B-status and 2 issues: https://sritest.io/#report/c6026c70-fba9-434b-869d-bab68400802e

Some issues on jQuery script: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fwww.paladinsec.com

Reirable jQuery libraries, 2 vuln. detected: http://retire.insecurity.today/#!/scan/5ed3a576c6f80cec155cda34a45c4247994d2fe82de5418844c5c10eabe668cf

Loaded Resources not being compromised!
Compromised sites will often be linked to malicious javascript or iframes in an attempt to attack users of your WordPress installation. Look over the listed resources, you should be familiar with all scripts and investigate ones you are not sure. In addition removal of unneeded javascript will speed up your website. Certificate properly installed.

Check: js_composer for latest update!

DNS issues: SOA Mname
WARNING: Primary name server ns.rackspace.com. listed in SOA Record is not found at the parent name servers. The MNAME field defines the Primary Master name server for the zone, this name server should be found in your NS records.

Check MX Records for Duplicates
WARNING: MX records duplicates (same IP address):
2607:f8b0:4003:c03::1a: [-alt2.aspmx.l.google.com. -aspmx3.googlemail.com.]
2607:f8b0:400e:c04::1a: [-alt1.aspmx.l.google.com. -aspmx2.googlemail.com.]
74.125.28.26: [-alt1.aspmx.l.google.com. -aspmx2.googlemail.com.]
74.125.30.26: [-alt2.aspmx.l.google.com. -aspmx3.googlemail.com.]
Although technically valid, duplicate MX records have no benefits and can cause confusion.

Re: https://www.scamadviser.com/check-website/paladinsec.com gets an all-green.
and https://aw-snap.info/file-viewer/?protocol=secure&tgt=www.paladinsec.com&ref_sel=GSP2&ua_sel=ff&fs=1

polonus (volunteer website security analyst and website error-hunter)