urlscan.io logo urlscan.io
SecurityTrails logo

app.joinpaladin.com Open in urlscan Pro
2606:4700:20::681a:fe3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email-links.joinpaladin.com/ls/click?upn=LPr-2BDUqb5ishjrNzTU-2BYXsGHIkOqNqQCFVFMgjRmn0Xh51zs4Wz7IP2SAAOPTI-2BObNnFpiAPCNlt-...
Effective URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Submission: On April 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 39 HTTP transactions. The main IP is 2606:4700:20::681a:fe3, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.joinpaladin.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 3rd 2020. Valid for: 8 months.
This is the only time app.joinpaladin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.52 11377 (SENDGRID)
1 8 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.171.199.207 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.111.215.74 16625 (AKAMAI-AS)
4 23.111.9.35 33438 (HIGHWINDS2)
1 2a04:4e42:200... 54113 (FASTLY)
1 143.204.99.83 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.71.121.82 16509 (AMAZON-02)
1 1 13.224.194.51 16509 (AMAZON-02)
5 13.225.73.86 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 75.2.88.188 16509 (AMAZON-02)
39 14
1    167.89.118.52 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net
email-links.joinpaladin.com
8    2606:4700:20::681a:fe3 (United States)

ASN13335 (CLOUDFLARENET, US)
app.joinpaladin.com
2    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    35.171.199.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-199-207.compute-1.amazonaws.com
addtocalendar.com
2    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.111.215.74 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com
use.typekit.net
p.typekit.net
4    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a04:4e42:200::729 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    143.204.99.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net
cdn.segment.com
3    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.71.121.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-121-82.us-west-2.compute.amazonaws.com
api.segment.io
1    13.224.194.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-51.fra2.r.cloudfront.net
widget.intercom.io
5    13.225.73.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-86.fra2.r.cloudfront.net
js.intercomcdn.com
3    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Domain Requested by
8 app.joinpaladin.com 1 redirects app.joinpaladin.com
5 js.intercomcdn.com js.intercomcdn.com
5 cdn.jsdelivr.net app.joinpaladin.com
4 use.fontawesome.com app.joinpaladin.com
use.fontawesome.com
3 www.google-analytics.com cdn.segment.com
3 fonts.gstatic.com app.joinpaladin.com
2 fonts.googleapis.com app.joinpaladin.com
2 addtocalendar.com app.joinpaladin.com
2 cdnjs.cloudflare.com app.joinpaladin.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 api.segment.io app.joinpaladin.com
1 cdn.segment.com app.joinpaladin.com
1 p.typekit.net app.joinpaladin.com
1 cdn.ravenjs.com app.joinpaladin.com
1 use.typekit.net app.joinpaladin.com
1 email-links.joinpaladin.com 1 redirects
39 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-03 -
2020-10-09		 8 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-22 -
2020-08-30		 6 months crt.sh
addtocalendar.com
Amazon		 2019-11-03 -
2020-12-03		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-03-18 -
2020-12-18		 9 months crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2019-06-24 -
2020-07-01		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.intercomcdn.com
Amazon		 2020-03-29 -
2021-04-29		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.intercom.com
Amazon		 2019-06-11 -
2020-07-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://app.joinpaladin.com/account/login/?next=/account/preferences
Frame ID: A2BA575989CE3E28E83B7C60DE2FA9F9
Requests: 34 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.554510f2.js
Frame ID: ABDFD95E50F295B9B2D377B43F5CAE39
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://email-links.joinpaladin.com/ls/click?upn=LPr-2BDUqb5ishjrNzTU-2BYXsGHIkOqNqQCFVFMgjRmn0Xh51zs4Wz7IP2SAAO... HTTP 302
    https://app.joinpaladin.com/account/preferences HTTP 302
    https://app.joinpaladin.com/account/login/?next=/account/preferences Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i
Overall confidence: 100%
Detected patterns
  • html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /lodash.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i
Overall confidence: 100%
Detected patterns
  • script /select2(?:\.min|\.full)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /select2(?:\.min|\.full)?\.js/i

