URL: https://www.mrpaulxavier.com/
Submission: On March 16 via api from US

Summary

This website contacted 31 IPs in 3 countries across 28 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3035::ac43:ccf1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mrpaulxavier.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.
This is the only time www.mrpaulxavier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 52.218.144.17 16509 (AMAZON-02)
5 54.210.24.203 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 50.19.119.4 14618 (AMAZON-AES)
1 2a04:4e42:3::720 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:210... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.67.124 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
2 13.226.159.78 16509 (AMAZON-02)
1 142.250.185.243 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
2 35.186.226.184 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.202.184.68 14618 (AMAZON-AES)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
72 31
Domain Requested by
13 paidtoday-dev.s3.us-west-2.amazonaws.com www.mrpaulxavier.com
8 www.mrpaulxavier.com www.mrpaulxavier.com
5 qd236.infusionsoft.app 1 redirects qd236.infusionsoft.com
qd236.infusionsoft.app
4 175313.tracking.hyros.com 175313.tracking.markethero.io
4 www.facebook.com www.mrpaulxavier.com
connect.facebook.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com www.mrpaulxavier.com
www.googletagmanager.com
proto.paidtoday.com
3 connect.facebook.net www.mrpaulxavier.com
connect.facebook.net
2 tr.snapchat.com www.mrpaulxavier.com
2 sc-static.net www.mrpaulxavier.com
sc-static.net
2 www.google.de www.mrpaulxavier.com
2 www.google.com www.mrpaulxavier.com
2 px.ads.linkedin.com 1 redirects www.mrpaulxavier.com
2 cdnjs.cloudflare.com www.mrpaulxavier.com
cdnjs.cloudflare.com
2 stackpath.bootstrapcdn.com www.mrpaulxavier.com
1 trackcmp.net diffuser-cdn.app-us1.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 ip.itracker360.com d2ieqaiwehnqqp.cloudfront.net
1 stats.g.doubleclick.net www.google-analytics.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 www.linkedin.com 1 redirects
1 diffuser-cdn.app-us1.com www.mrpaulxavier.com
1 d2ieqaiwehnqqp.cloudfront.net www.googletagmanager.com
1 qd236.infusionsoft.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 images.unsplash.com www.mrpaulxavier.com
1 source.unsplash.com 1 redirects
1 proto.paidtoday.com www.mrpaulxavier.com
1 175313.tracking.markethero.io www.mrpaulxavier.com
1 fonts.googleapis.com www.mrpaulxavier.com
72 32
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-07-30 -
2021-08-04
a year crt.sh
tracking.markethero.io
Amazon
2020-09-28 -
2021-10-30
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
paidtoday.com
Cloudflare Inc ECC CA-3
2020-07-02 -
2021-07-02
a year crt.sh
imgix2.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-11-12 -
2021-07-07
8 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.infusionsoft.com
Go Daddy Secure Certificate Authority - G2
2020-07-10 -
2021-07-10
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-01-06 -
2021-07-05
6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
tracking.hyros.com
Amazon
2020-06-30 -
2021-07-30
a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1
2021-02-11 -
2022-02-15
a year crt.sh
ip.itracker360.com
GTS CA 1D2
2021-02-27 -
2021-05-28
3 months crt.sh
www.googleadservices.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-19 -
2022-01-23
a year crt.sh
*.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.trackcmp.net
Amazon
2021-03-02 -
2022-03-31
a year crt.sh
*.infusionsoft.app
GeoTrust TLS RSA CA G1
2020-04-09 -
2021-06-08
a year crt.sh

This page contains 5 frames:

Primary Page: https://www.mrpaulxavier.com/
Frame ID: 60EA8771514840CA056E69526BFBC616
Requests: 58 HTTP requests in this frame

Frame: https://proto.paidtoday.com/p/http://www.mrpaulxavier.com/
Frame ID: DD207DD05F24A865EC00799B133C556A
Requests: 7 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=55fd23a1-d4f8-4ae9-b583-25760bb60c99
Frame ID: B529DA82EA26E49DC9CAC126C3CC5331
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: EF9FC2A34C074BD1AC5EE35F4DF59E1B
Requests: 1 HTTP requests in this frame

Frame: https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: 9ADDB5C46BA5DCEB258E40E443E68211
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

72
Requests

100 %
HTTPS

73 %
IPv6

28
Domains

32
Subdomains

31
IPs

3
Countries

1890 kB
Transfer

3273 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://source.unsplash.com/XT5OInaElMw/1600x900 HTTP 302
  • https://images.unsplash.com/photo-1438375377985-cc22e0503a6f?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=900&ixid=MXwxfDB8MXxhbGx8fHx8fHx8fA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1600
Request Chain 39
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1773602%26time%3D1615856770755%26url%3Dhttps%253A%252F%252Fwww.mrpaulxavier.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&liSync=true
Request Chain 69
  • https://qd236.infusionsoft.app/app/webTracking/contact/1615856770926?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.mrpaulxavier.com&location=https://www.mrpaulxavier.com/&referrer= HTTP 302
  • https://qd236.infusionsoft.app/slices/spacer.gif

72 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.mrpaulxavier.com/
67 KB
15 KB
Document
General
Full URL
https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db98c24c280b8760083ceb567f117d665ac5fa92a706487c2c01862995cbf85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.mrpaulxavier.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9057b57af719802c051613da0b8b392c1615856767; expires=Thu, 15-Apr-21 01:06:07 GMT; path=/; domain=.mrpaulxavier.com; HttpOnly; SameSite=Lax; Secure
access-control-allow-origin
*
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
08da2aa91700004e19ab891000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AJckdTzimStITsa0gyX8GahpseYeK8Xq0cXY4MvjaDs1BVCd1UdS%2B9lzjVgnIKqcs6mUYJhaHCT476%2Bt7I5UHyg4QZVK2BjGgP2nCclYX%2B24tY158kXD%2Fkk1zwmm6CTB7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
630a13bb59884e19-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-3.2.1.min.js
www.mrpaulxavier.com/assets/lib/plugins/jquery/
85 KB
29 KB
Script
General
Full URL
https://www.mrpaulxavier.com/assets/lib/plugins/jquery/jquery-3.2.1.min.js
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 15 Mar 2021 03:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vkPxA4TBymCSG9zpFlXp%2BwZody%2BMeO0HNoAbrJ7z%2BhiIK2Xj%2BCMO9Cu%2FQuvzL2qldiuW9hTey8pk7oYR4odlDITwIqxPLI3VrNtZOELWJ2xWbD9LKfOn%2FSMHAyG%2BJUDBtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
630a13c37a214e19-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08da2aae2e00004e196f25d000000001
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/
156 KB
21 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617, 617
age
452313
cdn-cachedat
2021-03-10 20:26:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08da2aae3d00002bca1ebda000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1463cd69f9140a07f2554f9b3f382d4d
cf-ray
630a13c39b5d2bca-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/
79 KB
22 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.bundle.min.js
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
452299
cdn-cachedat
2021-03-10 20:26:54
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08da2aae3d00002bca13164000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
94ed506d213159c8e99f8ad0a55cfc0c
cf-ray
630a13c39b5e2bca-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css-selector-generator.min.js
www.mrpaulxavier.com/assets/lib/
5 KB
2 KB
Script
General
Full URL
https://www.mrpaulxavier.com/assets/lib/css-selector-generator.min.js
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d90f7c8c022bef1df08221b793bb2274c1459216f3d72741d6ef3e921e168a3

