www.mrpaulxavier.com Open in urlscan Pro
2606:4700:3035::ac43:ccf1 Public Scan

URL:
https://www.mrpaulxavier.com/
Submission: On March 16 via api (March 16th 2021, 1:06:29 am UTC) from US

Summary HTTP 72 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 28 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3035::ac43:ccf1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mrpaulxavier.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.

This is the only time www.mrpaulxavier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3035::ac43:ccf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
13	52.218.144.17 52.218.144.17	16509 (AMAZON-02) (AMAZON-02)
5	54.210.24.203 54.210.24.203	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	50.19.119.4 50.19.119.4	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:210... 2a02:26f0:2100:1a6::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:f74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.67.124 65.9.67.124	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.226.159.78 13.226.159.78	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.243 142.250.185.243	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	34.202.184.68 34.202.184.68	14618 (AMAZON-AES) (AMAZON-AES)
1 5	2606:4700::68... 2606:4700::6813:9856	13335 (CLOUDFLAR...) (CLOUDFLARENET)
72	31

8 2606:4700:3035::ac43:ccf1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mrpaulxavier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.218.144.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

paidtoday-dev.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.210.24.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-24-203.compute-1.amazonaws.com

175313.tracking.markethero.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
175313.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:392 (United States)

ASN13335 (CLOUDFLARENET, US)

proto.paidtoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.119.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-119-4.compute-1.amazonaws.com

source.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2100:1a6::25ea (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f74 (United States)

ASN13335 (CLOUDFLARENET, US)

qd236.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.124 (United States)

ASN16509 (AMAZON-02, US)

d2ieqaiwehnqqp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-78.dus51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.243 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f19.1e100.net

ip.itracker360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.184.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-184-68.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9856 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qd236.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	amazonaws.com paidtoday-dev.s3.us-west-2.amazonaws.com	933 KB
8	mrpaulxavier.com www.mrpaulxavier.com	55 KB
5	infusionsoft.app 1 redirects qd236.infusionsoft.app	12 KB
4	hyros.com 175313.tracking.hyros.com	923 B
4	facebook.com www.facebook.com	475 B
4	google-analytics.com www.google-analytics.com	56 KB
4	googletagmanager.com www.googletagmanager.com	153 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	facebook.net connect.facebook.net	162 KB
2	snapchat.com tr.snapchat.com	565 B
2	sc-static.net sc-static.net	14 KB
2	google.de www.google.de	637 B
2	google.com www.google.com	637 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	app-us1.com diffuser-cdn.app-us1.com prism.app-us1.com	6 KB
2	unsplash.com 1 redirects source.unsplash.com images.unsplash.com	274 KB
2	cloudflare.com cdnjs.cloudflare.com	87 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	43 KB
1	trackcmp.net trackcmp.net	271 B
1	googleadservices.com www.googleadservices.com	13 KB
1	itracker360.com ip.itracker360.com	186 B
1	cloudfront.net d2ieqaiwehnqqp.cloudfront.net	22 KB
1	infusionsoft.com qd236.infusionsoft.com	3 KB
1	licdn.com snap.licdn.com	2 KB
1	gstatic.com fonts.gstatic.com	23 KB
1	paidtoday.com proto.paidtoday.com	896 B
1	markethero.io 175313.tracking.markethero.io	11 KB
1	googleapis.com fonts.googleapis.com	16 KB
72	28

	Domain	Requested by
13	paidtoday-dev.s3.us-west-2.amazonaws.com	www.mrpaulxavier.com
8	www.mrpaulxavier.com	www.mrpaulxavier.com
5	qd236.infusionsoft.app	1 redirects qd236.infusionsoft.com qd236.infusionsoft.app
4	175313.tracking.hyros.com	175313.tracking.markethero.io
4	www.facebook.com	www.mrpaulxavier.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.mrpaulxavier.com www.googletagmanager.com proto.paidtoday.com
3	connect.facebook.net	www.mrpaulxavier.com connect.facebook.net
2	tr.snapchat.com	www.mrpaulxavier.com
2	sc-static.net	www.mrpaulxavier.com sc-static.net
2	www.google.de	www.mrpaulxavier.com
2	www.google.com	www.mrpaulxavier.com
2	px.ads.linkedin.com	1 redirects www.mrpaulxavier.com
2	cdnjs.cloudflare.com	www.mrpaulxavier.com cdnjs.cloudflare.com
2	stackpath.bootstrapcdn.com	www.mrpaulxavier.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	ip.itracker360.com	d2ieqaiwehnqqp.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	www.linkedin.com	1 redirects
1	diffuser-cdn.app-us1.com	www.mrpaulxavier.com
1	d2ieqaiwehnqqp.cloudfront.net	www.googletagmanager.com
1	qd236.infusionsoft.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	images.unsplash.com	www.mrpaulxavier.com
1	source.unsplash.com	1 redirects
1	proto.paidtoday.com	www.mrpaulxavier.com
1	175313.tracking.markethero.io	www.mrpaulxavier.com
1	fonts.googleapis.com	www.mrpaulxavier.com
72	32

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
app.mrpaulxavier.com
mrpaulxavier.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
tracking.markethero.io Amazon	`2020-09-28` - `2021-10-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
paidtoday.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
imgix2.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-11-12` - `2021-07-07`	8 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.infusionsoft.com Go Daddy Secure Certificate Authority - G2	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tracking.hyros.com Amazon	`2020-06-30` - `2021-07-30`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
ip.itracker360.com GTS CA 1D2	`2021-02-27` - `2021-05-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.trackcmp.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.infusionsoft.app GeoTrust TLS RSA CA G1	`2020-04-09` - `2021-06-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.mrpaulxavier.com/
Frame ID: 60EA8771514840CA056E69526BFBC616
Requests: 58 HTTP requests in this frame

Frame: https://proto.paidtoday.com/p/http://www.mrpaulxavier.com/
Frame ID: DD207DD05F24A865EC00799B133C556A
Requests: 7 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=55fd23a1-d4f8-4ae9-b583-25760bb60c99
Frame ID: B529DA82EA26E49DC9CAC126C3CC5331
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: EF9FC2A34C074BD1AC5EE35F4DF59E1B
Requests: 1 HTTP requests in this frame

Frame: https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: 9ADDB5C46BA5DCEB258E40E443E68211
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

72
Requests

100 %
HTTPS

73 %
IPv6

28
Domains

32
Subdomains

31
IPs

3
Countries

1890 kB
Transfer

3273 kB
Size

11
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/groups/thebusinessofvideoproduction/?ptm_date=1615856770553
Title: Free Community

Search URL Search Domain Scan URL

URL: https://app.mrpaulxavier.com/login?ptm_date=1615856770553
Title: Login

Search URL Search Domain Scan URL

URL: https://mrpaulxavier.com/training?ptm_date=1615856770553
Title: Yes! I Want Monthly Recurring Revenue (MRR)