Page Statistics

39
Requests

100 %
HTTPS

44 %
IPv6

14
Domains

17
Subdomains

14
IPs

4
Countries

818 kB
Transfer

2765 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email-links.joinpaladin.com/ls/click?upn=LPr-2BDUqb5ishjrNzTU-2BYXsGHIkOqNqQCFVFMgjRmn0Xh51zs4Wz7IP2SAAOPTI-2BObNnFpiAPCNlt-2BqMEGDWh-2BQ-3D-3Dve2i_CPZ-2Bb43KFcMLpejZvIUJ4LL1fso2Yac4BAuRdDQ2LyB5z9ph5aEM6MaIIAgKp2Ja-2Fx8VdkawQgLd9j8E1-2Bg5uxoRCmNIrB0Eps1i0TAdBcir2KPtZL-2BKV7vLUHCKlBZQBNwKDDo2qLJuryHawX-2FEoe5jsjssXgMEYiRLvId5HLZqpG9dFvZM0ZnYSZOmAIaGKj6Fz43ZG8EgRIaWABi3FqgrHCNUvJ4v0uINVcDi01g1pdgLNeYNLj-2B4RYn9bHj0HomnvVhzSJNVIIHpwhaQ6Q-3D-3D HTTP 302
    https://app.joinpaladin.com/account/preferences HTTP 302
    https://app.joinpaladin.com/account/login/?next=/account/preferences Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://widget.intercom.io/widget/fjw5udqb HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.joinpaladin.com/account/login/
Redirect Chain
  • http://email-links.joinpaladin.com/ls/click?upn=LPr-2BDUqb5ishjrNzTU-2BYXsGHIkOqNqQCFVFMgjRmn0Xh51zs4Wz7IP2SAAOPTI-2BObNnFpiAPCNlt-2BqMEGDWh-2BQ-3D-3Dve2i_CPZ-2Bb43KFcMLpejZvIUJ4LL1fso2Yac4BAuRdDQ2...
  • https://app.joinpaladin.com/account/preferences
  • https://app.joinpaladin.com/account/login/?next=/account/preferences
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba9d54bfc2c0c117e44b2e07eeb0464e557a3f2b4069d3587a0a2575d1666a3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
app.joinpaladin.com
:scheme
https
:path
/account/login/?next=/account/preferences
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d7b85fb5d9dade5bdd5db6abe54e1cb4e1585884192; paladin_csrftoken_v2=EoQnN3D8F3CYGKxMAhkKIbmGK1CsyG5i8n4w3amsytBHaf28wyVXTC9k1aQjs0gy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 03 Apr 2020 03:23:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding, Cookie
expires
Fri, 03 Apr 2020 03:23:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
set-cookie
paladin_csrftoken_v2=EoQnN3D8F3CYGKxMAhkKIbmGK1CsyG5i8n4w3amsytBHaf28wyVXTC9k1aQjs0gy; Domain=.joinpaladin.com; expires=Fri, 02 Apr 2021 03:23:13 GMT; Max-Age=31449600; Path=/; SameSite=Lax
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
server
cloudflare
cf-ray
57dfab6d2b08d6f9-FRA
content-encoding
br

Redirect headers

status
302
date
Fri, 03 Apr 2020 03:23:12 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d7b85fb5d9dade5bdd5db6abe54e1cb4e1585884192; expires=Sun, 03-May-20 03:23:12 GMT; path=/; domain=.joinpaladin.com; HttpOnly; SameSite=Lax paladin_csrftoken_v2=EoQnN3D8F3CYGKxMAhkKIbmGK1CsyG5i8n4w3amsytBHaf28wyVXTC9k1aQjs0gy; Domain=.joinpaladin.com; expires=Fri, 02 Apr 2021 03:23:12 GMT; Max-Age=31449600; Path=/; SameSite=Lax
location
/account/login/?next=/account/preferences
vary
Cookie
expires
Fri, 03 Apr 2020 03:23:12 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
server
cloudflare
cf-ray
57dfab6a0eebd6f9-FRA
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/css/select2.min.css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
br
cf-cache-status
HIT
age
2547317
cf-ray
57dfab707861dfdf-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:26:42 GMT
server
cloudflare
etag
W/"5afd4ad2-3b5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Wed, 24 Mar 2021 03:23:13 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
daterangepicker.css
cdn.jsdelivr.net/bootstrap.daterangepicker/2/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap.daterangepicker/2/daterangepicker.css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4450a60b4d6d5b4a8304ade07576767dc3f64f7653b0f95bce43bf11d854b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
13378375
cf-ray
57dfab707ec1d6bd-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21030-AMS, cache-fra19171-FRA
server
cloudflare
etag
W/"1fe3-jx/kMZx21P8+U/YvEmOYzTpSnwg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
atc-style-menu-wb.css
addtocalendar.com/atc/1.5/ 		1 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://addtocalendar.com/atc/1.5/atc-style-menu-wb.css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.199.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-199-207.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9a9ad86719c640bc05f6fdbc34aaf7ea50470d91015928d00aedf393b5040b6f

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 03 Apr 2020 03:23:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Sep 2019 14:28:18 GMT
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Content-Length
504
hijack-styles.css
app.joinpaladin.com/static/hijack/ 		3 KB
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.joinpaladin.com/static/hijack/hijack-styles.css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c80e328d925e33899cf86116bbc66cc5eff40d28523b0b5e90d4882aab1e2d50
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:42:35 GMT
server
cloudflare
etag
W/"5e8615fb-baf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
57dfab707f9ad6f9-FRA
fullcalendar.min.css
cdn.jsdelivr.net/npm/fullcalendar@3.6.2/dist/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/fullcalendar@3.6.2/dist/fullcalendar.min.css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b3ff1dbd520621838623292d6d3985510b93260e39a37328d6684ea67f8c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cf-ray
57dfab707ec3d6bd-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19152-FRA
server
cloudflare
etag
W/"3d62-25FWZKOs6GYtzLFm+1C3K6UGOWc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
css
fonts.googleapis.com/ 		2 KB
547 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i&display=swap
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d457d1998aca6f9604e57461962f6030f9be8ce968577f37a98c43af2118500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 03:23:13 GMT
server
ESF
date
Fri, 03 Apr 2020 03:23:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Apr 2020 03:23:13 GMT
nwb5mum.css
use.typekit.net/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/nwb5mum.css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8fbb8050f3e30525b36da8ae8754d0bc2216d8fe7f176a2233cce2c7d165b6fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Fri, 03 Apr 2020 03:23:13 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
1049
paladin.d12ddf46098fd56ff42d.js
app.joinpaladin.com/static/bundles/ 		702 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.joinpaladin.com/static/bundles/paladin.d12ddf46098fd56ff42d.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd088640b28990bed1f3e1a7af74645db17ccbe58e0cfa613b5b27f530866c34
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:42:34 GMT
server
cloudflare
etag
W/"5e8615fa-af943"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
application/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
57dfab707fa1d6f9-FRA
vendor.5ddb9a94ffa46e03cd4a.js
app.joinpaladin.com/static/bundles/ 		173 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.joinpaladin.com/static/bundles/vendor.5ddb9a94ffa46e03cd4a.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed610a8f09be002ea82fcea4bb803ab708802f64e233b0e92dcc81f74950725
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:42:34 GMT
server
cloudflare
etag
W/"5e8615fa-2b2e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
application/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
57dfab707fa2d6f9-FRA
jdenticon@1.7.2
cdn.jsdelivr.net/npm/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jdenticon@1.7.2
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d98f31ef1b143587b55b057626ee856b69fc743194c0cd0880a130cdcf0345e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cf-ray
57dfab707ec6d6bd-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19152-FRA
server
cloudflare
etag
W/"1d72-LoHviEgPbQNOcIRv92tz5g38IAw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
lodash.min.js
cdn.jsdelivr.net/npm/lodash@4.17.10/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lodash@4.17.10/lodash.min.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc62b2274050243f1cf146207fbce206bb3f420722912ec5bff49a02b8017042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
4820692
cf-ray
57dfab707ec8d6bd-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19182-FRA
server
cloudflare
etag
W/"11dc5-3Yua/l+JdzCorEf8rqfElkJztUQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
mainStyles.ad243f920d4d1c324835.css
app.joinpaladin.com/static/bundles/styles/ 		202 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.joinpaladin.com/static/bundles/styles/mainStyles.ad243f920d4d1c324835.css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8baf5edb6d5434506ee248b199c805d21cdd51e42be72f7d1c1d1ef8108422e7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:42:34 GMT
server
cloudflare
etag
W/"5e8615fa-329d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
57dfab707f9dd6f9-FRA
237c72008e.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/237c72008e.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1d81b1b7047ca6b320fc9eef23a02237864907cf7117e6cc307c3c1698ebc4ac

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2017 17:21:13 GMT
server
NetDNA-cache/2.2
x-amz-request-id
88577C2D54FC2EF6
etag
W/"76534af6abb30c255ee4b6693fbf1da4"
x-cache
MISS
content-type
text/javascript
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
0JFV00yP6EBBXx9WMXDJ1HGI3Ef8P5/+yl5ytruumUVxXOJgrg7ajkumaEbFFEKZsAtXdgw10BM=
paladin-logotype-green.svg
app.joinpaladin.com/static/img/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.joinpaladin.com/static/img/paladin-logotype-green.svg
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76cfc829409956c1fe51761c111b76557fc3770b8ffbac1a6d15ddef1f613d81
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 03:23:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:42:34 GMT
server
cloudflare
etag
W/"5e8615fa-1ca5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
57dfab730ae1d6f9-FRA
atc.min.js
addtocalendar.com/atc/1.5/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addtocalendar.com/atc/1.5/atc.min.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.199.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-199-207.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4a5670d5cd304172362d8d5fa9725ae990c9af3c821d2a265be0f56a84f6810e

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 03 Apr 2020 03:23:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Sep 2019 14:28:18 GMT
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Content-Length
2215
select2.full.js
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/ 		158 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.full.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f05aee38016eb8a4980375be3063bc1c5a47d43d37c18308c7908b27045504e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
br
cf-cache-status
HIT
age
13378305
cf-ray
57dfab709890dfdf-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:25:33 GMT
server
cloudflare
etag
W/"5afd4a8d-27828"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 24 Mar 2021 03:23:13 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
daterangepicker.js
cdn.jsdelivr.net/bootstrap.daterangepicker/2/ 		68 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap.daterangepicker/2/daterangepicker.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a894d32cbc28f341d17e639f4df690600980656f74bc598d663cf0e679330b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
21952620
cf-ray
57dfab70bf39d6bd-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21040-AMS, cache-hhn4048-HHN
server
cloudflare
etag
W/"10fd4-0k4MmOWt0MBE816LUWR9vYvbiBw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
raven.min.js
cdn.ravenjs.com/3.25.2/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.25.2/raven.min.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8775a525529f29a7a50efda011c3a107c40b10224df38c8f041acd8634ea8b9f

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
Origin
https://app.joinpaladin.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
content-encoding
gzip
last-modified
Thu, 17 May 2018 08:32:11 GMT
server
Fastly
age
6011
etag
"3c5534ee7c0a0c94df677e78aca025e5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13526
legacyJs.397ca17b33734290cb91.js
app.joinpaladin.com/static/bundles/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.joinpaladin.com/static/bundles/legacyJs.397ca17b33734290cb91.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d36e8986b3df80520b16360ef918bdc1eabd8ccfc17cc4b84b40589e2091b7f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 16:42:34 GMT
server
cloudflare
etag
W/"5e8615fa-ae4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
application/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
57dfab710860d6f9-FRA
p.css
p.typekit.net/ 		5 B
168 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=nwb5mum&ht=tk&f=13464.13465.13466.13467.13468.13469.13470.13471.13472.13473.13474.13475&a=14658073&app=typekit&e=css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 03:23:13 GMT
last-modified
Mon, 21 Oct 2019 19:51:00 GMT
server
nginx
access-control-allow-origin
*
etag
"5dae0c24-5"
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
5
expires
Wed, 30 Oct 2019 04:50:36 GMT
css
fonts.googleapis.com/ 		2 KB
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i,700
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a25088d400c57f71c7c2625e905f33c0e6baac8f5678f5b4299e1946dd636f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Apr 2020 03:23:14 GMT
server
ESF
date
Fri, 03 Apr 2020 03:23:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Apr 2020 03:23:14 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/KjIUMvUnMpIITVDUwwFIRV6U8vv6fDiQ/ 		370 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/KjIUMvUnMpIITVDUwwFIRV6U8vv6fDiQ/analytics.min.js
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b975402bc2cdbf4249b58caa3d4b6a7a2f744ecec9be93727b3c4f1c72a1b01f

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 03:23:16 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
70792
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 23:07:55 GMT
server
AmazonS3
etag
"a64c4a2304a21be8ee488dafca688772"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
kHRDNT91TSVVBKU238fIBvEU4Bv2Ub6b
access-control-allow-origin
*
cache-control
public, max-age=300
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
x-amz-cf-id
aNM2T_YTiXzx7lE9XodV3yCDehq6X9GyZTYSJ4CBVgZMh3pugnAmvg==
237c72008e.css
use.fontawesome.com/ 		1 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/237c72008e.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/237c72008e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d3728d8549f63eb9b6da113350147bae0b810dd1065efe76696db0a894e25f4b

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 03:23:14 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2017 17:21:13 GMT
server
NetDNA-cache/2.2
x-amz-request-id
17E956BC4BDCC3A9
etag
W/"0c293fe1e412a31c16343dbc631c52cb"
x-cache
MISS
content-type
text/css
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
flcQjujxqow8E/B2ZT58cyVJh6BgXlcyzKxHjYT//lF+xPMhcsVrZyX23erhHH22a+waoJBNTDE=
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,400i&display=swap
Origin
https://app.joinpaladin.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 18:51:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
6078693
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 22 Jan 2021 18:51:41 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,700
Origin
https://app.joinpaladin.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 09:55:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
494836
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
0
expires
Sun, 28 Mar 2021 09:55:58 GMT
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,400i&display=swap
Origin
https://app.joinpaladin.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 09:56:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:51 GMT
server
sffe
age
6110780
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14864
x-xss-protection
0
expires
Fri, 22 Jan 2021 09:56:54 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 03 Apr 2020 03:23:14 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2016 17:21:58 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/account/login/?next=/account/preferences
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/237c72008e.css
Origin
https://app.joinpaladin.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 03:23:15 GMT
last-modified
Mon, 17 Jul 2017 16:24:59 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
77160
p
api.segment.io/v1/ 		21 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: app.joinpaladin.com
URL: https://app.joinpaladin.com/static/bundles/paladin.d12ddf46098fd56ff42d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.121.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-121-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
Origin
https://app.joinpaladin.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Fri, 03 Apr 2020 03:23:16 GMT
access-control-allow-origin
https://app.joinpaladin.com
content-length
21
vary
Origin
content-type
application/json
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/fjw5udqb
  • https://js.intercomcdn.com/shim.latest.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f0a45ac1d272d41b0420217bf8ff20f5eb22fc514064c9c8e2b1ac5cf22dd82

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 03:22:57 GMT
content-encoding
gzip
age
19
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
2827
last-modified
Fri, 03 Apr 2020 00:42:52 GMT
server
AmazonS3
etag
"fe92deb7a45460d81e4e5833fd6b0516"
content-type
application/javascript; charset=UTF-8
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
bj6j6X7RYd6HQXY8i9538iCoA8YClbaoleKjd98WRgEc1zkTR-Mn0Q==

