paladinsecurity.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 15.222.114.167, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is paladinsecurity.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 25th 2023. Valid for: a year.

This is the only time paladinsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.114.190.198 64.114.190.198	852 (TELUS Com...) (TELUS Communications)
2 4	15.222.114.167 15.222.114.167	16509 (AMAZON-02) (AMAZON-02)
2	1

1 64.114.190.198 (Vancouver, Canada) 1 redirects

ASN852 (TELUS Communications, CA)

signature.paladinsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.222.114.167 (Montreal, Canada) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-222-114-167.ca-central-1.compute.amazonaws.com

paladinsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	paladinsecurity.com 3 redirects signature.paladinsecurity.com paladinsecurity.com	6 KB
2	1

	Domain	Requested by
4	paladinsecurity.com	2 redirects
1	signature.paladinsecurity.com	1 redirects
2	2

This site contains no links.

Subject Issuer	Validity	Valid
*.paladinsecurity.com Amazon RSA 2048 M02	`2023-09-25` - `2024-10-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://paladinsecurity.com/signature/
Frame ID: 72F30654EC4D37E20D23654422EF562B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paladin Email Signatures

Page URL History Show full URLs

https://signature.paladinsecurity.com/ HTTP 302
https://paladinsecurity.com/signature HTTP 301
http://paladinsecurity.com/signature/ HTTP 307
https://paladinsecurity.com/signature/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

2 kB
Transfer

2 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://signature.paladinsecurity.com/ HTTP 302
https://paladinsecurity.com/signature HTTP 301
http://paladinsecurity.com/signature/ HTTP 307
https://paladinsecurity.com/signature/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://paladinsecurity.com/favicon.ico HTTP 302
https://paladinsecurity.com/wp-content/uploads/2022/01/cropped-MicrosoftTeams-image-9-32x32.png