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/mrpaulxavier/?ptm_date=1615856770553
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/mrpaulxavier?sub_confirmation=1&ptm_date=1615856770553
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mrpaulxavier?ptm_date=1615856770553
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mrpaulxavier?ptm_date=1615856770553
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://source.unsplash.com/XT5OInaElMw/1600x900 HTTP 302
https://images.unsplash.com/photo-1438375377985-cc22e0503a6f?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=900&ixid=MXwxfDB8MXxhbGx8fHx8fHx8fA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1600

Request Chain 39

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1773602%26time%3D1615856770755%26url%3Dhttps%253A%252F%252Fwww.mrpaulxavier.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&liSync=true

Request Chain 69

https://qd236.infusionsoft.app/app/webTracking/contact/1615856770926?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.mrpaulxavier.com&location=https://www.mrpaulxavier.com/&referrer= HTTP 302
https://qd236.infusionsoft.app/slices/spacer.gif

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.mrpaulxavier.com/ 67 KB
15 KB 1325ms
1297ms Document
text/html 2606:4700:3035::ac43:ccf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db98c24c280b8760083ceb567f117d665ac5fa92a706487c2c01862995cbf85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.mrpaulxavier.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9057b57af719802c051613da0b8b392c1615856767; expires=Thu, 15-Apr-21 01:06:07 GMT; path=/; domain=.mrpaulxavier.com; HttpOnly; SameSite=Lax; Secure
access-control-allow-origin: *
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 08da2aa91700004e19ab891000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AJckdTzimStITsa0gyX8GahpseYeK8Xq0cXY4MvjaDs1BVCd1UdS%2B9lzjVgnIKqcs6mUYJhaHCT476%2Bt7I5UHyg4QZVK2BjGgP2nCclYX%2B24tY158kXD%2Fkk1zwmm6CTB7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 630a13bb59884e19-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.2.1.min.js Show response
www.mrpaulxavier.com/assets/lib/plugins/jquery/ 85 KB
29 KB 977ms
976ms Script
text/javascript 2606:4700:3035::ac43:ccf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrpaulxavier.com/assets/lib/plugins/jquery/jquery-3.2.1.min.js
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Mar 2021 03:15:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vkPxA4TBymCSG9zpFlXp%2BwZody%2BMeO0HNoAbrJ7z%2BhiIK2Xj%2BCMO9Cu%2FQuvzL2qldiuW9hTey8pk7oYR4odlDITwIqxPLI3VrNtZOELWJ2xWbD9LKfOn%2FSMHAyG%2BJUDBtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 630a13c37a214e19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08da2aae2e00004e196f25d000000001

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
21 KB 30ms
14ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 452313
cdn-cachedat: 2021-03-10 20:26:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08da2aae3d00002bca1ebda000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1463cd69f9140a07f2554f9b3f382d4d
cf-ray: 630a13c39b5d2bca-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.bundle.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 79 KB
22 KB 33ms
18ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.bundle.min.js

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 452299
cdn-cachedat: 2021-03-10 20:26:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08da2aae3d00002bca13164000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 94ed506d213159c8e99f8ad0a55cfc0c
cf-ray: 630a13c39b5e2bca-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css-selector-generator.min.js Show response
www.mrpaulxavier.com/assets/lib/ 5 KB
2 KB 660ms
659ms Script
text/javascript 2606:4700:3035::ac43:ccf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrpaulxavier.com/assets/lib/css-selector-generator.min.js
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d90f7c8c022bef1df08221b793bb2274c1459216f3d72741d6ef3e921e168a3

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Mar 2021 03:15:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0T2lEgA6H7aJgEpjDi0voJrZ1TddKlTqdYihU%2BRvftMtZ2YIkR7XRZURKVPnss8I9qR%2FI9nj%2BxBLinxoKJCYp3PHOcV%2B73%2Bn4%2FTli6CZbsTGTO9HebbjRIRJgTjoZGdj2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 630a13c37a254e19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08da2aae2f00004e19b0059000000001

GET
H2 200 elog.js Show response
www.mrpaulxavier.com/assets/lib/ 2 KB
946 B 667ms
666ms Script
text/javascript 2606:4700:3035::ac43:ccf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrpaulxavier.com/assets/lib/elog.js
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a5aa647585eeefc3eba998efede57dcbec1d08444da45b7ab3c87d35c88640

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-polished: origSize=2813
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08da2aae2f00004e196ba47000000001
last-modified: Mon, 15 Mar 2021 03:15:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ND3PzPyOPvsa922Flh7b9DAE0dNzE8q9Id0uBxoboyBDV5FvCcokhZzAKy77B2u6DKuh2yQXjpe6VPMRPKqJTEco441ODnQ8YPE1v0%2BrQ5FLkDTCcXKBYIqUFFL24GS6Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 630a13c37a274e19-FRA
cf-bgj: minify

GET
H2 200 / Show response
www.mrpaulxavier.com/pixel/ 602 B
652 B 1875ms
1873ms Script
application/javascript 2606:4700:3035::ac43:ccf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrpaulxavier.com/pixel/?1615856768
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cfe8dae375e057ea0c9cb5c7582757baca78afa1706fdc79f0ef5babcf1af15

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id: 08da2aae3000004e19ab8cc000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
date: Tue, 16 Mar 2021 01:06:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nkLM382sXzbGZU0vt6YamgzPzomsc5boXzBxYUnKx015y%2FnsDS%2Fo6nzqFe826w5gynaZhRFkmkcRpgYln0gDmW0LHkFYrOaMvt9hDOf0MLaFZZKO4%2FHyNuQ%2BH6uc0CIltg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 630a13c37a2a4e19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 30ms
15ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 151291
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
cf-request-id: 08da2aae3c00000621f6b1a000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=acAcQZ0EYBgn20vJ3Brj3g6g4HkedXamC7N4qg69rXJAYhJwXQnayQnjANVW8sK2jwygVjce5P2%2BOdfxS7Q%2B9vZaNL59A7gJLiPfTTz1b%2FGZfXkCMJKXV01t%2BVREexLEyA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 630a13c39aa80621-FRA
expires: Sun, 06 Mar 2022 01:06:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 85 KB
16 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d026639bc308693e757229f6789758d3735511701d19759b1f9d3daa4b26566c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 01:06:08 GMT
server: ESF
date: Tue, 16 Mar 2021 01:06:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 01:06:08 GMT

GET
H2 200 paidtoday_blocks.min.css
www.mrpaulxavier.com/assets/blocks/ 33 KB
6 KB 669ms
668ms Stylesheet
text/css 2606:4700:3035::ac43:ccf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrpaulxavier.com/assets/blocks/paidtoday_blocks.min.css
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 613334e42b987fd393c4540e07b158d40af0f50ed619662969251a136a52f992

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Mar 2021 03:15:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8t3T0eoa19jhsYnAk8A6kfCWcyWXtVvC05rPwre0SJ53nAMexOL9zkBpD5YHxGC%2Fugwi8sz2w4CpJ0ydOMgjrfr7Lsp8wWKEYp3NX%2FV1Mr%2BKJ2u1OWkqhE6WqsrFk7A46g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 630a13c37a294e19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08da2aae2f00004e19a80d9000000001