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 15 Mar 2021 03:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0T2lEgA6H7aJgEpjDi0voJrZ1TddKlTqdYihU%2BRvftMtZ2YIkR7XRZURKVPnss8I9qR%2FI9nj%2BxBLinxoKJCYp3PHOcV%2B73%2Bn4%2FTli6CZbsTGTO9HebbjRIRJgTjoZGdj2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
630a13c37a254e19-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08da2aae2f00004e19b0059000000001
elog.js
www.mrpaulxavier.com/assets/lib/
2 KB
946 B
Script
General
Full URL
https://www.mrpaulxavier.com/assets/lib/elog.js
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a5aa647585eeefc3eba998efede57dcbec1d08444da45b7ab3c87d35c88640

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-polished
origSize=2813
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08da2aae2f00004e196ba47000000001
last-modified
Mon, 15 Mar 2021 03:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ND3PzPyOPvsa922Flh7b9DAE0dNzE8q9Id0uBxoboyBDV5FvCcokhZzAKy77B2u6DKuh2yQXjpe6VPMRPKqJTEco441ODnQ8YPE1v0%2BrQ5FLkDTCcXKBYIqUFFL24GS6Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
630a13c37a274e19-FRA
cf-bgj
minify
/
www.mrpaulxavier.com/pixel/
602 B
652 B
Script
General
Full URL
https://www.mrpaulxavier.com/pixel/?1615856768
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cfe8dae375e057ea0c9cb5c7582757baca78afa1706fdc79f0ef5babcf1af15

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
08da2aae3000004e19ab8cc000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
date
Tue, 16 Mar 2021 01:06:10 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nkLM382sXzbGZU0vt6YamgzPzomsc5boXzBxYUnKx015y%2FnsDS%2Fo6nzqFe826w5gynaZhRFkmkcRpgYln0gDmW0LHkFYrOaMvt9hDOf0MLaFZZKO4%2FHyNuQ%2BH6uc0CIltg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
630a13c37a2a4e19-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
151291
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10391
cf-request-id
08da2aae3c00000621f6b1a000000001
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-e637"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=acAcQZ0EYBgn20vJ3Brj3g6g4HkedXamC7N4qg69rXJAYhJwXQnayQnjANVW8sK2jwygVjce5P2%2BOdfxS7Q%2B9vZaNL59A7gJLiPfTTz1b%2FGZfXkCMJKXV01t%2BVREexLEyA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
630a13c39aa80621-FRA
expires
Sun, 06 Mar 2022 01:06:08 GMT
css
fonts.googleapis.com/
85 KB
16 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?display=swap&family=Amatic%20SC|Anton|Architects%20Daughter|Cantata%20One|Cardo|Cinzel|Do%20Hyeon|Domine|Fredericka%20the%20Great|Fredoka%20One|Great%20Vibes|Indie%20Flower|Julius%20Sans%20One|Karla|Lora|Love%20Ya%20Like%20A%20Sister|Merriweather|Montserrat|Montserrat%20Subrayada|New%20Rocker|Nothing%20You%20Could%20Do|Open%20Sans|Pacifico|Paprika|Permanent%20Marker|Poppins|Press%20Start%202P|Reenie%20Beanie|Roboto%20Slab|Shadows%20Into%20Light%20Two|Sue%20Ellen%20Francisco|Tangerine|Lato
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d026639bc308693e757229f6789758d3735511701d19759b1f9d3daa4b26566c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 01:06:08 GMT
server
ESF
date
Tue, 16 Mar 2021 01:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Mar 2021 01:06:08 GMT
paidtoday_blocks.min.css
www.mrpaulxavier.com/assets/blocks/
33 KB
6 KB
Stylesheet
General
Full URL
https://www.mrpaulxavier.com/assets/blocks/paidtoday_blocks.min.css
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613334e42b987fd393c4540e07b158d40af0f50ed619662969251a136a52f992

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 15 Mar 2021 03:15:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8t3T0eoa19jhsYnAk8A6kfCWcyWXtVvC05rPwre0SJ53nAMexOL9zkBpD5YHxGC%2Fugwi8sz2w4CpJ0ydOMgjrfr7Lsp8wWKEYp3NX%2FV1Mr%2BKJ2u1OWkqhE6WqsrFk7A46g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
630a13c37a294e19-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08da2aae2f00004e19a80d9000000001
2dec04efe4f51b0c44b76a47e8ff7159515e58e0
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
11 KB
12 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/2dec04efe4f51b0c44b76a47e8ff7159515e58e0?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e6babaf85a7e8131f0b2f846c39a669d4a89120492d1d8573b6ceeda04fa1d8

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:11 GMT
Last-Modified
Wed, 10 Jun 2020 17:01:21 GMT
Server
AmazonS3
x-amz-request-id
2WC82BP0P4W33ETX
ETag
"7167e2dbaf02cc9e383e035b693f3e3d"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="PXI Logo-1.png"
Accept-Ranges
bytes
Content-Length
11667
x-amz-id-2
conrb2hRK0vzI8DduQDZ7UtExlCOoncFnu8Fj7hJpgy0vhK3oLaFVlIEhUEgKO5KSYSo73eOJLo=
f77039422c43e7c355005ce143ff2d4689ef2b04
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
2 KB
3 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/f77039422c43e7c355005ce143ff2d4689ef2b04?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6f38187727f672152e8aca0ba8bb332a29b1e43cd340a70d47b12066c6028ab

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Tue, 17 Sep 2019 14:31:59 GMT
Server
AmazonS3
x-amz-request-id
QXYGDS4Z4PW8ME7F
ETag
"52a0e8039db8205b6a852e9a37536698"
Content-Type
image/png
Content-Disposition
attachment; filename="Forbes Logo.png"
Accept-Ranges
bytes
Content-Length
2456
x-amz-id-2
1SQOe9FQLkhgt7SNP9rnaCF2BchpHjrUaO8dre86eVXJiI9XqM3djp1lkb0uCTzLZ3zxwTY6/1I=
0bcd093508b1774293d7b29c04456c4bb70099aa
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
1 KB
2 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/0bcd093508b1774293d7b29c04456c4bb70099aa?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
829dd2bacd67d191fe0656618b68846a769a63f798bce7dcc3bc9ada92541cac

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Tue, 17 Sep 2019 14:31:25 GMT
Server
AmazonS3
x-amz-request-id
QXYVTYE9W96TAMSG
ETag
"c5c0f77529be64a2665cd319f99d2207"
Content-Type
image/png
Content-Disposition
attachment; filename="INC Logo.png"
Accept-Ranges
bytes
Content-Length
1144
x-amz-id-2
83ZXlGvY7lxjEPXmD6nJ5372sgd8zmr7ql70sltX/yEDUxpLwnPlfxI2gZt3vPeaug+lHxkWLiE=
600096ee919b6ffc4282f830ba1f5b08a50f4f99
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
81 KB
81 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/600096ee919b6ffc4282f830ba1f5b08a50f4f99?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
babe7f8bc2ba948aed2fcad7faa23f65ae65a0f05a3fbe495983fc4fe5ac0e12

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Tue, 17 Sep 2019 14:32:26 GMT
Server
AmazonS3
x-amz-request-id
QXYTDVQZ1P4VJADS
ETag
"a55f92e253997dc7f14c8d4071fe1a0d"
Content-Type
image/png
Content-Disposition
attachment; filename="Yahoo Finance Logo .png"
Accept-Ranges
bytes
Content-Length
83018
x-amz-id-2
8rXkLuSfadVAavvmnXslM5w2obINrchnK4HqiFUot6T9HKMHNUV2fD20n3NMEEXr2Ly0pzOkDXw=
790df07df0e43034db85bdc0c2434f60c828b16e
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
28 KB
29 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/790df07df0e43034db85bdc0c2434f60c828b16e?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8b8a6e32d22be7c6eec24e55efcb3d0501aaf1eba021667da2260ce219d35bc4

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Tue, 17 Sep 2019 14:30:07 GMT
Server
AmazonS3
x-amz-request-id
QXYT37BEAH6SBFC8
ETag
"facbd2eb976a1de1207b5f574daa7372"
Content-Type
image/png
Content-Disposition
attachment; filename="Entrepreneur Logo 2.png"
Accept-Ranges
bytes
Content-Length
28981
x-amz-id-2
0fP/02YgJmkEG5z9UjHUfxq5UKpu1lWv7vGaZV7wbKIi+pSbeh5OYspayyHFYZvJ5XFvS+07fU4=
76f34ff80f2952c90e550b8c5237a259ba998dd5
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
139 KB
140 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/76f34ff80f2952c90e550b8c5237a259ba998dd5?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee47f190737583b975ad3a02e45ca2f0f8e7fec650494a80d0e8dad4b5bc546b

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Wed, 13 Nov 2019 22:38:44 GMT
Server
AmazonS3
x-amz-request-id
QXYN5VARAH537WE6
ETag
"fa496d4092c48f9372d9ab0d4691a92c"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="Go Creative Show.png"
Accept-Ranges
bytes
Content-Length
142442
x-amz-id-2
lF/+tNXOCmVgQdJbzWZ8QaeOKtJz+eg5y/981A05/VWT8b0jNY+vPCmzbX5Kua4/+kXN7MC6LC8=
f4ee76bf7ff8d0f19592a553d18f39d3728105cf
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
11 KB
11 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/f4ee76bf7ff8d0f19592a553d18f39d3728105cf?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7583e24e66cf2e38ff5dbedd1f97f635ac681ff5c4a6bf70b28575a2c9b77eb7

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Mon, 13 Apr 2020 18:21:45 GMT
Server
AmazonS3
x-amz-request-id
QXYNB3KA38F6AHSC
ETag
"9e85719add508b11304909aa0021e72b"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="14DayFM_Black.png"
Accept-Ranges
bytes
Content-Length
11009
x-amz-id-2
aPf6lx6ALsHdpyRgbfaxgigf8in6/pcaMFr5P5TGfBIP/16iGn1Yn3lGugTTSAJAbJfIrmROnuI=
fb0d10cc38a6eadc37424fc85b3ba85b1b93c20c
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
54 KB
54 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/fb0d10cc38a6eadc37424fc85b3ba85b1b93c20c?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bb1844dd0ff9db482d80b5be84701ff978da25332c9369f5a23c321cfc02fe6b

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Mon, 11 May 2020 16:52:07 GMT
Server
AmazonS3
x-amz-request-id
QXYNX24VW9KQ10JJ
ETag
"3fa9c4bd0517a05c9b5316476cf1bd17"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="JPG (white background).jpg"
Accept-Ranges
bytes
Content-Length
54894
x-amz-id-2
+Uh9x0otdj+cP22R7ZKVYdxi6PLgiPBazrMzCgbHeR4S0LWBjsHcxcfHQPF5eFtozbrhNCn07+k=
10b13c3e5f5f7f7c5d3b9993e85f0522387c04ae
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
47 KB
47 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/10b13c3e5f5f7f7c5d3b9993e85f0522387c04ae?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fd4e304872ffca82ac8756ed673168aa0c14c2ee82c571ab881cb8e0ac99f595

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Fri, 31 Jul 2020 14:12:23 GMT
Server
AmazonS3
x-amz-request-id
QXYHKXZT8SYQP785
ETag
"074ec7d5eaa90f224b692f281657242c"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="Davinci Logo.png"
Accept-Ranges
bytes
Content-Length
48160
x-amz-id-2
AjRaCajj4Tl+4FHzVHkfnD3rZn4enttJxA5+n4wWZ/Wmpl3n91gyts2gahCZtDs6Bxdv/2lh/0w=
488d1df97347a62316e393a398f517db80fc9bcc
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
41 KB
42 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/488d1df97347a62316e393a398f517db80fc9bcc?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ab839d98d2e828636527a16f34d36a21bbaf0193ee9ef92468be41393d87295

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Mon, 23 Nov 2020 23:12:45 GMT
Server
AmazonS3
x-amz-request-id
QXYH6KWPS63Z9E6E
ETag
"bbbc55728034e783a4857dd72826448a"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="ETD Logo (black) (1).png"
Accept-Ranges
bytes
Content-Length
42386
x-amz-id-2
VXb86HJR3kv0zOB4VFAa+iwPvgk01rIsyFIeWyAwpJRaEbsr7tsw1sVw3XTAAAiCCAWEIkRip4c=
724bad23fe10649dd0548197cce6f237782ebe7b
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
96 KB
97 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/724bad23fe10649dd0548197cce6f237782ebe7b?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0069c6751c67ba4fe306b839db52e6a742eddbc035cbd55e76ea96b8786ae779

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Wed, 30 Dec 2020 01:21:40 GMT
Server
AmazonS3
x-amz-request-id
QXYKKBEYAK29MF08
ETag
"8a88b0a63c235743447d769adba38922"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="FINAL LOGO.png"
Accept-Ranges
bytes
Content-Length
98783
x-amz-id-2
pm4pQg4aJFURYC5UJLb0OejRLrkTHkH86suEGXr+gK3X0UEyeURJYb7wIkyFDs1AcZg+64tb3Vo=
f198cfa927aaa85ed05b78e1d3b60af2d6bdac4b
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
16 KB
16 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/f198cfa927aaa85ed05b78e1d3b60af2d6bdac4b?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
387462db7ba8e3ddf0f96c1950abde96b1d9b904d8d4267c11296b6a12f4900e

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Wed, 17 Jun 2020 04:25:19 GMT
Server
AmazonS3
x-amz-request-id
QXYNRHA1TJGPKMYM
ETag
"672e1ce248eefa5ef7b68e5342eaeeed"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="NLC_Logo_BlackT.png"
Accept-Ranges
bytes
Content-Length
15957
x-amz-id-2
E9Czf4hIIRfvob+ZODly35gQ/d0bEbv7aEdcCosk45eFHTFkTpASVgAmGkKb3s5LkLWdZTVb9KY=
0cd2fe3fe85261998aba5347493d80de3458b459
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/
399 KB
399 KB
Image
General
Full URL
https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/0cd2fe3fe85261998aba5347493d80de3458b459?x-amz-acl=public-read
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a43312749a32fcb09fb3308e76ce73928f032ad195e65b0b36b9b573c1cc4805

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified
Thu, 16 Jul 2020 23:22:07 GMT
Server
AmazonS3
x-amz-request-id
QXYMAFWD4K7H58ZT
ETag
"6df4d7d5af3e3126ede5afbd1e708977"
Content-Type
binary/octet-stream
Cache-Control
null
Content-Disposition
attachment; filename="Filmmaker logos.png"
Accept-Ranges
bytes
Content-Length
408333
x-amz-id-2
xse+v/8QPKKLK4Rs8NnTlF1wBSK7sHZ6dV+zIWlcYLTTCihYMWyMSiaoSAd0CUOUXqI+Vf7HxXo=
utm.js
www.mrpaulxavier.com/assets/lib/
3 KB
1 KB
Script
General
Full URL
https://www.mrpaulxavier.com/assets/lib/utm.js?4
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ef1202dcc3e16075fa34718428aca6e6601ee6569ca0f3fa732586acd8d9dc

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-polished
origSize=3892
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08da2ab20300004e197cb47000000001
last-modified
Mon, 15 Mar 2021 03:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VYPrsVXx%2F5ERr8v8I4g%2B7MpVLGTI919BGHZmsdo%2B8ONltb%2B%2BQfmZN7Ys0tPdQ7i0pucpIPUbhE0iUhuGRUgBm1fhR12deThwr52Yd1hD07sTRYbQIpg93i3Kiw5i02e9xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
630a13c99fda4e19-FRA
cf-bgj
minify
/
www.mrpaulxavier.com/pixel/
0
640 B
Other
General
Full URL
https://www.mrpaulxavier.com/pixel/?init=1
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/pixel/?1615856768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary9Qi8dYEY5KUnWOOg

Response headers

cf-request-id
08da2ab58300004e196f2a5000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
date
Tue, 16 Mar 2021 01:06:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E1dR0dHazIYZC0hwiPJcrhfOnJZAtaDrWakS4adYAriHwsl%2FEvsU6lg81Pop6d1js%2Bb11W1CjM%2BVvJSWsxWsFJwLYpJMMJInXRVl0iSM3S1nHSVkjSHVvb5etVmk%2F2cUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
630a13cf3ced4e19-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
universal-script
175313.tracking.markethero.io/v1/lst/
11 KB
11 KB
Script
General
Full URL
https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-24-203.compute-1.amazonaws.com
Software
Jetty(9.4.9.v20180320) /
Resource Hash
686df862397dbdac4d25f621a8120af3b5af1ff03cfa325ea5e870c329c4486a

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
access-control-allow-credentials
true
server
Jetty(9.4.9.v20180320)
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/plain;charset=utf-8
gtm.js
www.googletagmanager.com/
131 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e88ab4aced4701989a910d3cf7d6241edf3d4144ad52951fa33ea0a899a8643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45518
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 01:06:10 GMT
/
proto.paidtoday.com/p/http://www.mrpaulxavier.com/ Frame DD20
707 B
896 B
Document
General
Full URL
https://proto.paidtoday.com/p/http://www.mrpaulxavier.com/
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70fc92b77aa40f635af83119f62e4b0e2b82bf63a3791cffd3f0098a8b5924bd

Request headers

:method
GET
:authority
proto.paidtoday.com
:scheme
https
:path
/p/http://www.mrpaulxavier.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mrpaulxavier.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mrpaulxavier.com/

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d66c1afe99addc64676162c13764863a41615856770; expires=Thu, 15-Apr-21 01:06:10 GMT; path=/; domain=.paidtoday.com; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
08da2ab5b400004e0d18b93000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eY%2FmNmEXJVp8SgM9nzunxV5DP4%2FjjmotHkolpSPE4eu4StZOe2OYsQqj9WcoTQFa4CkCEubGlNuIRqhVKX3RIZpNyMvG2tonygOG4F6SChPUyMUZs5Onif%2BsKqihHaRc"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
630a13cf8b3d4e0d-FRA
content-encoding
br
photo-1438375377985-cc22e0503a6f
images.unsplash.com/
Redirect Chain
  • https://source.unsplash.com/XT5OInaElMw/1600x900
  • https://images.unsplash.com/photo-1438375377985-cc22e0503a6f?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=900&ixid=MXwxfDB8MXxhbGx8fHx8fHx8fA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=re...
273 KB
273 KB
Image
General
Full URL
https://images.unsplash.com/photo-1438375377985-cc22e0503a6f?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=900&ixid=MXwxfDB8MXxhbGx8fHx8fHx8fA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1600
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
271ffc5e2d51bbfb970301163b30ab0170ee3e982f2f82509430be95fc0af736
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 12:32:31 GMT
server
imgix
age
3501219
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
de9c27e5ba938b42ba87aeda5a00f67ad1fb8277
accept-ranges
bytes
content-length
279157
x-served-by
cache-sjc10068-SJC, cache-fra19120-FRA