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response paladinsecurity.com/signature/ Redirect Chain https://signature.paladinsecurity.com/ https://paladinsecurity.com/signature http://paladinsecurity.com/signature/ https://paladinsecurity.com/signature/	1 KB 699 B	34ms 34ms	Document text/html	15.222.114.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paladinsecurity.com/signature/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.222.114.167 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-222-114-167.ca-central-1.compute.amazonaws.com Software Apache / Resource Hash `d425cd80517a69249dd2c1eb02c3d5a6c7806e91dd8403ec0edb6de19e3ce8c9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=172800 content-encoding gzip content-length 458 content-type text/html date Sat, 20 Jul 2024 06:44:51 GMT etag "56c-6127948dcfbcb-gzip" expires Mon, 22 Jul 2024 06:44:51 GMT last-modified Wed, 28 Feb 2024 23:13:03 GMT server Apache vary Accept-Encoding Redirect headers Location https://paladinsecurity.com/signature/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	cropped-MicrosoftTeams-image-9-32x32.png paladinsecurity.com/wp-content/uploads/2022/01/ Redirect Chain https://paladinsecurity.com/favicon.ico https://paladinsecurity.com/wp-content/uploads/2022/01/cropped-MicrosoftTeams-image-9-32x32.png	959 B 1 KB	34ms 34ms	Other image/png	15.222.114.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paladinsecurity.com/wp-content/uploads/2022/01/cropped-MicrosoftTeams-image-9-32x32.png Protocol H2 Server 15.222.114.167 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-222-114-167.ca-central-1.compute.amazonaws.com Software Apache / Resource Hash `d0cee37c1b4675ac80ccf04b762fb8c02a6d6c76717979937ddb672de11ea045` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 06:44:51 GMT last-modified Mon, 31 Jan 2022 18:18:14 GMT server Apache etag "3bf-5d6e4cecd4580" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 959 expires Sun, 20 Jul 2025 06:44:51 GMT Redirect headers date Sat, 20 Jul 2024 06:44:51 GMT strict-transport-security max-age=7776000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self' 'unsafe-eval' filesystem:; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: filesystem: .licdn.com .sumome.com .cloudfront.net .gstatic.com .crazyegg.com .facebook.net .facebook.com .sumo.com .youtube.com .tiktok.com .hotjar.com .csper.io .cloudflare.com .addtoany.com .hsappstatic.net .google-analytics.com .googletagmanager.com .hs-scripts.com .google.com .googleapis.com .hsadspixel.net .hs-analytics.net .hscollectedforms.net .bunny.net .cloudflare.com .googleapis.com .gravatar.com .google.ca .bunny.net .hubspot.com .addtoany.com .libsyn.com .hs-banner.com .usemessages.com .hsforms.com .doubleclick.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' filesystem: .cloudfront.net .gstatic.com .crazyegg.com .facebook.net .facebook.com .sumo.com .youtube.com .tiktok.com .hotjar.com .csper.io .cloudflare.com .addtoany.com .hsappstatic.net .google-analytics.com .googletagmanager.com .hs-scripts.com .google.com .googleapis.com .hsadspixel.net .hs-analytics.net .hscollectedforms.net .bunny.net .cloudflare.com .googleapis.com .gravatar.com .google.ca .bunny.net .hubspot.com .addtoany.com .libsyn.com .hs-banner.com .usemessages.com .hsforms.com .doubleclick.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: filesystem: .linkedin.com .mapbox.com .cloudfront.net .gstatic.com .crazyegg.com .facebook.net .facebook.com .sumo.com .youtube.com .tiktok.com .hotjar.com .csper.io .cloudflare.com .addtoany.com .hsappstatic.net .google-analytics.com .googletagmanager.com .hs-scripts.com .google.com .googleapis.com .hsadspixel.net .hs-analytics.net .hscollectedforms.net .bunny.net .cloudflare.com .googleapis.com .gravatar.com .google.ca .bunny.net .hubspot.com .addtoany.com .libsyn.com .hs-banner.com .usemessages.com .hsforms.com .doubleclick.net; connect-src * .google-analytics.com .tiktok.com .google.com .google.ca .facebook.com .sumo.com; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: filesystem: .cloudfront.net .gstatic.com .crazyegg.com .facebook.net .facebook.com .sumo.com .youtube.com .tiktok.com .hotjar.com .csper.io .cloudflare.com .addtoany.com .hsappstatic.net .google-analytics.com .googletagmanager.com .hs-scripts.com .google.com .googleapis.com .hsadspixel.net .hs-analytics.net .hscollectedforms.net .bunny.net .cloudflare.com .googleapis.com .gravatar.com .google.ca .bunny.net .hubspot.com .addtoany.com .libsyn.com .hs-banner.com .usemessages.com .hsforms.com .doubleclick.net; media-src 'self' 'unsafe-inline' filesystem:; report-uri 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; frame-src 'self' 'unsafe-inline' .cloudfront.net .gstatic.com .crazyegg.com .facebook.net .facebook.com .sumo.com .youtube.com .tiktok.com .hotjar.com .csper.io .cloudflare.com .addtoany.com .hsappstatic.net .google-analytics.com .googletagmanager.com .hs-scripts.com .google.com .googleapis.com .hsadspixel.net .hs-analytics.net .hscollectedforms.net .bunny.net .cloudflare.com .googleapis.com .gravatar.com .google.ca .bunny.net .hubspot.com .addtoany.com .libsyn.com .hs-banner.com .usemessages.com .hsforms.com .doubleclick.net .careerarc.com; worker-src 'self' 'unsafe-inline'; manifest-src 'self'; upgrade-insecure-requests x-tec-api-origin* https://paladinsecurity.com x-redirect-by WordPress x-et-api-origin https://paladinsecurity.com content-length 0 x-xss-protection 0 x-tec-api-version v1 referrer-policy no-referrer x-tec-api-root https://paladinsecurity.com/wp-json/tribe/events/v1/ server Apache x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://paladinsecurity.com/wp-content/uploads/2022/01/cropped-MicrosoftTeams-image-9-32x32.png cache-control no-store, max-age=0, max-age=172800 permissions-policy accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), interest-cohort=(self), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), oversized-images=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-script=(self), sync-xhr=(self), usb=(), vertical-scroll=(), web-share=(), wake-lock=(), xr-spatial-tracking=() x-et-api-version v1 link <https://paladinsecurity.com/wp-json/>; rel="https://api.w.org/" x-et-api-root https://paladinsecurity.com/wp-json/tribe/tickets/v1/ expires Mon, 22 Jul 2024 06:44:51 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

paladinsecurity.com
signature.paladinsecurity.com
15.222.114.167
64.114.190.198
d0cee37c1b4675ac80ccf04b762fb8c02a6d6c76717979937ddb672de11ea045
d425cd80517a69249dd2c1eb02c3d5a6c7806e91dd8403ec0edb6de19e3ce8c9

paladinsecurity.com Open in urlscan Pro 15.222.114.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

2 kBTransfer

2 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

paladinsecurity.com Open in urlscan Pro
15.222.114.167 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

2 kB
Transfer

2 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions