urlscan.io logo urlscan.io
SecurityTrails logo

ca.lilly.com Open in urlscan Pro
3.143.80.131  Public Scan

Go To Rescan Add Verdict Report
URL: https://ca.lilly.com/
Submission: On July 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 22 HTTP transactions. The main IP is 3.143.80.131, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is ca.lilly.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 16th 2024. Valid for: a year.
This is the only time ca.lilly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 3.143.80.131 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.40.238 15169 (GOOGLE)
22 4
Apex Domain
Subdomains		 Transfer
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
10 lilly.com
ca.lilly.com
676 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
195 KB
22 3
Domain Requested by
10 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
10 ca.lilly.com ca.lilly.com
2 www.googletagmanager.com ca.lilly.com
www.googletagmanager.com
22 3

This site contains links to these domains. Also see Links.

Domain
account.lilly.com
www.lillyhub.com
www.lillyprivacy.com
Subject Issuer Validity Valid
ca.lilly.com
Entrust Certification Authority - L1K		 2024-07-16 -
2025-07-16		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ca.lilly.com/
Frame ID: 42D1FD6B3B54EA2F1EB2C24D3F4A041F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lilly Products

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

892 kB
Transfer

3779 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ca.lilly.com/ 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
00c9fbeb52ef8cfd30763c1c0fa8639579d317c26c5baaa36ef7f73e6b044cbf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'nonce-Vs8RmQhC8nRC4tgm94DbOw==' 'sha256-hDweRQlncVe/NV82WAXYPmF1kkOJCxXYb89nNqKOaYA=' 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
none
cache-control
public, no-cache, max-age=0
content-encoding
gzip
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'nonce-Vs8RmQhC8nRC4tgm94DbOw==' 'sha256-hDweRQlncVe/NV82WAXYPmF1kkOJCxXYb89nNqKOaYA=' 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-type
text/html; charset=utf-8
date
Sat, 27 Jul 2024 00:19:23 GMT
etag
"5116-SCNTyxwSLUJu0ZdzQPT4DYuj7ho"
expires
0
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-robots-tag
noarchive
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		288 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NJ8G7V4&l=dataLayer
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e135259cf8a04736fc73a2283e06991e8de973077071520ec5efc71dbfc66ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94764
x-xss-protection
0
last-modified
Sat, 27 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Jul 2024 00:19:24 GMT
fe97a80.js
ca.lilly.com/_nuxt/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/_nuxt/fe97a80.js
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d687bd711788e5f000563068820e343fd25cebbb3f895fe3f896faac23a0d179
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
gzip
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 13:01:20 GMT
etag
W/"3fa5-190e4d4f500"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, no-cache, max-age=0
accept-ranges
bytes
x-robots-tag
noarchive
expires
0
4772a49.js
ca.lilly.com/_nuxt/ 		218 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/_nuxt/4772a49.js
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d7855e41337e4c56f369541eff995e08977a99941a43c2b1329c069b92762139
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
gzip
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 13:01:20 GMT
etag
W/"3694f-190e4d4f500"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, no-cache, max-age=0
accept-ranges
bytes
x-robots-tag
noarchive
expires
0
08c9f8d.css
ca.lilly.com/_nuxt/css/ 		71 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/_nuxt/css/08c9f8d.css
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
917dea67a3befaf0af1984fd2b8b056c7365421c47fd837a80da4b2b420c1847
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
gzip
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 13:01:20 GMT
etag
W/"47-190e4d4f500"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, no-cache, max-age=0
accept-ranges
bytes
x-robots-tag
noarchive
expires
0
aadb994.js
ca.lilly.com/_nuxt/ 		2 MB
402 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/_nuxt/aadb994.js
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
03e06190658e9f993732a92f48fbf1aff7932256903258db2d5e123a03d4ee8a
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
gzip
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 13:01:20 GMT
etag
W/"1b0112-190e4d4f500"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, no-cache, max-age=0
accept-ranges
bytes
x-robots-tag
noarchive
expires
0
f5df3d1.css
ca.lilly.com/_nuxt/css/ 		378 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/_nuxt/css/f5df3d1.css
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e483c2557c8bd0680901e9ea076302f6a079be5d48dc7ee3afe2ae1f49b7c1d3
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
gzip
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 13:01:20 GMT
etag
W/"5e8ef-190e4d4f500"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, no-cache, max-age=0
accept-ranges
bytes
x-robots-tag
noarchive
expires
0
82c145c.js
ca.lilly.com/_nuxt/ 		746 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/_nuxt/82c145c.js
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
02dd3384d466643042e23aaecdab7a4b24fd6eb03574ca4def3040983ee2da57
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
gzip
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 13:01:20 GMT
etag
W/"ba79e-190e4d4f500"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, no-cache, max-age=0
accept-ranges
bytes
x-robots-tag
noarchive
expires
0
4009b30.js
