610d11637ec9d6bff/css/ 161 KB
26 KB 62ms
17ms Stylesheet
text/css 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ce146d18d79f31db8a6ccc6e65b27d0eeca3a21069cd3b5b0c07160c3df43fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: dv9KpV1vjFGpC3wMJmWxvIwOSRSKs07i
content-encoding: gzip
etag: "a6fa3b2902e933394275a27ed28055d1"
age: 12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26374
last-modified: Thu, 23 Dec 2021 19:46:26 GMT
server: AmazonS3
date: Wed, 29 Dec 2021 18:15:34 GMT
content-type: text/css
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: IAPmc-dtAhZ89p_4KX0IHRNHej-fJl4TNK9y45HpCHg5k5v6wIUOEA==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 09:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Dec 2022 09:15:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 53ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4FKB5LK5W9

Requested by

Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92076e3bd7378a7cb3026d6811fde3292d99a686749c464b2ad4bcbce6b98da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61811
x-xss-protection: 0
expires: Wed, 29 Dec 2021 18:15:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 56ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90926343-3

Requested by

Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2278b2cd52b333da2400872f32369a17433355c5c5f7ac52d6f18aab3f569a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36252
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 18:15:45 GMT

GET
H2 200 uploadcare.full.min.js Show response
ucarecdn.com/libs/widget/2.10.3/ 325 KB
95 KB 147ms
46ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ucarecdn.com/libs/widget/2.10.3/uploadcare.full.min.js
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c7fa3bfe13c7f76c17d987f3198802c6506e30f2cc00c252dbc5feb7db5378b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:45 GMT
content-encoding: gzip
last-modified: Mon, 16 Jan 2017 15:49:02 GMT
server: nginx
etag: W/"65f02eb57edd566d6eceebb518fdbf37"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=12757535
content-length: 97152

GET
H2 200 60ef1637d018203c7362c4d7_paladin_logo-p-500.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 13 KB
13 KB 26ms
25ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/60ef1637d018203c7362c4d7_paladin_logo-p-500.png
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079f9321fdedf750aafa4bdd2fb0a32f3b0d993d5a15946b7503c773b57f9ce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 15:01:20 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jul 2021 16:52:10 GMT
server: AmazonS3
age: 270866
etag: "50389bb21964df374205482b10d9f668"
x-cache: Hit from cloudfront
x-amz-version-id: lBRUrA67pkkoB0slVoHJUfdpXyEvTw0r
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 13357
x-amz-cf-id: -zluBvMbPwiLAg8q2IzVMdGUZf4QysOcYJ2yZULm38BLMQdzY2lm9w==

GET
H2 200 60ef178c6b5a72779cc7a985_White%20logo%20Transparent%20-p-500.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 20 KB
20 KB 27ms
26ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/60ef178c6b5a72779cc7a985_White%20logo%20Transparent%20-p-500.png
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d775484a5044cf1609854747a2186406990b134f60424a1dde0b7d3cac84187c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:51 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jul 2021 16:57:51 GMT
server: AmazonS3
age: 287635
etag: "308e0071fbe9af208c14e2764a59fdf5"
x-cache: Hit from cloudfront
x-amz-version-id: 1rqoHTOIrNvVOBdIN04cDzo_64Z70gil
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 20097
x-amz-cf-id: lVxGEaES__MjeaUGf32eFFq4Dv2eHmeDCATjo6QzsIwvApQN-s8RqA==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 49ms
12ms Script
application/javascript 52.222.232.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5f99eb8610d11637ec9d6bff
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.paladinprepare.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:34 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 11
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: SyDJqJZnv8WHHpRUYfruW-DjarYIKb3dEywgy8MNkGje_DZV37HcWw==