GET
H/1.1 200
OK 2dec04efe4f51b0c44b76a47e8ff7159515e58e0
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 11 KB
12 KB 758ms
215ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/2dec04efe4f51b0c44b76a47e8ff7159515e58e0?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e6babaf85a7e8131f0b2f846c39a669d4a89120492d1d8573b6ceeda04fa1d8

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:11 GMT
Last-Modified: Wed, 10 Jun 2020 17:01:21 GMT
Server: AmazonS3
x-amz-request-id: 2WC82BP0P4W33ETX
ETag: "7167e2dbaf02cc9e383e035b693f3e3d"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="PXI Logo-1.png"
Accept-Ranges: bytes
Content-Length: 11667
x-amz-id-2: conrb2hRK0vzI8DduQDZ7UtExlCOoncFnu8Fj7hJpgy0vhK3oLaFVlIEhUEgKO5KSYSo73eOJLo=

GET
H/1.1 200
OK f77039422c43e7c355005ce143ff2d4689ef2b04
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 2 KB
3 KB 730ms
206ms Image
image/png 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/f77039422c43e7c355005ce143ff2d4689ef2b04?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e6f38187727f672152e8aca0ba8bb332a29b1e43cd340a70d47b12066c6028ab

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Tue, 17 Sep 2019 14:31:59 GMT
Server: AmazonS3
x-amz-request-id: QXYGDS4Z4PW8ME7F
ETag: "52a0e8039db8205b6a852e9a37536698"
Content-Type: image/png
Content-Disposition: attachment; filename="Forbes Logo.png"
Accept-Ranges: bytes
Content-Length: 2456
x-amz-id-2: 1SQOe9FQLkhgt7SNP9rnaCF2BchpHjrUaO8dre86eVXJiI9XqM3djp1lkb0uCTzLZ3zxwTY6/1I=

GET
H/1.1 200
OK 0bcd093508b1774293d7b29c04456c4bb70099aa
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 1 KB
2 KB 732ms
208ms Image
image/png 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/0bcd093508b1774293d7b29c04456c4bb70099aa?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 829dd2bacd67d191fe0656618b68846a769a63f798bce7dcc3bc9ada92541cac

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Tue, 17 Sep 2019 14:31:25 GMT
Server: AmazonS3
x-amz-request-id: QXYVTYE9W96TAMSG
ETag: "c5c0f77529be64a2665cd319f99d2207"
Content-Type: image/png
Content-Disposition: attachment; filename="INC Logo.png"
Accept-Ranges: bytes
Content-Length: 1144
x-amz-id-2: 83ZXlGvY7lxjEPXmD6nJ5372sgd8zmr7ql70sltX/yEDUxpLwnPlfxI2gZt3vPeaug+lHxkWLiE=

GET
H/1.1 200
OK 600096ee919b6ffc4282f830ba1f5b08a50f4f99
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 81 KB
81 KB 753ms
227ms Image
image/png 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/600096ee919b6ffc4282f830ba1f5b08a50f4f99?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: babe7f8bc2ba948aed2fcad7faa23f65ae65a0f05a3fbe495983fc4fe5ac0e12

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Tue, 17 Sep 2019 14:32:26 GMT
Server: AmazonS3
x-amz-request-id: QXYTDVQZ1P4VJADS
ETag: "a55f92e253997dc7f14c8d4071fe1a0d"
Content-Type: image/png
Content-Disposition: attachment; filename="Yahoo Finance Logo .png"
Accept-Ranges: bytes
Content-Length: 83018
x-amz-id-2: 8rXkLuSfadVAavvmnXslM5w2obINrchnK4HqiFUot6T9HKMHNUV2fD20n3NMEEXr2Ly0pzOkDXw=

GET
H/1.1 200
OK 790df07df0e43034db85bdc0c2434f60c828b16e
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 28 KB
29 KB 736ms
210ms Image
image/png 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/790df07df0e43034db85bdc0c2434f60c828b16e?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b8a6e32d22be7c6eec24e55efcb3d0501aaf1eba021667da2260ce219d35bc4

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Tue, 17 Sep 2019 14:30:07 GMT
Server: AmazonS3
x-amz-request-id: QXYT37BEAH6SBFC8
ETag: "facbd2eb976a1de1207b5f574daa7372"
Content-Type: image/png
Content-Disposition: attachment; filename="Entrepreneur Logo 2.png"
Accept-Ranges: bytes
Content-Length: 28981
x-amz-id-2: 0fP/02YgJmkEG5z9UjHUfxq5UKpu1lWv7vGaZV7wbKIi+pSbeh5OYspayyHFYZvJ5XFvS+07fU4=

GET
H/1.1 200
OK 76f34ff80f2952c90e550b8c5237a259ba998dd5
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 139 KB
140 KB 769ms
238ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/76f34ff80f2952c90e550b8c5237a259ba998dd5?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee47f190737583b975ad3a02e45ca2f0f8e7fec650494a80d0e8dad4b5bc546b

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Wed, 13 Nov 2019 22:38:44 GMT
Server: AmazonS3
x-amz-request-id: QXYN5VARAH537WE6
ETag: "fa496d4092c48f9372d9ab0d4691a92c"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="Go Creative Show.png"
Accept-Ranges: bytes
Content-Length: 142442
x-amz-id-2: lF/+tNXOCmVgQdJbzWZ8QaeOKtJz+eg5y/981A05/VWT8b0jNY+vPCmzbX5Kua4/+kXN7MC6LC8=

GET
H/1.1 200
OK f4ee76bf7ff8d0f19592a553d18f39d3728105cf
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 11 KB
11 KB 195ms
188ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/f4ee76bf7ff8d0f19592a553d18f39d3728105cf?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7583e24e66cf2e38ff5dbedd1f97f635ac681ff5c4a6bf70b28575a2c9b77eb7

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Mon, 13 Apr 2020 18:21:45 GMT
Server: AmazonS3
x-amz-request-id: QXYNB3KA38F6AHSC
ETag: "9e85719add508b11304909aa0021e72b"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="14DayFM_Black.png"
Accept-Ranges: bytes
Content-Length: 11009
x-amz-id-2: aPf6lx6ALsHdpyRgbfaxgigf8in6/pcaMFr5P5TGfBIP/16iGn1Yn3lGugTTSAJAbJfIrmROnuI=

GET
H/1.1 200
OK fb0d10cc38a6eadc37424fc85b3ba85b1b93c20c
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 54 KB
54 KB 216ms
212ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/fb0d10cc38a6eadc37424fc85b3ba85b1b93c20c?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bb1844dd0ff9db482d80b5be84701ff978da25332c9369f5a23c321cfc02fe6b

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Mon, 11 May 2020 16:52:07 GMT
Server: AmazonS3
x-amz-request-id: QXYNX24VW9KQ10JJ
ETag: "3fa9c4bd0517a05c9b5316476cf1bd17"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="JPG (white background).jpg"
Accept-Ranges: bytes
Content-Length: 54894
x-amz-id-2: +Uh9x0otdj+cP22R7ZKVYdxi6PLgiPBazrMzCgbHeR4S0LWBjsHcxcfHQPF5eFtozbrhNCn07+k=

GET
H/1.1 200
OK 10b13c3e5f5f7f7c5d3b9993e85f0522387c04ae
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 47 KB
47 KB 191ms
186ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/10b13c3e5f5f7f7c5d3b9993e85f0522387c04ae?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd4e304872ffca82ac8756ed673168aa0c14c2ee82c571ab881cb8e0ac99f595

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Fri, 31 Jul 2020 14:12:23 GMT
Server: AmazonS3
x-amz-request-id: QXYHKXZT8SYQP785
ETag: "074ec7d5eaa90f224b692f281657242c"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="Davinci Logo.png"
Accept-Ranges: bytes
Content-Length: 48160
x-amz-id-2: AjRaCajj4Tl+4FHzVHkfnD3rZn4enttJxA5+n4wWZ/Wmpl3n91gyts2gahCZtDs6Bxdv/2lh/0w=

GET
H/1.1 200
OK 488d1df97347a62316e393a398f517db80fc9bcc
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 41 KB
42 KB 212ms
212ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/488d1df97347a62316e393a398f517db80fc9bcc?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0ab839d98d2e828636527a16f34d36a21bbaf0193ee9ef92468be41393d87295

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Mon, 23 Nov 2020 23:12:45 GMT
Server: AmazonS3
x-amz-request-id: QXYH6KWPS63Z9E6E
ETag: "bbbc55728034e783a4857dd72826448a"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="ETD Logo (black) (1).png"
Accept-Ranges: bytes
Content-Length: 42386
x-amz-id-2: VXb86HJR3kv0zOB4VFAa+iwPvgk01rIsyFIeWyAwpJRaEbsr7tsw1sVw3XTAAAiCCAWEIkRip4c=

GET
H/1.1 200
OK 724bad23fe10649dd0548197cce6f237782ebe7b
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 96 KB
97 KB 328ms
328ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/724bad23fe10649dd0548197cce6f237782ebe7b?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0069c6751c67ba4fe306b839db52e6a742eddbc035cbd55e76ea96b8786ae779

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Wed, 30 Dec 2020 01:21:40 GMT
Server: AmazonS3
x-amz-request-id: QXYKKBEYAK29MF08
ETag: "8a88b0a63c235743447d769adba38922"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="FINAL LOGO.png"
Accept-Ranges: bytes
Content-Length: 98783
x-amz-id-2: pm4pQg4aJFURYC5UJLb0OejRLrkTHkH86suEGXr+gK3X0UEyeURJYb7wIkyFDs1AcZg+64tb3Vo=

GET
H/1.1 200
OK f198cfa927aaa85ed05b78e1d3b60af2d6bdac4b
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 16 KB
16 KB 186ms
185ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/f198cfa927aaa85ed05b78e1d3b60af2d6bdac4b?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 387462db7ba8e3ddf0f96c1950abde96b1d9b904d8d4267c11296b6a12f4900e

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Wed, 17 Jun 2020 04:25:19 GMT
Server: AmazonS3
x-amz-request-id: QXYNRHA1TJGPKMYM
ETag: "672e1ce248eefa5ef7b68e5342eaeeed"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="NLC_Logo_BlackT.png"
Accept-Ranges: bytes
Content-Length: 15957
x-amz-id-2: E9Czf4hIIRfvob+ZODly35gQ/d0bEbv7aEdcCosk45eFHTFkTpASVgAmGkKb3s5LkLWdZTVb9KY=

GET
H/1.1 200
OK 0cd2fe3fe85261998aba5347493d80de3458b459
paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/ 399 KB
399 KB 218ms
218ms Image
binary/octet-stream 52.218.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paidtoday-dev.s3.us-west-2.amazonaws.com/proto/gallery/39/0cd2fe3fe85261998aba5347493d80de3458b459?x-amz-acl=public-read
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.144.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a43312749a32fcb09fb3308e76ce73928f032ad195e65b0b36b9b573c1cc4805

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:12 GMT
Last-Modified: Thu, 16 Jul 2020 23:22:07 GMT
Server: AmazonS3
x-amz-request-id: QXYMAFWD4K7H58ZT
ETag: "6df4d7d5af3e3126ede5afbd1e708977"
Content-Type: binary/octet-stream
Cache-Control: null
Content-Disposition: attachment; filename="Filmmaker logos.png"
Accept-Ranges: bytes
Content-Length: 408333
x-amz-id-2: xse+v/8QPKKLK4Rs8NnTlF1wBSK7sHZ6dV+zIWlcYLTTCihYMWyMSiaoSAd0CUOUXqI+Vf7HxXo=

GET
H2 200 utm.js Show response
www.mrpaulxavier.com/assets/lib/ 3 KB
1 KB 665ms
664ms Script
text/javascript 2606:4700:3035::ac43:ccf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrpaulxavier.com/assets/lib/utm.js?4
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ef1202dcc3e16075fa34718428aca6e6601ee6569ca0f3fa732586acd8d9dc

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-polished: origSize=3892
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08da2ab20300004e197cb47000000001
last-modified: Mon, 15 Mar 2021 03:15:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VYPrsVXx%2F5ERr8v8I4g%2B7MpVLGTI919BGHZmsdo%2B8ONltb%2B%2BQfmZN7Ys0tPdQ7i0pucpIPUbhE0iUhuGRUgBm1fhR12deThwr52Yd1hD07sTRYbQIpg93i3Kiw5i02e9xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 630a13c99fda4e19-FRA
cf-bgj: minify

POST
H2 200 /
www.mrpaulxavier.com/pixel/ 0
640 B 1210ms
1210ms Other
text/html 2606:4700:3035::ac43:ccf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrpaulxavier.com/pixel/?init=1
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/pixel/?1615856768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ccf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9Qi8dYEY5KUnWOOg

Response headers

cf-request-id: 08da2ab58300004e196f2a5000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
date: Tue, 16 Mar 2021 01:06:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E1dR0dHazIYZC0hwiPJcrhfOnJZAtaDrWakS4adYAriHwsl%2FEvsU6lg81Pop6d1js%2Bb11W1CjM%2BVvJSWsxWsFJwLYpJMMJInXRVl0iSM3S1nHSVkjSHVvb5etVmk%2F2cUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 630a13cf3ced4e19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 universal-script Show response
175313.tracking.markethero.io/v1/lst/ 11 KB
11 KB 334ms
102ms Script
text/plain 54.210.24.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-24-203.compute-1.amazonaws.com
Software: Jetty(9.4.9.v20180320) /
Resource Hash: 686df862397dbdac4d25f621a8120af3b5af1ff03cfa325ea5e870c329c4486a

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
access-control-allow-credentials: true
server: Jetty(9.4.9.v20180320)
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/plain;charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
45 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e88ab4aced4701989a910d3cf7d6241edf3d4144ad52951fa33ea0a899a8643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45518
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 01:06:10 GMT

GET
H2 200 / Show response
proto.paidtoday.com/p/http://www.mrpaulxavier.com/ Frame DD20 707 B
896 B 380ms
338ms Document
text/html 2606:4700:20::681a:392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proto.paidtoday.com/p/http://www.mrpaulxavier.com/
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70fc92b77aa40f635af83119f62e4b0e2b82bf63a3791cffd3f0098a8b5924bd