Redirect headers

Date
Tue, 16 Mar 2021 01:06:10 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
0107a2b2-8cfb-4217-ae00-6f9cd154f44f
X-Runtime
0.012220
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=utf-8
Location
https://images.unsplash.com/photo-1438375377985-cc22e0503a6f?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=900&ixid=MXwxfDB8MXxhbGx8fHx8fHx8fA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1600
Cache-Control
no-cache
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Amatic%20SC|Anton|Architects%20Daughter|Cantata%20One|Cardo|Cinzel|Do%20Hyeon|Domine|Fredericka%20the%20Great|Fredoka%20One|Great%20Vibes|Indie%20Flower|Julius%20Sans%20One|Karla|Lora|Love%20Ya%20Like%20A%20Sister|Merriweather|Montserrat|Montserrat%20Subrayada|New%20Rocker|Nothing%20You%20Could%20Do|Open%20Sans|Pacifico|Paprika|Permanent%20Marker|Poppins|Press%20Start%202P|Reenie%20Beanie|Roboto%20Slab|Shadows%20Into%20Light%20Two|Sue%20Ellen%20Francisco|Tangerine|Lato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mrpaulxavier.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 04:06:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
421176
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 11 Mar 2022 04:06:34 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/
76 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.mrpaulxavier.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2393829
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77400
cf-request-id
08da2ab60200002c4efd0bd000000001
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-12e58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G8ybAnWC8rgRYU0Fglr1P4TrP1vIexBE2NitWJ78M%2FbzjD5pELp2oQHjOV8uiaDpAz0bKjDEkNQxTE41dXxkebS5n8aGoPYQXQAOVCU%2Bo5KRpzyDBA9EpaGoXPX5ZEnHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
630a13d0089e2c4e-FRA
expires
Sun, 06 Mar 2022 01:06:10 GMT
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3815
date
Tue, 16 Mar 2021 00:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 16 Mar 2021 02:02:35 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
4 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2100:1a6::25ea Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:06:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=17776
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
getTrackingCode
qd236.infusionsoft.com/app/webTracking/
7 KB
3 KB
Script
General
Full URL
https://qd236.infusionsoft.com/app/webTracking/getTrackingCode?trackingId=c3dfbd3ea11107abe443f9b40fc6564f
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b2645c8f9b030cca040c7aa8f95451030d5f9ca96a92e2a21b5dfadf78229f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000;includeSubDomains
cf-request-id
08da2ab6b500004a9e90b61000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
via
1.1 google
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
cf-ray
630a13d12caa4a9e-FRA
expires
Tue, 16 Mar 2021 01:06:10 GMT
t97e6aba92565fc53fb4503f4bd03afc6.js
d2ieqaiwehnqqp.cloudfront.net/
132 KB
22 KB
Script
General
Full URL
https://d2ieqaiwehnqqp.cloudfront.net/t97e6aba92565fc53fb4503f4bd03afc6.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1b8603a5e6199a0b9e61b0d0087887ff83daf539b62dfbbe02bcb0690e5c1aa

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 06:44:26 GMT
content-encoding
gzip
last-modified
Mon, 25 May 2020 22:38:25 GMT
server
AmazonS3
age
66105
etag
W/"4e5121e8c7ba76ede25fa2b020c4c2fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
C7GhDJmYMxYEoORHuBf90wgtKOdkmN3nazJCWUOL2ocqQFdHbtSWQQ==
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-816042378
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c970f00de88391c4dcc4ac2c14cef40b39cf4076324339e0b3dc1884e61a7cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38908
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 01:06:10 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
efaHcDHtLOgpwultgz7A08LnbvF08kwkP/9x4uy84ybp+bR3sODUJ6L8ICu0bLEsq4G6crHelRK5VB29kN9Xzw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Tue, 16 Mar 2021 01:06:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
diffuser.js
diffuser-cdn.app-us1.com/diffuser/
24 KB
6 KB
Script
General
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-encoding
gzip
cf-cache-status
HIT
age
78
x-cache
Hit from cloudfront
cf-request-id
08da2ab6b00000d6e5989cb000000001
last-modified
Mon, 22 Feb 2021 18:41:52 GMT
server
cloudflare
etag
W/"1e16152334c325a4abb81f1a8ee52e51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA50-C1
cf-ray
630a13d11c58d6e5-FRA
x-amz-cf-id
jRrH8l_r-Z55cv8vP872dccZfETLBl7IwHRG4WSF-4Iv0j3x8EZlDg==
collect
www.google-analytics.com/j/
2 B
392 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1491551373&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrpaulxavier.com%2F&ul=en-us&de=UTF-8&dt=Paul%20Xavier%20Official&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=281549595&gjid=61923735&cid=1469438388.1615856771&tid=UA-98246218-1&_gid=1236895961.1615856771&_r=1&gtm=2wg330K6GWVF&z=68936682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mrpaulxavier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
320536958845920
connect.facebook.net/signals/config/
241 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/320536958845920?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1525241cd7e07eb2c68b2b1b1bc39f55d3f61c35d978b85fc1d029cf64072ba8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
ymFvfVQoNIuS89M5iQBhCBJ6V1FbutN/LQSvL6ky911WD9Jftvij2vSeEoztatzF9p4pGlBfRGJSVrEeA4o6oA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 16 Mar 2021 01:06:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1773602%26time%3D1615856770755%26url%3Dhttps%253A%252F%252Fwww.mrpaulxavier.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&liSync=true
0
57 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&liSync=true
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
GLJALSytbBaQsQnD3ioAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
memXISytbBaAKwVXeSsAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: 9103AC9F38A740069388F4C8AB4A78B9 Ref B: FRAEDGE0918 Ref C: 2021-03-16T01:06:11Z
date
Tue, 16 Mar 2021 01:06:10 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
prism.app-us1.com/
248 B
416 B
Script
General
Full URL
https://prism.app-us1.com/?a=475334047&u=https%3A%2F%2Fwww.mrpaulxavier.com%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
529285a3719b5395898b41be962f286a328a06fb03749faff08047ee8ee02c15