GET
H2 200 acelasv.6d836b82f.js Show response
assets.website-files.com/5f99eb8610d11637ec9d6bff/js/ 234 KB
68 KB 16ms
14ms Script
text/javascript 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/js/acelasv.6d836b82f.js
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b90855e36511777de06aa64da2dd77426858b697c95d6561724be1a7c07a78c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: M44TjuMlqipk4ssd_dtYfWyRoq2WR4oR
content-encoding: gzip
etag: "7f1d8ac8eba7f0332177e4aaee1687b1"
age: 11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 69541
last-modified: Thu, 23 Dec 2021 19:46:27 GMT
server: AmazonS3
date: Wed, 29 Dec 2021 18:15:35 GMT
content-type: text/javascript
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: y_6_k8zpEcNc2je6BW3BVFwfz82doTjG0AL0iK8924WAkEFYTRLgnA==

GET
H2 200 css
fonts.googleapis.com/ 39 KB
2 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPoppins:300,regular,500,600,700%7CPlayfair+Display:regular,italic,700,700italic,900,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5febcdd3b574c2cc41f1ac6a9bdf6a0d490c1b34f046bb2905f605ea67aae4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 18:15:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 18:15:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 18:15:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 144 KB
53 KB 43ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52NBP47

Requested by

Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea2de1b0e76d342f618834c0fddea2e699b27444d4eb04948bb4be4b25e929ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53576
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 18:15:45 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPoppins:300,regular,500,600,700%7CPlayfair+Display:regular,italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 447823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:52:02 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ 47 KB
47 KB 44ms
18ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:44:20 GMT
x-content-type-options: nosniff
age: 448285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:44:20 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 46ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 18:17:53 GMT
x-content-type-options: nosniff
age: 604672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 18:17:53 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 46ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 14:28:31 GMT
x-content-type-options: nosniff
age: 359234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 25 Dec 2022 14:28:31 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 21:35:21 GMT
x-content-type-options: nosniff
age: 160824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Dec 2022 21:35:21 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 49ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 04:07:14 GMT
x-content-type-options: nosniff
age: 482911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 04:07:14 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 51ms
27ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 04:20:35 GMT
x-content-type-options: nosniff
age: 482110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 04:20:35 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v25/ 35 KB
35 KB 47ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v25/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 18:22:55 GMT
x-content-type-options: nosniff
age: 604370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35948
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 18:22:55 GMT

GET
H2 200 nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2
fonts.gstatic.com/s/playfairdisplay/v25/ 35 KB
35 KB 49ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v25/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81548cda33b80d5888e9fbf6b677ee3c45ee60216c1036eb7afe66cacfc546c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 07:42:04 GMT
x-content-type-options: nosniff
age: 124421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36180
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:12:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 07:42:04 GMT

GET 120920.js
www.qlzn6i1l.com/js/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: u+YCe+ZpEPXm+56SKqMcGShJ10YJWj+NJg1hqKRSZg3/71DTCTbHG5GvK6nVXfjOSbFYNAH07KDW7wVhJQGJeA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 29 Dec 2021 18:15:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 104ms
6ms Script
application/javascript 23.111.9.64
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://scout-cdn.salesloft.com/sl.js
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.64 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:45 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: NetDNA-cache/2.2
x-amz-request-id: P7AP6M0DPJ8T3XPR
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
x-cache: HIT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
content-type: application/javascript
x-amz-id-2: PZhxyAPpghcXn/LIFtRibhbYR/6TZ7IA9hT3M6i3ar3hVmWL2DlUL7vIjv+7V9x/cDDOrVK/SeM=

GET
H2 200 5f99eb8610d1164c399d6daf_form.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 6 KB
6 KB 423ms
423ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5f99eb8610d1164c399d6daf_form.png
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6a80498ea9d4aba0c92e2cbd2c95ded0e15d9d73ba20e9868f155c0eb58c87e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 29 Dec 2021 18:15:47 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Oct 2020 22:07:09 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "6da08478e88fa8bc8044fc577379e64e"
x-cache: Miss from cloudfront
x-amz-version-id: 0inUhLEwJCfC2FbThFJ4CCZWWT0wxq_X
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 6046
x-amz-cf-id: -MlVjGqhWm8zRDY9fzTLqDqFHY7-DS_Pn_TMMajYbn90k5hL_6OZXQ==