Request headers

:method: GET
:authority: proto.paidtoday.com
:scheme: https
:path: /p/http://www.mrpaulxavier.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mrpaulxavier.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.mrpaulxavier.com/

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d66c1afe99addc64676162c13764863a41615856770; expires=Thu, 15-Apr-21 01:06:10 GMT; path=/; domain=.paidtoday.com; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
cf-request-id: 08da2ab5b400004e0d18b93000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eY%2FmNmEXJVp8SgM9nzunxV5DP4%2FjjmotHkolpSPE4eu4StZOe2OYsQqj9WcoTQFa4CkCEubGlNuIRqhVKX3RIZpNyMvG2tonygOG4F6SChPUyMUZs5Onif%2BsKqihHaRc"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 630a13cf8b3d4e0d-FRA
content-encoding: br

GET
H2

200

photo-1438375377985-cc22e0503a6f
images.unsplash.com/
Redirect Chain

https://source.unsplash.com/XT5OInaElMw/1600x900
https://images.unsplash.com/photo-1438375377985-cc22e0503a6f?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=900&ixid=MXwxfDB8MXxhbGx8fHx8fHx8fA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=re...

273 KB
273 KB

30ms
13ms

Image
image/jpeg

2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1438375377985-cc22e0503a6f?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=900&ixid=MXwxfDB8MXxhbGx8fHx8fHx8fA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1600

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

271ffc5e2d51bbfb970301163b30ab0170ee3e982f2f82509430be95fc0af736

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 12:32:31 GMT
server: imgix
age: 3501219
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: de9c27e5ba938b42ba87aeda5a00f67ad1fb8277
accept-ranges: bytes
content-length: 279157
x-served-by: cache-sjc10068-SJC, cache-fra19120-FRA

Redirect headers

Date: Tue, 16 Mar 2021 01:06:10 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-Id: 0107a2b2-8cfb-4217-ae00-6f9cd154f44f
X-Runtime: 0.012220
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=utf-8
Location: https://images.unsplash.com/photo-1438375377985-cc22e0503a6f?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=900&ixid=MXwxfDB8MXxhbGx8fHx8fHx8fA&ixlib=rb-1.2.1&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=1600
Cache-Control: no-cache

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.mrpaulxavier.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:06:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 421176
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 11 Mar 2022 04:06:34 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 13ms
13ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.mrpaulxavier.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2393829
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77400
cf-request-id: 08da2ab60200002c4efd0bd000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-12e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G8ybAnWC8rgRYU0Fglr1P4TrP1vIexBE2NitWJ78M%2FbzjD5pELp2oQHjOV8uiaDpAz0bKjDEkNQxTE41dXxkebS5n8aGoPYQXQAOVCU%2Bo5KRpzyDBA9EpaGoXPX5ZEnHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 630a13d0089e2c4e-FRA
expires: Sun, 06 Mar 2022 01:06:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3815
date: Tue, 16 Mar 2021 00:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 02:02:35 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 33ms
10ms Script
application/x-javascript 2a02:26f0:2100:1a6::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2100:1a6::25ea Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 01:06:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=17776
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 getTrackingCode Show response
qd236.infusionsoft.com/app/webTracking/ 7 KB
3 KB 194ms
168ms Script
text/javascript 2606:4700::6812:f74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qd236.infusionsoft.com/app/webTracking/getTrackingCode?trackingId=c3dfbd3ea11107abe443f9b40fc6564f

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b2645c8f9b030cca040c7aa8f95451030d5f9ca96a92e2a21b5dfadf78229f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000;includeSubDomains
cf-request-id: 08da2ab6b500004a9e90b61000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 google
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
cf-ray: 630a13d12caa4a9e-FRA
expires: Tue, 16 Mar 2021 01:06:10 GMT

GET
H2 200 t97e6aba92565fc53fb4503f4bd03afc6.js Show response
d2ieqaiwehnqqp.cloudfront.net/ 132 KB
22 KB 81ms
27ms Script
text/javascript 65.9.67.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2ieqaiwehnqqp.cloudfront.net/t97e6aba92565fc53fb4503f4bd03afc6.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1b8603a5e6199a0b9e61b0d0087887ff83daf539b62dfbbe02bcb0690e5c1aa

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 06:44:26 GMT
content-encoding: gzip
last-modified: Mon, 25 May 2020 22:38:25 GMT
server: AmazonS3
age: 66105
etag: W/"4e5121e8c7ba76ede25fa2b020c4c2fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: C7GhDJmYMxYEoORHuBf90wgtKOdkmN3nazJCWUOL2ocqQFdHbtSWQQ==

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 47ms
32ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-816042378

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6GWVF

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c970f00de88391c4dcc4ac2c14cef40b39cf4076324339e0b3dc1884e61a7cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38908
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 01:06:10 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: efaHcDHtLOgpwultgz7A08LnbvF08kwkP/9x4uy84ybp+bR3sODUJ6L8ICu0bLEsq4G6crHelRK5VB29kN9Xzw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 16 Mar 2021 01:06:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 34ms
17ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 78
x-cache: Hit from cloudfront
cf-request-id: 08da2ab6b00000d6e5989cb000000001
last-modified: Mon, 22 Feb 2021 18:41:52 GMT
server: cloudflare
etag: W/"1e16152334c325a4abb81f1a8ee52e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
cf-ray: 630a13d11c58d6e5-FRA
x-amz-cf-id: jRrH8l_r-Z55cv8vP872dccZfETLBl7IwHRG4WSF-4Iv0j3x8EZlDg==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
392 B 45ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1491551373&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrpaulxavier.com%2F&ul=en-us&de=UTF-8&dt=Paul%20Xavier%20Official&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=281549595&gjid=61923735&cid=1469438388.1615856771&tid=UA-98246218-1&_gid=1236895961.1615856771&_r=1&gtm=2wg330K6GWVF&z=68936682

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrpaulxavier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 320536958845920 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 81ms
81ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/320536958845920?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1525241cd7e07eb2c68b2b1b1bc39f55d3f61c35d978b85fc1d029cf64072ba8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ymFvfVQoNIuS89M5iQBhCBJ6V1FbutN/LQSvL6ky911WD9Jftvij2vSeEoztatzF9p4pGlBfRGJSVrEeA4o6oA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 01:06:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1773602%26time%3D1615856770755%26url%3Dhttps%253A%252F%252Fwww.mrpaulxavier.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&liSync=true

0
57 B

204ms
204ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&liSync=true
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: GLJALSytbBaQsQnD3ioAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: memXISytbBaAKwVXeSsAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 9103AC9F38A740069388F4C8AB4A78B9 Ref B: FRAEDGE0918 Ref C: 2021-03-16T01:06:11Z
date: Tue, 16 Mar 2021 01:06:10 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1773602&time=1615856770755&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
416 B 420ms
418ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=475334047&u=https%3A%2F%2Fwww.mrpaulxavier.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 529285a3719b5395898b41be962f286a328a06fb03749faff08047ee8ee02c15