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, private
cf-ray
630a13d14c72d6e5-FRA
cf-request-id
08da2ab6cc0000d6e5e12d7000000001
collect
stats.g.doubleclick.net/j/
4 B
92 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-98246218-1&cid=1469438388.1615856771&jid=281549595&gjid=61923735&_gid=1236895961.1615856771&_u=YEBAAAAAAAAAAC~&z=1718189033
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 16 Mar 2021 01:06:10 GMT
content-type
text/plain
access-control-allow-origin
https://www.mrpaulxavier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-98246218-1&cid=1469438388.1615856771&jid=281549595&_u=YEBAAAAAAAAAAC~&z=1900205864
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-98246218-1&cid=1469438388.1615856771&jid=281549595&_u=YEBAAAAAAAAAAC~&z=1900205864
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame DD20
80 KB
31 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ND6W6PN
Requested by
Host: proto.paidtoday.com
URL: https://proto.paidtoday.com/p/http://www.mrpaulxavier.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80f168585a10cb7f2cc6af57c7f93a48d88942c17ab5ab89f0c1ff8c4654ba9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://proto.paidtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32017
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 01:06:10 GMT
3018702641492519
connect.facebook.net/signals/config/
241 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/3018702641492519?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a6c0685bb4cfa8cfb65969c51e4ce338ba1c1c38084915b1572b0134b23c2df
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
aNzqQIYhgqyls+hpwXQTL5SoG/n2G8zAcrENJ9yuEolFPrvErXp+cw9Kb+nzAuUjyh5hAoHyJhT/obTOAGW8cA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 16 Mar 2021 01:06:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
259 B
Image
General
Full URL
https://www.facebook.com/tr/?id=320536958845920&ev=PageView&dl=https%3A%2F%2Fwww.mrpaulxavier.com%2F&rl=&if=false&ts=1615856770858&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615856770856.1876810680&it=1615856770750&coo=false&rqm=GET
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 16 Mar 2021 01:06:10 GMT
gusid
175313.tracking.hyros.com/v1/lst/
0
462 B
XHR
General
Full URL
https://175313.tracking.hyros.com/v1/lst/gusid
Requested by
Host: 175313.tracking.markethero.io
URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-24-203.compute-1.amazonaws.com
Software
Jetty(9.4.9.v20180320) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.mrpaulxavier.com/
Access-Control-Allow-Headers
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json; charset=utf-8

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
session-id
HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
etag
HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://www.mrpaulxavier.com
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
server
Jetty(9.4.9.v20180320)
gusid
175313.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175313.tracking.hyros.com/v1/lst/gusid
Protocol
H2
Server
54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-24-203.compute-1.amazonaws.com
Software
Jetty(9.4.9.v20180320) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type
Origin
https://www.mrpaulxavier.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
1322
access-control-allow-origin
https://www.mrpaulxavier.com
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Tue, 16 Mar 2021 01:06:11 UTC
server
Jetty(9.4.9.v20180320)
analytics.js
www.google-analytics.com/ Frame DD20
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND6W6PN
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proto.paidtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3815
date
Tue, 16 Mar 2021 00:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 16 Mar 2021 02:02:35 GMT
js
www.googletagmanager.com/gtag/ Frame DD20
99 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-73671-22
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND6W6PN
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e1a63356ea4fb79409799e099e0599273a7bcc40f1f9b1f0423a1307e32083a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://proto.paidtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39705
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Mar 2021 01:06:10 GMT
scevent.min.js
sc-static.net/ Frame DD20
13 KB
6 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-78.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
6a7b9101cdef7bb2896628ff862d93a60ece90488ac036e16c997e2f27acded2

Request headers

Referer
https://proto.paidtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
DUS51-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5492
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
x-amz-cf-id
C7srgDDofjEToIOapUuBRZuNfiy6rJyjm7scX_-tQyn7LucosunLaw==
analytics.js
www.google-analytics.com/ Frame DD20
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-73671-22
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proto.paidtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3815
date
Tue, 16 Mar 2021 00:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 16 Mar 2021 02:02:35 GMT
/
ip.itracker360.com/
14 B
186 B
XHR
General
Full URL
https://ip.itracker360.com/
Requested by
Host: d2ieqaiwehnqqp.cloudfront.net
URL: https://d2ieqaiwehnqqp.cloudfront.net/t97e6aba92565fc53fb4503f4bd03afc6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f19.1e100.net
Software
Google Frontend /
Resource Hash
f4aa5a3b3420b193597567f536578c6edb5204a3b119c65701208c20befde87c

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-cloud-trace-context
982e01c5e2dcf4465c8e2eddd08fe95c
cache-control
no-cache
content-length
34
conversion_async.js
www.googleadservices.com/pagead/
32 KB
13 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-816042378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12620
x-xss-protection
0
server
cafe
etag
4454677202539371103
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 01:06:11 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=3018702641492519&ev=PageView&dl=https%3A%2F%2Fwww.mrpaulxavier.com%2F&rl=&if=false&ts=1615856770963&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615856770856.1876810680&it=1615856770750&coo=false&rqm=GET
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 16 Mar 2021 01:06:10 GMT
i
tr.snapchat.com/cm/ Frame B529
0
203 B
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=55fd23a1-d4f8-4ae9-b583-25760bb60c99
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=55fd23a1-d4f8-4ae9-b583-25760bb60c99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://proto.paidtoday.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://proto.paidtoday.com/

Response headers

server
nginx/1.17.3
date
Tue, 16 Mar 2021 01:06:11 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js-sha256-v1.min.js
sc-static.net/ Frame DD20
22 KB
8 KB
Script
General
Full URL
https://sc-static.net/js-sha256-v1.min.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-78.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin
https://proto.paidtoday.com
Referer
https://proto.paidtoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 22:57:08 GMT
content-encoding
gzip
age
7744
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 05 Apr 2019 00:32:08 GMT
server
AmazonS3
etag
W/"68f2467c84878293c9ee497dbc99a17f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
hR9LDXeelV0MDDb2tFdnwbeZ9G5Ie5-cFVc_X7ndIZ2pa9nB4hJHiQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/816042378/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/816042378/?random=1615856771057&cv=9&fst=1615856771057&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&tiba=Paul%20Xavier%20Official&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b1466cd0a5d3bb89a38ca57823d0b32e72215bb032b0e7ce1229f757df70256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 01:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1028
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
tr.snapchat.com/ Frame EF9F
0
362 B
Document
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
337
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://proto.paidtoday.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://proto.paidtoday.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://proto.paidtoday.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://proto.paidtoday.com/

Response headers

server
nginx/1.17.3
date
Tue, 16 Mar 2021 01:06:11 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQQhegOWdT6RUcPxtCrti0vvUacdv0UEZR/a3TB5zx9NiRVT74AXwHHewyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.google.com/pagead/1p-user-list/816042378/
42 B
530 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/816042378/?random=1615856771057&cv=9&fst=1615856400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&tiba=Paul%20Xavier%20Official&async=1&fmt=3&is_vtc=1&random=3493952541&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 01:06:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/816042378/
42 B
530 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/816042378/?random=1615856771057&cv=9&fst=1615856400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&tiba=Paul%20Xavier%20Official&async=1&fmt=3&is_vtc=1&random=3493952541&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 01:06:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t_prism_sitemessages.php
trackcmp.net/
0
271 B
Script
General
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=475334047&prismid=34d2726a-908a-4ba4-95c2-b267c4158592&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.184.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-184-68.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
server
Apache/2.4.46 (Amazon)
x-powered-by
PHP/7.1.33
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control
no-cache, private
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type
text/javascript;charset=UTF-8
content-length
0
/
www.facebook.com/tr/
0
84 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryQi2cy6dJQLZHxzBT

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 16 Mar 2021 01:06:11 GMT
content-type
text/plain
access-control-allow-origin
https://www.mrpaulxavier.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/
0
31 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAPB0h9Yk05LailxJ