Redirect headers

date
Tue, 17 Mar 2020 14:53:41 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
server
AmazonS3
age
1427375
location
https://js.intercomcdn.com/shim.latest.js
x-cache
Hit from cloudfront
status
302
x-amz-cf-pop
FRA2-C1
content-length
0
x-amz-cf-id
W0K-1jSZ1U2Lhn-SEevC6TCiY6vbNTbq1DDzjnUCbfM7pDpq7_aN3Q==
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KjIUMvUnMpIITVDUwwFIRV6U8vv6fDiQ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2983
date
Fri, 03 Apr 2020 02:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Fri, 03 Apr 2020 04:33:32 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=850902199&t=pageview&_s=1&dl=https%3A%2F%2Fapp.joinpaladin.com%2Faccount%2Flogin%2F%3Fnext%3D%2Faccount%2Fpreferences&dp=%2Faccount%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEAB~&jid=2089047859&gjid=2070654314&cid=872114999.1585884196&tid=UA-71535610-1&_gid=1526417395.1585884196&_r=1&z=1907090582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 03 Apr 2020 03:23:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=850902199&t=event&ni=1&_s=2&dl=https%3A%2F%2Fapp.joinpaladin.com%2Faccount%2Flogin%2F%3Fnext%3D%2Faccount%2Fpreferences&dp=%2Faccount%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Login%20Page&ev=0&_u=aEBAAEAB~&jid=&gjid=&cid=872114999.1585884196&tid=UA-71535610-1&_gid=1526417395.1585884196&z=412778015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.joinpaladin.com/account/login/?next=/account/preferences
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 31 Jan 2020 01:04:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5451515
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
frame-modern.554510f2.js
js.intercomcdn.com/ Frame ABDF 		208 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.554510f2.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36831a486d55f6160b47e009f221810c95d6134dee99047dbebcc103d343b5fb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 02:43:11 GMT
content-encoding
gzip
age
2419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
59120
last-modified
Fri, 03 Apr 2020 00:36:22 GMT
server
AmazonS3
etag
"5f6a0940c92b0ed9a382f75f19d1ed5a"
content-type
application/javascript; charset=UTF-8
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
RfYGwxGtP04Wkiw7DvIT7x-6yYPNe8PurP7jXjvrLuUSR3mLPkMPHg==
vendor-modern.1576f7a2.js
js.intercomcdn.com/ Frame ABDF 		153 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.1576f7a2.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cdf281b12c2026f4073a56bb191628ef490a2f7d21c122d0c1a413e3e432d51

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 02:30:03 GMT
content-encoding
gzip
age
3210
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
46566
last-modified
Thu, 02 Apr 2020 16:35:23 GMT
server
AmazonS3
etag
"4b7b26b03f78ebd89b3e7d9ce1ef8868"
content-type
application/javascript; charset=UTF-8
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
kCHmn1z2JtNFtprrUG0TfMDJbtUgOjPRL4KA9z7SMzlyKmFvZ-Sshw==
vendors~app-modern.fb9cbb83.js
js.intercomcdn.com/ Frame ABDF 		264 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.fb9cbb83.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.554510f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdd5c1d1d0722df5f5efa06ceb3ba8b58098fc8abc4b7ad7d9aba946df4218a2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 02:30:03 GMT
content-encoding
gzip
age
3204
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
83237
last-modified
Thu, 02 Apr 2020 16:35:23 GMT
server
AmazonS3
etag
"f8d547b09f2954b6ceaa29f44cc53fe5"
content-type
application/javascript; charset=UTF-8
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
bvNPMcGif3lknzStndQsDTuzrYLqPMXMRPqymzi3umtZ_qBNF30xSQ==
app-modern.780475cb.js
js.intercomcdn.com/ Frame ABDF 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.780475cb.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.554510f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
675be8551e6e3d0cb00f17ab1ee3aa995d89201fa32abb5318c188dd600d3dec

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 03 Apr 2020 02:31:22 GMT
content-encoding
gzip
age
3139
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
18804
last-modified
Thu, 02 Apr 2020 16:35:22 GMT
server
AmazonS3
etag
"8ce27e4e0032f96a73cefbc6c312f1b7"
content-type
application/javascript; charset=UTF-8
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
2oWOfhWoqHn34NbKLmdgASy5DSx28b9b02pSgvBLuqCSPSceeGI5OQ==
ping
api-iam.intercom.io/messenger/web/ Frame ABDF 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.554510f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
18fd074754b7b82a34047a36fff637081723d2f33d72a2a95633ac1ad759dd8f
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://app.joinpaladin.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 03 Apr 2020 03:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000c3k0mjb5qsecp2190
x-runtime
0.356770
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"18fd074754b7b82a34047a36fff63708"
x-ratelimit-remaining
19999
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.joinpaladin.com
x-intercom-version
81c918fcfe69078ae0854d709e380ea31d3183d0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1585884240
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| paladin object| webpackJsonp object| SENTRY_RELEASE object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| __SENTRY__ function| $ function| jQuery function| jdenticon object| analytics object| FontAwesomeCdnConfig string| cssUrl object| addtocalendar function| daterangepicker object| Raven function| Intercom string| GoogleAnalyticsObject function| ga function| normalize object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.joinpaladin.com/ Name: ajs_anonymous_id
Value: %22d01c5951-65fb-4c36-97f3-9b0b462d23c3%22
.joinpaladin.com/ Name: ajs_user_id
Value: null
.joinpaladin.com/ Name: ajs_group_id
Value: null
.joinpaladin.com/ Name: paladin_csrftoken_v2
Value: EoQnN3D8F3CYGKxMAhkKIbmGK1CsyG5i8n4w3amsytBHaf28wyVXTC9k1aQjs0gy
.joinpaladin.com/ Name: __cfduid
Value: d7b85fb5d9dade5bdd5db6abe54e1cb4e1585884192

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addtocalendar.com
api-iam.intercom.io
api.segment.io
app.joinpaladin.com
cdn.jsdelivr.net
cdn.ravenjs.com
cdn.segment.com
cdnjs.cloudflare.com
email-links.joinpaladin.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
p.typekit.net
use.fontawesome.com
use.typekit.net
widget.intercom.io
www.google-analytics.com
104.111.215.74
13.224.194.51
13.225.73.86
143.204.99.83
167.89.118.52
23.111.9.35
2606:4700:20::681a:fe3
2606:4700::6810:5814
2606:4700::6811:4104
2a00:1450:4001:815::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2003
2a04:4e42:200::729
35.171.199.207
54.71.121.82
75.2.88.188
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18fd074754b7b82a34047a36fff637081723d2f33d72a2a95633ac1ad759dd8f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d81b1b7047ca6b320fc9eef23a02237864907cf7117e6cc307c3c1698ebc4ac
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba9d54bfc2c0c117e44b2e07eeb0464e557a3f2b4069d3587a0a2575d1666a3
2ed610a8f09be002ea82fcea4bb803ab708802f64e233b0e92dcc81f74950725
2f0a45ac1d272d41b0420217bf8ff20f5eb22fc514064c9c8e2b1ac5cf22dd82
36831a486d55f6160b47e009f221810c95d6134dee99047dbebcc103d343b5fb
3cdf281b12c2026f4073a56bb191628ef490a2f7d21c122d0c1a413e3e432d51
4a5670d5cd304172362d8d5fa9725ae990c9af3c821d2a265be0f56a84f6810e
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
675be8551e6e3d0cb00f17ab1ee3aa995d89201fa32abb5318c188dd600d3dec
6d36e8986b3df80520b16360ef918bdc1eabd8ccfc17cc4b84b40589e2091b7f
6d98f31ef1b143587b55b057626ee856b69fc743194c0cd0880a130cdcf0345e
76a894d32cbc28f341d17e639f4df690600980656f74bc598d663cf0e679330b
76cfc829409956c1fe51761c111b76557fc3770b8ffbac1a6d15ddef1f613d81
7d457d1998aca6f9604e57461962f6030f9be8ce968577f37a98c43af2118500
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8775a525529f29a7a50efda011c3a107c40b10224df38c8f041acd8634ea8b9f
8baf5edb6d5434506ee248b199c805d21cdd51e42be72f7d1c1d1ef8108422e7
8fbb8050f3e30525b36da8ae8754d0bc2216d8fe7f176a2233cce2c7d165b6fe
9a9ad86719c640bc05f6fdbc34aaf7ea50470d91015928d00aedf393b5040b6f
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9e4450a60b4d6d5b4a8304ade07576767dc3f64f7653b0f95bce43bf11d854b2
9f05aee38016eb8a4980375be3063bc1c5a47d43d37c18308c7908b27045504e
a25088d400c57f71c7c2625e905f33c0e6baac8f5678f5b4299e1946dd636f44
b975402bc2cdbf4249b58caa3d4b6a7a2f744ecec9be93727b3c4f1c72a1b01f
bdd5c1d1d0722df5f5efa06ceb3ba8b58098fc8abc4b7ad7d9aba946df4218a2
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c80e328d925e33899cf86116bbc66cc5eff40d28523b0b5e90d4882aab1e2d50
d3728d8549f63eb9b6da113350147bae0b810dd1065efe76696db0a894e25f4b
e4b3ff1dbd520621838623292d6d3985510b93260e39a37328d6684ea67f8c50
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
fc62b2274050243f1cf146207fbce206bb3f420722912ec5bff49a02b8017042
fd088640b28990bed1f3e1a7af74645db17ccbe58e0cfa613b5b27f530866c34
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382