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
cf-ray: 630a13d14c72d6e5-FRA
cf-request-id: 08da2ab6cc0000d6e5e12d7000000001

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-98246218-1&cid=1469438388.1615856771&jid=281549595&gjid=61923735&_gid=1236895961.1615856771&_u=YEBAAAAAAAAAAC~&z=1718189033

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 01:06:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.mrpaulxavier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-98246218-1&cid=1469438388.1615856771&jid=281549595&_u=YEBAAAAAAAAAAC~&z=1900205864

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-98246218-1&cid=1469438388.1615856771&jid=281549595&_u=YEBAAAAAAAAAAC~&z=1900205864

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 01:06:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame DD20 80 KB
31 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ND6W6PN

Requested by

Host: proto.paidtoday.com
URL: https://proto.paidtoday.com/p/http://www.mrpaulxavier.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80f168585a10cb7f2cc6af57c7f93a48d88942c17ab5ab89f0c1ff8c4654ba9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://proto.paidtoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32017
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 01:06:10 GMT

GET
H2 200 3018702641492519 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3018702641492519?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a6c0685bb4cfa8cfb65969c51e4ce338ba1c1c38084915b1572b0134b23c2df

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: aNzqQIYhgqyls+hpwXQTL5SoG/n2G8zAcrENJ9yuEolFPrvErXp+cw9Kb+nzAuUjyh5hAoHyJhT/obTOAGW8cA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 01:06:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=320536958845920&ev=PageView&dl=https%3A%2F%2Fwww.mrpaulxavier.com%2F&rl=&if=false&ts=1615856770858&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615856770856.1876810680&it=1615856770750&coo=false&rqm=GET

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Mar 2021 01:06:10 GMT

GET
H2 200 gusid Show response
175313.tracking.hyros.com/v1/lst/ 0
462 B 302ms
111ms XHR
text/plain 54.210.24.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175313.tracking.hyros.com/v1/lst/gusid
Requested by: Host: 175313.tracking.markethero.io
URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-24-203.compute-1.amazonaws.com
Software: Jetty(9.4.9.v20180320) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.mrpaulxavier.com/
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
session-id: HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
etag: HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.mrpaulxavier.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0
server: Jetty(9.4.9.v20180320)

OPTIONS
H2 200 gusid
175313.tracking.hyros.com/v1/lst/ Frame 0
0 302ms
100ms Preflight
application/vnd.sun.wadl+xml 54.210.24.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175313.tracking.hyros.com/v1/lst/gusid
Protocol: H2
Server: 54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-24-203.compute-1.amazonaws.com
Software: Jetty(9.4.9.v20180320) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Origin: https://www.mrpaulxavier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
content-type: application/vnd.sun.wadl+xml;charset=utf-8
content-length: 1322
access-control-allow-origin: https://www.mrpaulxavier.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
allow: HEAD,GET,OPTIONS
last-modified: Tue, 16 Mar 2021 01:06:11 UTC
server: Jetty(9.4.9.v20180320)

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame DD20 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND6W6PN

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://proto.paidtoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3815
date: Tue, 16 Mar 2021 00:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 02:02:35 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame DD20 99 KB
39 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-73671-22

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND6W6PN

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e1a63356ea4fb79409799e099e0599273a7bcc40f1f9b1f0423a1307e32083a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://proto.paidtoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39705
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 01:06:10 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame DD20 13 KB
6 KB 98ms
53ms Script
application/javascript 13.226.159.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-78.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6a7b9101cdef7bb2896628ff862d93a60ece90488ac036e16c997e2f27acded2

Request headers

Referer: https://proto.paidtoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: DUS51-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5492
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
x-amz-cf-id: C7srgDDofjEToIOapUuBRZuNfiy6rJyjm7scX_-tQyn7LucosunLaw==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame DD20 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-73671-22

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://proto.paidtoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3815
date: Tue, 16 Mar 2021 00:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 02:02:35 GMT

GET
H2 200 / Show response
ip.itracker360.com/ 14 B
186 B 223ms
143ms XHR
text/plain 142.250.185.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ip.itracker360.com/
Requested by: Host: d2ieqaiwehnqqp.cloudfront.net
URL: https://d2ieqaiwehnqqp.cloudfront.net/t97e6aba92565fc53fb4503f4bd03afc6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: f4aa5a3b3420b193597567f536578c6edb5204a3b119c65701208c20befde87c

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-cloud-trace-context: 982e01c5e2dcf4465c8e2eddd08fe95c
cache-control: no-cache
content-length: 34

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 32 KB
13 KB 81ms
31ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-816042378

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12620
x-xss-protection: 0
server: cafe
etag: 4454677202539371103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 01:06:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3018702641492519&ev=PageView&dl=https%3A%2F%2Fwww.mrpaulxavier.com%2F&rl=&if=false&ts=1615856770963&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615856770856.1876810680&it=1615856770750&coo=false&rqm=GET

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Mar 2021 01:06:10 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame B529 0
203 B 55ms
23ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=55fd23a1-d4f8-4ae9-b583-25760bb60c99

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=55fd23a1-d4f8-4ae9-b583-25760bb60c99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://proto.paidtoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://proto.paidtoday.com/

Response headers

server: nginx/1.17.3
date: Tue, 16 Mar 2021 01:06:11 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ Frame DD20 22 KB
8 KB 71ms
28ms Script
application/javascript 13.226.159.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-78.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin: https://proto.paidtoday.com
Referer: https://proto.paidtoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 22:57:08 GMT
content-encoding: gzip
age: 7744
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: hR9LDXeelV0MDDb2tFdnwbeZ9G5Ie5-cFVc_X7ndIZ2pa9nB4hJHiQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/816042378/ 2 KB
2 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/816042378/?random=1615856771057&cv=9&fst=1615856771057&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&tiba=Paul%20Xavier%20Official&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b1466cd0a5d3bb89a38ca57823d0b32e72215bb032b0e7ce1229f757df70256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 01:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 p Show response
tr.snapchat.com/ Frame EF9F 0
362 B 61ms
26ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 337
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://proto.paidtoday.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://proto.paidtoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://proto.paidtoday.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://proto.paidtoday.com/

Response headers

server: nginx/1.17.3
date: Tue, 16 Mar 2021 01:06:11 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQQhegOWdT6RUcPxtCrti0vvUacdv0UEZR/a3TB5zx9NiRVT74AXwHHewyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/816042378/ 42 B
530 B 67ms
52ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/816042378/?random=1615856771057&cv=9&fst=1615856400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&tiba=Paul%20Xavier%20Official&async=1&fmt=3&is_vtc=1&random=3493952541&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 01:06:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/816042378/ 42 B
530 B 70ms
54ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/816042378/?random=1615856771057&cv=9&fst=1615856400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&tiba=Paul%20Xavier%20Official&async=1&fmt=3&is_vtc=1&random=3493952541&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mrpaulxavier.com
URL: https://www.mrpaulxavier.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 01:06:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
271 B 309ms
106ms Script
text/javascript 34.202.184.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=475334047&prismid=34d2726a-908a-4ba4-95c2-b267c4158592&url=https%3A%2F%2Fwww.mrpaulxavier.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.184.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-184-68.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
server: Apache/2.4.46 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
84 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQi2cy6dJQLZHxzBT