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 16 Mar 2021 01:06:11 GMT
content-type
text/plain
access-control-allow-origin
https://www.mrpaulxavier.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
pc
175313.tracking.hyros.com/v1/lst/ Frame
0
0
Preflight
General
Full URL
https://175313.tracking.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36
Protocol
H2
Server
54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-24-203.compute-1.amazonaws.com
Software
Jetty(9.4.9.v20180320) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,session-id
Origin
https://www.mrpaulxavier.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
content-type
application/vnd.sun.wadl+xml;charset=utf-8
content-length
2148
access-control-allow-origin
https://www.mrpaulxavier.com
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,session-id
access-control-expose-headers
Session-ID
access-control-max-age
86400
access-control-allow-credentials
true
allow
HEAD,GET,OPTIONS
last-modified
Tue, 16 Mar 2021 01:06:11 UTC
server
Jetty(9.4.9.v20180320)
pc
175313.tracking.hyros.com/v1/lst/
0
461 B
XHR
General
Full URL
https://175313.tracking.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36
Requested by
Host: 175313.tracking.markethero.io
URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-24-203.compute-1.amazonaws.com
Software
Jetty(9.4.9.v20180320) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.mrpaulxavier.com/
Session-ID
HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
Access-Control-Allow-Headers
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json; charset=utf-8

Response headers

date
Tue, 16 Mar 2021 01:06:11 GMT
session-id
HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
etag
HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://www.mrpaulxavier.com
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
server
Jetty(9.4.9.v20180320)
websiteTriggerIframe
qd236.infusionsoft.app/app/webTracking/ Frame 9ADD
1 KB
2 KB
Document
General
Full URL
https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe
Requested by
Host: qd236.infusionsoft.com
URL: https://qd236.infusionsoft.com/app/webTracking/getTrackingCode?trackingId=c3dfbd3ea11107abe443f9b40fc6564f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d58f7667476385af3f2ffddb2123e8a3b8b452ef56d1d9a452d7e7b5d46ed0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
qd236.infusionsoft.app
:scheme
https
:path
/app/webTracking/websiteTriggerIframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mrpaulxavier.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mrpaulxavier.com/

Response headers

date
Tue, 16 Mar 2021 01:06:12 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=de899ce94ff3816ce424a7251007631161615856772; expires=Thu, 15-Apr-21 01:06:12 GMT; path=/; domain=.infusionsoft.app; HttpOnly; SameSite=Lax; Secure JSESSIONID=762F73EAB90ED9A6E89E4A05C8D995EF; Path=/; Secure; HttpOnly GCLB=CIafheLz5JPF0gE; path=/; HttpOnly; expires=Tue, 16-Mar-2021 13:06:12 GMT __cf_bm=b7ba119be32ef5e625db1f45ca1ff2cfe21fb7a5-1615856772-1800-AXX4BAbVXQfAxxn/oMhyiqyV+89UrBJMBw9WVQSI01FvPbvmr0z2oxtYc+xfico6nmXxs34q1Dz5Etyb3U2fJuGu9xExy0x3lafFi91JtTi4; path=/; expires=Tue, 16-Mar-21 01:36:12 GMT; domain=.infusionsoft.app; HttpOnly; Secure; SameSite=None
pragma
no-cache
cache-control
no-cache, no-store
expires
Tue, 16 Mar 2021 01:06:12 GMT
strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-language
en-US
vary
Accept-Encoding
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08da2abc130000c303e6837000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
630a13d9bd08c303-FRA
content-encoding
gzip
api.js
qd236.infusionsoft.app/cdn-cgi/bm/cv/669835187/ Frame 9ADD
35 KB
9 KB
Script
General
Full URL
https://qd236.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: qd236.infusionsoft.app
URL: https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
630a13dacd81c303-FRA
cf-request-id
08da2abcc10000c303ce0e7000000001
spacer.gif
qd236.infusionsoft.app/slices/
Redirect Chain
  • https://qd236.infusionsoft.app/app/webTracking/contact/1615856770926?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.mrpaulxavier.com&location=https://www.mrpaulxavier....
  • https://qd236.infusionsoft.app/slices/spacer.gif
43 B
279 B
Image
General
Full URL
https://qd236.infusionsoft.app/slices/spacer.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrpaulxavier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
63157
vary
Accept-Encoding
cf-request-id
08da2abd7d0000c303e3038000000001
last-modified
Sat, 13 Mar 2021 17:48:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"43-1615657727000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;includeSubDomains
content-type
image/gif;charset=UTF-8
via
1.1 google
x-xss-protection
1; mode=block
cache-control
public, max-age=31490843
cf-ray
630a13dbfdf8c303-FRA
expires
Tue, 15 Mar 2022 12:33:35 GMT

Redirect headers

date
Tue, 16 Mar 2021 01:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
strict-transport-security
max-age=31536000;includeSubDomains
cf-request-id
08da2abcd00000c303a8827000000001
pragma
no-cache, no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
/slices/spacer.gif
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, no-cache, no-store
cf-ray
630a13daed8bc303-FRA
expires
Tue, 16 Mar 2021 01:06:12 GMT, -1
result
qd236.infusionsoft.app/cdn-cgi/bm/cv/ Frame 9ADD
0
357 B
XHR
General
Full URL
https://qd236.infusionsoft.app/cdn-cgi/bm/cv/result?req_id=630a13d9bd08c303
Requested by
Host: qd236.infusionsoft.app
URL: https://qd236.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Mar 2021 01:06:12 GMT
vary
Accept-Encoding
server
cloudflare
cf-ray
630a13dbadd5c303-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-request-id
08da2abd4b0000c303ea37b000000001

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap function| CssSelectorGenerator string| _elog_page_id function| _elog_record_event object| my_selector_generator function| _elog_intialize_action_logger function| _elog_clickHandler object| _elog_hm_heatmap function| _elog_hm_initialize_heatmap function| _elog_hm_load_data number| heartbeatConfig function| pt_heartbeat function| pt_init function| pt_leaving object| head object| script object| dataLayer function| getRefQueryParam function| u function| insert_before_hash function| formatDate string| utmParamQueryString string| utmParamQueryStringTrimmed string| utm_source string| utm_medium string| utm_content string| utm_campaign string| utm_term string| ptm_date string| location_hash function| labnolThumb function| labnolIframe object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq string| visitorGlobalObjectAlias function| vgo object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk string| prismGlobalObjectAlias object| visitorGlobalObject boolean| mh_uts_available object| _0x5999 function| _0x4b30 function| trackerLoad string| os string| str number| c object| iTracker360 function| gtag function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| content function| mcAsyncInit