GET
H2 200 6196cc2c21cb1a4b5615f716_pmec2.jpg
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 390 KB
391 KB 460ms
459ms Image
image/jpeg 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/6196cc2c21cb1a4b5615f716_pmec2.jpg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bd689fc30523e4e6959321859943087f6eb111d7bab8d41d03dc4ac7599832b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 29 Dec 2021 18:15:47 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 21:57:02 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "7568286f19922e3a619e603e4f417415"
x-cache: Miss from cloudfront
x-amz-version-id: wcUFk_DXmq7yTeUc516XZnpp8E37ygU3
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 399059
x-amz-cf-id: ciyD2j6L-kI9JzgKl0P5NsPbm4Q5KwXYwhiJ7twV9MctUGz9---_gQ==

GET
H2 200 5f99eb8610d1166e849d6edf_acela_bg1.jpg
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 156 KB
156 KB 16ms
15ms Image
image/jpeg 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5f99eb8610d1166e849d6edf_acela_bg1.jpg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1b5d3d12186900baccb8d6a152c6c07252eefdfd615199e9b2c6dbe54937906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:51 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Oct 2020 22:07:25 GMT
server: AmazonS3
age: 287635
etag: "aaddb65e38565f7a837f4f81ee0a8a7b"
x-cache: Hit from cloudfront
x-amz-version-id: eEHyJWUOpCAqrxURMarC.UDBv86ySmhr
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/jpeg
content-length: 159365
x-amz-cf-id: dtsQgG4DmuQP2Kwm6qf3gPUyaB8_D__sOcdOKeW71rAEEbHHfgKPUg==

GET
H2 200 5f99eb8610d11617bd9d6c9c_font-awesome_4-7-0_paper-plane_100_0_ffffff_none.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 2 KB
2 KB 21ms
21ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5f99eb8610d11617bd9d6c9c_font-awesome_4-7-0_paper-plane_100_0_ffffff_none.png
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 410c79fa7eb7f01008a682be40c2f3cf25a92b14d7eff71501a368b8edd3bd41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:53 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Oct 2020 22:07:05 GMT
server: AmazonS3
age: 287633
etag: "c32555c5f4302092528626e708c98dae"
x-cache: Hit from cloudfront
x-amz-version-id: fqtX.b4oBTXom8fOgIvqBynrXzid8hQ4
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 1704
x-amz-cf-id: SZGizxAImcPSQmNpzrrnAkEZQt_rj4w51_J1wIqmG73SVBFBnxXw-Q==

GET
H2 200 5f99eb8610d11691979d6c73_location-marker.svg
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 3 KB
2 KB 30ms
29ms Image
image/svg+xml 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5f99eb8610d11691979d6c73_location-marker.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4fe160f90831d6888d0d6205f9b96564523b8918a1d703b8aeb504bf871d44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:53 GMT
content-encoding: gzip
last-modified: Wed, 28 Oct 2020 22:07:04 GMT
server: AmazonS3
age: 287633
etag: W/"78ecf3a46a783d56c5ea13da72fbe9ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: GzgIowbYnBHfT2O4WkQR8pP3AiRxXOW6
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: image/svg+xml
x-amz-cf-id: bmTlK_H9_fC4ucRejxd23l5Q47jrfycvooFE6JamfUiNyxZzD2vv_w==

GET
H2 200 5f99eb8610d11668b19d6c5d_phone-call%20(3).svg
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 3 KB
2 KB 29ms
28ms Image
image/svg+xml 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5f99eb8610d11668b19d6c5d_phone-call%20(3).svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1543af28019efe0cdb0320eff4f3f374bbe92f0c5cd6c40f990371ff3f9c1119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Oct 2020 22:07:04 GMT
server: AmazonS3
age: 287632
etag: W/"9bad8210fa7b2fc4e71c099b5298f2a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 7B26.uiBfSr6bBCV4aj97nsygqOWizg2
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: image/svg+xml
x-amz-cf-id: aiCSezQbLAnU_kH2cJ1fkkkmm39_HcK0SnfnRo6frMgllH_7hQrbjQ==