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 16 Mar 2021 01:06:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.mrpaulxavier.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAPB0h9Yk05LailxJ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 16 Mar 2021 01:06:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.mrpaulxavier.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

OPTIONS
H2 200 pc
175313.tracking.hyros.com/v1/lst/ Frame 0
0 96ms
96ms Preflight
application/vnd.sun.wadl+xml 54.210.24.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175313.tracking.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36
Protocol: H2
Server: 54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-24-203.compute-1.amazonaws.com
Software: Jetty(9.4.9.v20180320) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,session-id
Origin: https://www.mrpaulxavier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
content-type: application/vnd.sun.wadl+xml;charset=utf-8
content-length: 2148
access-control-allow-origin: https://www.mrpaulxavier.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,session-id
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
allow: HEAD,GET,OPTIONS
last-modified: Tue, 16 Mar 2021 01:06:11 UTC
server: Jetty(9.4.9.v20180320)

GET
H2 200 pc Show response
175313.tracking.hyros.com/v1/lst/ 0
461 B 103ms
103ms XHR
text/plain 54.210.24.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175313.tracking.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fwww.mrpaulxavier.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36
Requested by: Host: 175313.tracking.markethero.io
URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.24.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-24-203.compute-1.amazonaws.com
Software: Jetty(9.4.9.v20180320) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.mrpaulxavier.com/
Session-ID: HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

date: Tue, 16 Mar 2021 01:06:11 GMT
session-id: HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
etag: HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.mrpaulxavier.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0
server: Jetty(9.4.9.v20180320)

GET
H2 200 websiteTriggerIframe Show response
qd236.infusionsoft.app/app/webTracking/ Frame 9ADD 1 KB
2 KB 200ms
169ms Document
text/html 2606:4700::6813:9856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe

Requested by

Host: qd236.infusionsoft.com
URL: https://qd236.infusionsoft.com/app/webTracking/getTrackingCode?trackingId=c3dfbd3ea11107abe443f9b40fc6564f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d58f7667476385af3f2ffddb2123e8a3b8b452ef56d1d9a452d7e7b5d46ed0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: qd236.infusionsoft.app
:scheme: https
:path: /app/webTracking/websiteTriggerIframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mrpaulxavier.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.mrpaulxavier.com/

Response headers

date: Tue, 16 Mar 2021 01:06:12 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=de899ce94ff3816ce424a7251007631161615856772; expires=Thu, 15-Apr-21 01:06:12 GMT; path=/; domain=.infusionsoft.app; HttpOnly; SameSite=Lax; Secure JSESSIONID=762F73EAB90ED9A6E89E4A05C8D995EF; Path=/; Secure; HttpOnly GCLB=CIafheLz5JPF0gE; path=/; HttpOnly; expires=Tue, 16-Mar-2021 13:06:12 GMT __cf_bm=b7ba119be32ef5e625db1f45ca1ff2cfe21fb7a5-1615856772-1800-AXX4BAbVXQfAxxn/oMhyiqyV+89UrBJMBw9WVQSI01FvPbvmr0z2oxtYc+xfico6nmXxs34q1Dz5Etyb3U2fJuGu9xExy0x3lafFi91JtTi4; path=/; expires=Tue, 16-Mar-21 01:36:12 GMT; domain=.infusionsoft.app; HttpOnly; Secure; SameSite=None
pragma: no-cache
cache-control: no-cache, no-store
expires: Tue, 16 Mar 2021 01:06:12 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-language: en-US
vary: Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 08da2abc130000c303e6837000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 630a13d9bd08c303-FRA
content-encoding: gzip

GET
H2 200 api.js Show response
qd236.infusionsoft.app/cdn-cgi/bm/cv/669835187/ Frame 9ADD 35 KB
9 KB 9ms
8ms Script
text/javascript 2606:4700::6813:9856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qd236.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: qd236.infusionsoft.app
URL: https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 630a13dacd81c303-FRA
cf-request-id: 08da2abcc10000c303ce0e7000000001

GET
H2

200

spacer.gif
qd236.infusionsoft.app/slices/
Redirect Chain

https://qd236.infusionsoft.app/app/webTracking/contact/1615856770926?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.mrpaulxavier.com&location=https://www.mrpaulxavier....
https://qd236.infusionsoft.app/slices/spacer.gif

43 B
279 B

19ms
19ms

Image
image/gif

2606:4700::6813:9856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qd236.infusionsoft.app/slices/spacer.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrpaulxavier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63157
vary: Accept-Encoding
cf-request-id: 08da2abd7d0000c303e3038000000001
last-modified: Sat, 13 Mar 2021 17:48:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"43-1615657727000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: image/gif;charset=UTF-8
via: 1.1 google
x-xss-protection: 1; mode=block
cache-control: public, max-age=31490843
cf-ray: 630a13dbfdf8c303-FRA
expires: Tue, 15 Mar 2022 12:33:35 GMT

Redirect headers

date: Tue, 16 Mar 2021 01:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
strict-transport-security: max-age=31536000;includeSubDomains
cf-request-id: 08da2abcd00000c303a8827000000001
pragma: no-cache, no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: /slices/spacer.gif
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, no-cache, no-store
cf-ray: 630a13daed8bc303-FRA
expires: Tue, 16 Mar 2021 01:06:12 GMT, -1

POST
H2 204 result Show response
qd236.infusionsoft.app/cdn-cgi/bm/cv/ Frame 9ADD 0
357 B 10ms
10ms XHR
text/plain 2606:4700::6813:9856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd236.infusionsoft.app/cdn-cgi/bm/cv/result?req_id=630a13d9bd08c303
Requested by: Host: qd236.infusionsoft.app
URL: https://qd236.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://qd236.infusionsoft.app/app/webTracking/websiteTriggerIframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Mar 2021 01:06:12 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 630a13dbadd5c303-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-request-id: 08da2abd4b0000c303ea37b000000001