11 Cookies

Domain/Path Name / Value
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQQhegOWdT6RUcPxtCrti0vvUacdv0UEZR/a3TB5zx9NiRVT74AXwHHewyAAAA
.mrpaulxavier.com/ Name: __cfduid
Value: de04bdcea5d770ce5cf0fd098b801200e1615856770
.mrpaulxavier.com/ Name: prism_475334047
Value: 34d2726a-908a-4ba4-95c2-b267c4158592
.mrpaulxavier.com/ Name: _gat_UA-98246218-1
Value: 1
.mrpaulxavier.com/ Name: _fbp
Value: fb.1.1615856770856.1876810680
www.mrpaulxavier.com/ Name: ptpx
Value: 1972765
www.mrpaulxavier.com/ Name: ptx
Value: 1871005
.mrpaulxavier.com/ Name: _gid
Value: GA1.2.1236895961.1615856771
.mrpaulxavier.com/ Name: _ga
Value: GA1.2.1469438388.1615856771
.mrpaulxavier.com/ Name: iTracker360
Value: sou%3Ddirect%7Cmed%3Dnone%7Cter%3D-%7Ccon%3D-%7Ccam%3Ddirect%7Cref%3Dhttps%253A//www.mrpaulxavier.com/%7Cfirstlpurl%3Dhttps%253A//www.mrpaulxavier.com/%7Cgcl%3D%7Cgaclientid%3D%7Cleadsource%3Ddirect%7Cip%3D%7Ccustomfield1%3D%7Ccustomfield2%3D%7Ccustomfield3%3D%7Ccustomfield4%3D
.mrpaulxavier.com/ Name: _gcl_au
Value: 1.1.1816074361.1615856771

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.mrpaulxavier.com/(Line 432)
Message:
pathname /
console-api log URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking(Line 1)
Message:
%c [UTS] [gusid]: HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258 color: green;
console-api log URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking(Line 1)
Message:
%c [UTS] [pc] color: green;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175313.tracking.hyros.com
175313.tracking.markethero.io
cdnjs.cloudflare.com
connect.facebook.net
d2ieqaiwehnqqp.cloudfront.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.unsplash.com
ip.itracker360.com
paidtoday-dev.s3.us-west-2.amazonaws.com
prism.app-us1.com
proto.paidtoday.com
px.ads.linkedin.com
qd236.infusionsoft.app
qd236.infusionsoft.com
sc-static.net
snap.licdn.com
source.unsplash.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tr.snapchat.com
trackcmp.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.mrpaulxavier.com
13.226.159.78
142.250.185.226
142.250.185.243
2606:4700:20::681a:392
2606:4700:3035::ac43:ccf1
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6811:925b
2606:4700::6812:bcf
2606:4700::6812:f74
2606:4700::6813:9856
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:802::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9b
2a02:26f0:2100:1a6::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::720
34.202.184.68
35.186.226.184
50.19.119.4
52.218.144.17
54.210.24.203
65.9.67.124
0069c6751c67ba4fe306b839db52e6a742eddbc035cbd55e76ea96b8786ae779
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
0ab839d98d2e828636527a16f34d36a21bbaf0193ee9ef92468be41393d87295
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d90f7c8c022bef1df08221b793bb2274c1459216f3d72741d6ef3e921e168a3
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1525241cd7e07eb2c68b2b1b1bc39f55d3f61c35d978b85fc1d029cf64072ba8
1e1a63356ea4fb79409799e099e0599273a7bcc40f1f9b1f0423a1307e32083a
271ffc5e2d51bbfb970301163b30ab0170ee3e982f2f82509430be95fc0af736
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
387462db7ba8e3ddf0f96c1950abde96b1d9b904d8d4267c11296b6a12f4900e
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
3cfe8dae375e057ea0c9cb5c7582757baca78afa1706fdc79f0ef5babcf1af15
4e88ab4aced4701989a910d3cf7d6241edf3d4144ad52951fa33ea0a899a8643
529285a3719b5395898b41be962f286a328a06fb03749faff08047ee8ee02c15
57ef1202dcc3e16075fa34718428aca6e6601ee6569ca0f3fa732586acd8d9dc
5e6babaf85a7e8131f0b2f846c39a669d4a89120492d1d8573b6ceeda04fa1d8
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
613334e42b987fd393c4540e07b158d40af0f50ed619662969251a136a52f992
686df862397dbdac4d25f621a8120af3b5af1ff03cfa325ea5e870c329c4486a
6a7b9101cdef7bb2896628ff862d93a60ece90488ac036e16c997e2f27acded2
70fc92b77aa40f635af83119f62e4b0e2b82bf63a3791cffd3f0098a8b5924bd
7583e24e66cf2e38ff5dbedd1f97f635ac681ff5c4a6bf70b28575a2c9b77eb7
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
80f168585a10cb7f2cc6af57c7f93a48d88942c17ab5ab89f0c1ff8c4654ba9d
829dd2bacd67d191fe0656618b68846a769a63f798bce7dcc3bc9ada92541cac
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6c0685bb4cfa8cfb65969c51e4ce338ba1c1c38084915b1572b0134b23c2df
8b2645c8f9b030cca040c7aa8f95451030d5f9ca96a92e2a21b5dfadf78229f4
8b8a6e32d22be7c6eec24e55efcb3d0501aaf1eba021667da2260ce219d35bc4
8d58f7667476385af3f2ffddb2123e8a3b8b452ef56d1d9a452d7e7b5d46ed0f
8db98c24c280b8760083ceb567f117d665ac5fa92a706487c2c01862995cbf85
9b1466cd0a5d3bb89a38ca57823d0b32e72215bb032b0e7ce1229f757df70256
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a43312749a32fcb09fb3308e76ce73928f032ad195e65b0b36b9b573c1cc4805
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
babe7f8bc2ba948aed2fcad7faa23f65ae65a0f05a3fbe495983fc4fe5ac0e12
bb1844dd0ff9db482d80b5be84701ff978da25332c9369f5a23c321cfc02fe6b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c970f00de88391c4dcc4ac2c14cef40b39cf4076324339e0b3dc1884e61a7cd5
d026639bc308693e757229f6789758d3735511701d19759b1f9d3daa4b26566c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1b8603a5e6199a0b9e61b0d0087887ff83daf539b62dfbbe02bcb0690e5c1aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a5aa647585eeefc3eba998efede57dcbec1d08444da45b7ab3c87d35c88640
e6f38187727f672152e8aca0ba8bb332a29b1e43cd340a70d47b12066c6028ab
ee47f190737583b975ad3a02e45ca2f0f8e7fec650494a80d0e8dad4b5bc546b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4aa5a3b3420b193597567f536578c6edb5204a3b119c65701208c20befde87c
f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e
fd4e304872ffca82ac8756ed673168aa0c14c2ee82c571ab881cb8e0ac99f595