GET
H2 200 5f99eb8610d116400c9d6caf_envelope%20(3).svg
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 1 KB
1 KB 29ms
28ms Image
image/svg+xml 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5f99eb8610d116400c9d6caf_envelope%20(3).svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ba167025b5b42a732ca408d293cdb563612bdb3181b57082df3a84a183e93de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/css/acelasv.f4e31de6e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Oct 2020 22:07:05 GMT
server: AmazonS3
age: 287632
etag: W/"eb592deb5733c41fcf3428355e03e923"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: JX9C6BjDmyjByo8FukYoGeZQrLzRj_E1
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: image/svg+xml
x-amz-cf-id: BqjS2gXeVGGlXmhQ0hXp7sbzd1M95nsttAOe9dnKeAluvcm1-09UNQ==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://www.paladinprepare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 6196cc2c21cb1a4b5615f716_pmec2-p-500.jpeg
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 115 KB
116 KB 521ms
520ms Image
image/jpeg 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/6196cc2c21cb1a4b5615f716_pmec2-p-500.jpeg
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9a722e22437687659c6998fd412dcef1884988bf3b67df34ad6ca191bcabba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 29 Dec 2021 18:15:47 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 21:57:10 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "b3a80ce40e96e7c0b5b459fc33c21295"
x-cache: Miss from cloudfront
x-amz-version-id: yCTi.p0hZzycScXEH8ZjAvc9EjQhC5O1
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 118212
x-amz-cf-id: GFZB0-2JlkuwHcldJn01_lqacSwtXUJF5NEGUOVCmKw2vC4_5IvEgw==

GET
H2 200 5fac60224764e87e9aaa63e5_NEMAlogo_name%20(1)-p-500.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 12 KB
13 KB 17ms
15ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5fac60224764e87e9aaa63e5_NEMAlogo_name%20(1)-p-500.png
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25c64dc60963004b648be3fcf5f4f7829c7c54f5dd370935d7c6161f9c336336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:50 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 11 Nov 2020 22:05:26 GMT
server: AmazonS3
age: 287636
etag: "13d142a023393c51261107965c40fdea"
x-cache: Hit from cloudfront
x-amz-version-id: gCJTPoy.45oSQlY3zLMwYVT0dXZXQ8r_
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 12420
x-amz-cf-id: zeNrjLfhf7LrvGnpaSPXlh2_0gYYyeuOslxX8o0VQ1809cQCML6NLQ==

GET
H2 200 5fa22815ecd9b1319ae649c4_gsa-logo-png-transparent-768x768-p-500.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 13 KB
14 KB 21ms
20ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5fa22815ecd9b1319ae649c4_gsa-logo-png-transparent-768x768-p-500.png
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3e63b493658ef04589f3835d03dfbffe6ba5e26f23b4a0f946826af2d3cfb0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:50 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 04 Nov 2020 04:03:36 GMT
server: AmazonS3
age: 287636
etag: "5e53549562dd487e99c7581d5c08518f"
x-cache: Hit from cloudfront
x-amz-version-id: bA.ZMEyhmSK0CiXTyiOi_Doql1txCgxR
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 13744
x-amz-cf-id: ienzjDF4BWZB50CXxGia_GLuqOHyd2aMF_eXpti7GjusYxT9zRWZdg==

GET
H2 200 5fa22815d0ad714596790103_NACCHO-1170x614-p-500.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 16 KB
17 KB 22ms
21ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5fa22815d0ad714596790103_NACCHO-1170x614-p-500.png
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0129c81fd847b68c24596d19de52123135fb62f482ed4ef685a92d6f7785856e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:50 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 04 Nov 2020 04:03:38 GMT
server: AmazonS3
age: 287636
etag: "24eaaea4ba5b09beeb81d1f4150f65f0"
x-cache: Hit from cloudfront
x-amz-version-id: 461m_UhcK4MxtVqXT0B4Ni21tt4dT.PT
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 16795
x-amz-cf-id: hnGfQC01G7-aiBekeogvi5nMhLFuhUQRr_yt6HXPqq-3cnu-wrlKoQ==