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.snapchat.com/	1970-01-20 02:12:32	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQQhegOWdT6RUcPxtCrti0vvUacdv0UEZR/a3TB5zx9NiRVT74AXwHHewyAAAA
.mrpaulxavier.com/	1970-01-19 17:34:08	Name: __cfduid Value: de04bdcea5d770ce5cf0fd098b801200e1615856770
.mrpaulxavier.com/	1970-01-19 17:34:08	Name: prism_475334047 Value: 34d2726a-908a-4ba4-95c2-b267c4158592
.mrpaulxavier.com/	1970-01-19 16:50:56	Name: _gat_UA-98246218-1 Value: 1
.mrpaulxavier.com/	1970-01-19 19:00:32	Name: _fbp Value: fb.1.1615856770856.1876810680
www.mrpaulxavier.com/	1970-01-19 16:51:00	Name: ptpx Value: 1972765
www.mrpaulxavier.com/	1970-01-20 01:35:06	Name: ptx Value: 1871005
.mrpaulxavier.com/	1970-01-19 16:52:23	Name: _gid Value: GA1.2.1236895961.1615856771
.mrpaulxavier.com/	1970-01-20 10:22:08	Name: _ga Value: GA1.2.1469438388.1615856771
.mrpaulxavier.com/	1970-01-20 01:36:32	Name: iTracker360 Value: sou%3Ddirect%7Cmed%3Dnone%7Cter%3D-%7Ccon%3D-%7Ccam%3Ddirect%7Cref%3Dhttps%253A//www.mrpaulxavier.com/%7Cfirstlpurl%3Dhttps%253A//www.mrpaulxavier.com/%7Cgcl%3D%7Cgaclientid%3D%7Cleadsource%3Ddirect%7Cip%3D%7Ccustomfield1%3D%7Ccustomfield2%3D%7Ccustomfield3%3D%7Ccustomfield4%3D
.mrpaulxavier.com/	1970-01-19 19:00:32	Name: _gcl_au Value: 1.1.1816074361.1615856771

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.mrpaulxavier.com/(Line 432) Message: pathname /
console-api	log	URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking(Line 1) Message: %c [UTS] [gusid]: HB-ET_01c374ec59e2bc089a350b6d4d4a25cd145b9caf069d341b1f4ca78b73159258 color: green;
console-api	log	URL: https://175313.tracking.markethero.io/v1/lst/universal-script?ph=fbbe07f66b4c6a7ab6a5f8b9504f76d4145397371ae2273b24254788cf5444d8&tag=!tracking(Line 1) Message: %c [UTS] [pc] color: green;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175313.tracking.hyros.com
175313.tracking.markethero.io
cdnjs.cloudflare.com
connect.facebook.net
d2ieqaiwehnqqp.cloudfront.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.unsplash.com
ip.itracker360.com
paidtoday-dev.s3.us-west-2.amazonaws.com
prism.app-us1.com
proto.paidtoday.com
px.ads.linkedin.com
qd236.infusionsoft.app
qd236.infusionsoft.com
sc-static.net
snap.licdn.com
source.unsplash.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tr.snapchat.com
trackcmp.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.mrpaulxavier.com
13.226.159.78
142.250.185.226
142.250.185.243
2606:4700:20::681a:392
2606:4700:3035::ac43:ccf1
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6811:925b
2606:4700::6812:bcf
2606:4700::6812:f74
2606:4700::6813:9856
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:802::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9b
2a02:26f0:2100:1a6::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::720
34.202.184.68
35.186.226.184
50.19.119.4
52.218.144.17
54.210.24.203
65.9.67.124
0069c6751c67ba4fe306b839db52e6a742eddbc035cbd55e76ea96b8786ae779
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
0ab839d98d2e828636527a16f34d36a21bbaf0193ee9ef92468be41393d87295
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d90f7c8c022bef1df08221b793bb2274c1459216f3d72741d6ef3e921e168a3
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1525241cd7e07eb2c68b2b1b1bc39f55d3f61c35d978b85fc1d029cf64072ba8
1e1a63356ea4fb79409799e099e0599273a7bcc40f1f9b1f0423a1307e32083a
271ffc5e2d51bbfb970301163b30ab0170ee3e982f2f82509430be95fc0af736
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
387462db7ba8e3ddf0f96c1950abde96b1d9b904d8d4267c11296b6a12f4900e
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
3cfe8dae375e057ea0c9cb5c7582757baca78afa1706fdc79f0ef5babcf1af15
4e88ab4aced4701989a910d3cf7d6241edf3d4144ad52951fa33ea0a899a8643
529285a3719b5395898b41be962f286a328a06fb03749faff08047ee8ee02c15
57ef1202dcc3e16075fa34718428aca6e6601ee6569ca0f3fa732586acd8d9dc
5e6babaf85a7e8131f0b2f846c39a669d4a89120492d1d8573b6ceeda04fa1d8
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
613334e42b987fd393c4540e07b158d40af0f50ed619662969251a136a52f992
686df862397dbdac4d25f621a8120af3b5af1ff03cfa325ea5e870c329c4486a
6a7b9101cdef7bb2896628ff862d93a60ece90488ac036e16c997e2f27acded2
70fc92b77aa40f635af83119f62e4b0e2b82bf63a3791cffd3f0098a8b5924bd
7583e24e66cf2e38ff5dbedd1f97f635ac681ff5c4a6bf70b28575a2c9b77eb7
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
80f168585a10cb7f2cc6af57c7f93a48d88942c17ab5ab89f0c1ff8c4654ba9d
829dd2bacd67d191fe0656618b68846a769a63f798bce7dcc3bc9ada92541cac
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6c0685bb4cfa8cfb65969c51e4ce338ba1c1c38084915b1572b0134b23c2df
8b2645c8f9b030cca040c7aa8f95451030d5f9ca96a92e2a21b5dfadf78229f4
8b8a6e32d22be7c6eec24e55efcb3d0501aaf1eba021667da2260ce219d35bc4
8d58f7667476385af3f2ffddb2123e8a3b8b452ef56d1d9a452d7e7b5d46ed0f
8db98c24c280b8760083ceb567f117d665ac5fa92a706487c2c01862995cbf85
9b1466cd0a5d3bb89a38ca57823d0b32e72215bb032b0e7ce1229f757df70256
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a43312749a32fcb09fb3308e76ce73928f032ad195e65b0b36b9b573c1cc4805
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
babe7f8bc2ba948aed2fcad7faa23f65ae65a0f05a3fbe495983fc4fe5ac0e12
bb1844dd0ff9db482d80b5be84701ff978da25332c9369f5a23c321cfc02fe6b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c970f00de88391c4dcc4ac2c14cef40b39cf4076324339e0b3dc1884e61a7cd5
d026639bc308693e757229f6789758d3735511701d19759b1f9d3daa4b26566c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1b8603a5e6199a0b9e61b0d0087887ff83daf539b62dfbbe02bcb0690e5c1aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a5aa647585eeefc3eba998efede57dcbec1d08444da45b7ab3c87d35c88640
e6f38187727f672152e8aca0ba8bb332a29b1e43cd340a70d47b12066c6028ab
ee47f190737583b975ad3a02e45ca2f0f8e7fec650494a80d0e8dad4b5bc546b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4aa5a3b3420b193597567f536578c6edb5204a3b119c65701208c20befde87c
f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e
fd4e304872ffca82ac8756ed673168aa0c14c2ee82c571ab881cb8e0ac99f595

www.mrpaulxavier.com Open in urlscan Pro 2606:4700:3035::ac43:ccf1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

73 %IPv6

28 Domains

32 Subdomains

31 IPs

3 Countries

1890 kBTransfer

3273 kBSize

11 Cookies

7 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.mrpaulxavier.com Open in urlscan Pro
2606:4700:3035::ac43:ccf1 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

73 %
IPv6

28
Domains

32
Subdomains

31
IPs

3
Countries

1890 kB
Transfer

3273 kB
Size

11
Cookies

72 HTTP transactions
0 data transactions