GET
H2 200 5fadd79f8e8b326a04bd9a87_ntea-logo.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 8 KB
8 KB 21ms
21ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5fadd79f8e8b326a04bd9a87_ntea-logo.png
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcb1bfadafcb474580b08adcf31c663cb1179d4b0d2d31cba84df5cb6faca229

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:50 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Fri, 13 Nov 2020 00:47:28 GMT
server: AmazonS3
age: 287636
etag: "171a764efb63c86ae666809f77c50eca"
x-cache: Hit from cloudfront
x-amz-version-id: Csj9f6aOpQLlXK5CJ40grs3uM4HkIqDA
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 8189
x-amz-cf-id: b9XF9M7taSEPqFdQldA9YeWGRQ3zDRfSJyzYf63EzgikQSSodLKdeQ==

GET
H2 200 5fadd7acff20f863420a7cda_north-american-trailer-dealers-association-natda-logo.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 16 KB
16 KB 521ms
520ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5fadd7acff20f863420a7cda_north-american-trailer-dealers-association-natda-logo.png
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 078119c47246b5a449aafa1a90040e394d65df25e77c5a4e5fff7facece8af70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 29 Dec 2021 18:15:47 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Fri, 13 Nov 2020 00:47:41 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "4844953719d39a6a9fb2cb127b1ed69a"
x-cache: Miss from cloudfront
x-amz-version-id: DSkwLrbPGYs5ABwirftkbsUw3tvVTebW
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 16213
x-amz-cf-id: tNlo6artMZp8LsqHksVpZbtjxzk7XXn19RNAZkf3Pc-qqonwz6ZJFg==

GET
H2 200 5fa22814854a1553e9adf92e_iaem-logo%402x.png
assets.website-files.com/5f99eb8610d11637ec9d6bff/ 9 KB
10 KB 21ms
21ms Image
image/png 2600:9000:224a:3600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f99eb8610d11637ec9d6bff/5fa22814854a1553e9adf92e_iaem-logo%402x.png
Requested by: Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 554bed8c40a9fe07d6b90a1bfba838cb24a1272643013a91bd6466821c7ab784

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Dec 2021 10:21:51 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
last-modified: Wed, 04 Nov 2020 04:03:34 GMT
server: AmazonS3
age: 287635
etag: "49ad04c510a47fac552521828321f28e"
x-cache: Hit from cloudfront
x-amz-version-id: Wf.UviHbeijEte5EVhFGfhclrDigWCOy
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 9300
x-amz-cf-id: qkR0b6Lylmr4DJvndSndS-tZ75vBZd_4Fz_Vhl63-OH7QWiaa_egpA==

GET
H2 200 3446895482021194 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3446895482021194?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bab9339e1b9d604ca14cfbd91fbfd1c80b5508500f006844499e33057ce23d74

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88869
x-xss-protection: 0
pragma: public
x-fb-debug: kh9XG2d/S8L4GAj/Q6XqPO01V7lXFmoaOAzYXz7G2IKHnoQj2aJKt/AXS/dPWV0Gf4FSRiEiAi25jEwX5/dcOQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 29 Dec 2021 18:15:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4923.js Show response
script.crazyegg.com/pages/scripts/0026/ 5 KB
2 KB 85ms
36ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/4923.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52NBP47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 300c8dfe654df54b14e448cb40be9e23d333fe4abec5ce67728b7ccf0c34f731

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 529740
cf-polished: origSize=4899
cf-ray: 6c5504004bed6901-FRA
ce-version: 11.1.376
last-modified: Thu, 23 Dec 2021 15:06:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

POST
H2 204 collect
www.google-analytics.com/g/ 0
176 B 36ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4FKB5LK5W9&gtm=2oec10&_p=975293563&sr=1600x1200&ul=en-us&cid=1769537702.1640801746&_s=1&dl=https%3A%2F%2Fwww.paladinprepare.com%2Fpmec&dt=PMEC&sid=1640801745&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4FKB5LK5W9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paladinprepare.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 18:15:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.paladinprepare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 46ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90926343-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4FKB5LK5W9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c45fe0ba1562361b36ce18684131683bbb6749a4ef83804b8b14b473ad785f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36263
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 18:15:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90926343-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2451
date: Wed, 29 Dec 2021 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 19:34:54 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
408 B 368ms
109ms XHR
application/json 3.225.62.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDIzNzV9.hBLK3DcKG43Pit9tHGpxCvy2SXY55O7K9UigvsQG1_E

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.62.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-62-7.compute-1.amazonaws.com

Software

Resource Hash

aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paladinprepare.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 7ed4048f6e92e35c8838412b415e968a

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3446895482021194&ev=PageView&dl=https%3A%2F%2Fwww.paladinprepare.com%2Fpmec&rl=&if=false&ts=1640801745945&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640801745944.2057331068&it=1640801745857&coo=false&exp=p0&rqm=GET

Requested by

Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 29 Dec 2021 18:15:45 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=975293563&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paladinprepare.com%2Fpmec&ul=en-us&de=UTF-8&dt=PMEC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1575316419&gjid=1797184480&cid=1769537702.1640801746&tid=UA-90926343-3&_gid=1215892134.1640801746&_r=1&gtm=2ouc10&z=250163554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paladinprepare.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 18:15:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.paladinprepare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4923.json Show response
script.crazyegg.com/pages/data-scripts/0026/ 752 B
603 B 46ms
31ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/4923.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/4923.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b46156e980040114e2abe8a1db43c25f032594c8a9006f7eebf595e61c604b6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 525713
ce-version: 11.1.376
content-length: 257
timing-allow-origin: *
last-modified: Thu, 23 Dec 2021 16:13:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6c5504008c7f1f19-FRA

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
516 B 110ms
110ms XHR
application/json 3.225.62.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.62.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-62-7.compute-1.amazonaws.com

Software

Resource Hash

bcceea00c4edb9e5740f26c5def72182cb6ee9ce157cd004d9f4377402b83cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paladinprepare.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 07e9c773c831158497dd5419e633a4ac

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3446895482021194&ev=Microdata&dl=https%3A%2F%2Fwww.paladinprepare.com%2Fpmec&rl=&if=false&ts=1640801746448&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PMEC%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22PMEC%22%2C%22twitter%3Atitle%22%3A%22PMEC%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1640801745944.2057331068&it=1640801745857&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.paladinprepare.com
URL: https://www.paladinprepare.com/pmec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paladinprepare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 18:15:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 29 Dec 2021 18:15:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.qlzn6i1l.com
URL: http://www.qlzn6i1l.com/js/120920.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paladinprepare.com/	1970-01-20 17:17:53	Name: _ga_4FKB5LK5W9 Value: GS1.1.1640801745.1.0.1640801745.0
.paladinprepare.com/	1970-01-20 01:56:17	Name: _fbp Value: fb.1.1640801745944.2057331068
.paladinprepare.com/	1970-01-20 17:17:53	Name: _ga Value: GA1.2.1769537702.1640801746
.paladinprepare.com/	1970-01-19 23:48:08	Name: _gid Value: GA1.2.1215892134.1640801746
.paladinprepare.com/	1970-01-19 23:46:41	Name: _gat_gtag_UA_90926343_3 Value: 1
www.paladinprepare.com/	1970-01-19 23:56:46	Name: slireg Value: https://scout.us2.salesloft.com
www.paladinprepare.com/	1970-01-20 08:32:17	Name: sliguid Value: c4d76366-28d2-499b-9e96-27a90c4d2dd2
www.paladinprepare.com/	1970-01-20 08:32:17	Name: slirequested Value: true

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.paladinprepare.com/pmec Message: Mixed Content: The page at 'https://www.paladinprepare.com/pmec' was loaded over HTTPS, but requested an insecure script 'http://www.qlzn6i1l.com/js/120920.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acelatruck.salesloftlinks.com
ajax.googleapis.com
assets.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
scout-cdn.salesloft.com
scout.salesloft.com
script.crazyegg.com
ucarecdn.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.paladinprepare.com
www.qlzn6i1l.com
www.qlzn6i1l.com
23.111.9.64
2600:9000:224a:3600:11:3b84:d200:93a1
2606:4700::6813:9408
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
2a02:26f0:6c00::210:ba28
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.225.62.7
52.212.43.230
52.222.232.99
54.83.229.111
0129c81fd847b68c24596d19de52123135fb62f482ed4ef685a92d6f7785856e
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
078119c47246b5a449aafa1a90040e394d65df25e77c5a4e5fff7facece8af70
079f9321fdedf750aafa4bdd2fb0a32f3b0d993d5a15946b7503c773b57f9ce9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1543af28019efe0cdb0320eff4f3f374bbe92f0c5cd6c40f990371ff3f9c1119
2278b2cd52b333da2400872f32369a17433355c5c5f7ac52d6f18aab3f569a25
25c64dc60963004b648be3fcf5f4f7829c7c54f5dd370935d7c6161f9c336336
300c8dfe654df54b14e448cb40be9e23d333fe4abec5ce67728b7ccf0c34f731
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
410c79fa7eb7f01008a682be40c2f3cf25a92b14d7eff71501a368b8edd3bd41
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
554bed8c40a9fe07d6b90a1bfba838cb24a1272643013a91bd6466821c7ab784
5febcdd3b574c2cc41f1ac6a9bdf6a0d490c1b34f046bb2905f605ea67aae4fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7bd689fc30523e4e6959321859943087f6eb111d7bab8d41d03dc4ac7599832b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81548cda33b80d5888e9fbf6b677ee3c45ee60216c1036eb7afe66cacfc546c8
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ba167025b5b42a732ca408d293cdb563612bdb3181b57082df3a84a183e93de
92076e3bd7378a7cb3026d6811fde3292d99a686749c464b2ad4bcbce6b98da7
9b90855e36511777de06aa64da2dd77426858b697c95d6561724be1a7c07a78c
9ce146d18d79f31db8a6ccc6e65b27d0eeca3a21069cd3b5b0c07160c3df43fd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362
aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b46156e980040114e2abe8a1db43c25f032594c8a9006f7eebf595e61c604b6e
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
b9a722e22437687659c6998fd412dcef1884988bf3b67df34ad6ca191bcabba5
bab9339e1b9d604ca14cfbd91fbfd1c80b5508500f006844499e33057ce23d74
bcb1bfadafcb474580b08adcf31c663cb1179d4b0d2d31cba84df5cb6faca229
bcceea00c4edb9e5740f26c5def72182cb6ee9ce157cd004d9f4377402b83cb3
c45fe0ba1562361b36ce18684131683bbb6749a4ef83804b8b14b473ad785f0a
c7fa3bfe13c7f76c17d987f3198802c6506e30f2cc00c252dbc5feb7db5378b5
d3e63b493658ef04589f3835d03dfbffe6ba5e26f23b4a0f946826af2d3cfb0b
d6a80498ea9d4aba0c92e2cbd2c95ded0e15d9d73ba20e9868f155c0eb58c87e
d775484a5044cf1609854747a2186406990b134f60424a1dde0b7d3cac84187c
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d7bb57b5d6aecf76e2ec1eadfb4f197d250295dc8f3dd3675bbf8a08a66eeb81
e1b5d3d12186900baccb8d6a152c6c07252eefdfd615199e9b2c6dbe54937906
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2de1b0e76d342f618834c0fddea2e699b27444d4eb04948bb4be4b25e929ce
eb4fe160f90831d6888d0d6205f9b96564523b8918a1d703b8aeb504bf871d44
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.paladinprepare.com Open in urlscan Pro 52.212.43.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

67 %IPv6

14 Domains

16 Subdomains

15 IPs

3 Countries

1549 kBTransfer

2813 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paladinprepare.com Open in urlscan Pro
52.212.43.230 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

67 %
IPv6

14
Domains

16
Subdomains

15
IPs

3
Countries

1549 kB
Transfer

2813 kB
Size

8
Cookies

49 HTTP transactions
1 data transactions