ca.lilly.com/_nuxt/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/_nuxt/4009b30.js
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9682d16671b63d3097178fcce069a7397f6c066382ce6c2729923dbceefc9b20
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
gzip
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 13:01:20 GMT
etag
W/"e51-190e4d4f500"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, no-cache, max-age=0
accept-ranges
bytes
x-robots-tag
noarchive
expires
0
logo-lilly-footer.svg
ca.lilly.com/assets/images/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca.lilly.com/assets/images/logo-lilly-footer.svg
Requested by
Host: ca.lilly.com
URL: https://ca.lilly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
11e093042a56576ad7b06304c3b76808eedf960011fc55939eb02ebb3bc99d37
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
br
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 12:55:37 GMT
etag
W/"178b-190e4cfb928"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, no-cache, max-age=0
x-robots-tag
noarchive
expires
0
js
www.googletagmanager.com/gtag/ 		308 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H0QLD78RY3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ8G7V4&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7a6e8d2357fd2e02c4e0ef0af4e5fbb1da05fbdd990f2f4757957028737dada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104173
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jul 2024 00:19:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ8G7V4&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 23:59:54 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1171
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 27 Jul 2024 01:59:54 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H0QLD78RY3&gtm=45je47o0v892943533z8831537990za200zb831537990&_p=1722039564985&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=827813099.1722039565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722039565&sct=1&seg=0&dl=https%3A%2F%2Fca.lilly.com%2F&dt=Lilly%20Products&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymizeIp=true&ep.Source=dir_org&ep.referrer=dir_org&ep.sessionid=1722039565172-bfksfhodjivb26g&tfd=1933
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H0QLD78RY3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 00:19:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ca.lilly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=696438103&t=pageview&_s=1&dl=https%3A%2F%2Fca.lilly.com%2F&ul=en-us&de=UTF-8&dt=Lilly%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1328209835&gjid=871263146&cid=827813099.1722039565&tid=UA-81122046-39&_gid=593920159.1722039566&_r=1&_slc=1&gtm=45He47o0n81NJ8G7V4v831537990za200&cd3=1722039565172-bfksfhodjivb26g&cd4=2024-07-27T00%3A19%3A25.179Z&cd5=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=362170843
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 00:19:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ca.lilly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H0QLD78RY3&gtm=45je47o0v892943533za200zb831537990&_p=1722039564985&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=827813099.1722039565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722039565&sct=1&seg=0&dl=https%3A%2F%2Fca.lilly.com%2F&dt=Lilly%20Products&en=scroll&ep.anonymizeIp=true&ep.Source=dir_org&ep.referrer=dir_org&ep.sessionid=1722039565172-bfksfhodjivb26g&epn.percent_scrolled=90&_et=14&tfd=2207
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H0QLD78RY3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 00:19:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ca.lilly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=696438103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fca.lilly.com%2F&ul=en-us&de=UTF-8&dt=Lilly%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Scroll&ea=%2F&el=25%25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=827813099.1722039565&tid=UA-81122046-39&_gid=593920159.1722039566&gtm=45He47o0n81NJ8G7V4v831537990za200&cd3=1722039565172-bfksfhodjivb26g&cd4=2024-07-27T00%3A19%3A25.768Z&cd5=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=1495803002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 03:23:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75354
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=696438103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fca.lilly.com%2F&ul=en-us&de=UTF-8&dt=Lilly%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Scroll&ea=%2F&el=50%25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=827813099.1722039565&tid=UA-81122046-39&_gid=593920159.1722039566&gtm=45He47o0n81NJ8G7V4v831537990za200&cd3=1722039565172-bfksfhodjivb26g&cd4=2024-07-27T00%3A19%3A25.780Z&cd5=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=178605053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 03:23:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75354
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=696438103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fca.lilly.com%2F&ul=en-us&de=UTF-8&dt=Lilly%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Scroll&ea=%2F&el=75%25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=827813099.1722039565&tid=UA-81122046-39&_gid=593920159.1722039566&gtm=45He47o0n81NJ8G7V4v831537990za200&cd3=1722039565172-bfksfhodjivb26g&cd4=2024-07-27T00%3A19%3A25.788Z&cd5=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=1065098156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 03:23:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75354
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=696438103&t=event&ni=1&_s=1&dl=https%3A%2F%2Fca.lilly.com%2F&ul=en-us&de=UTF-8&dt=Lilly%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Scroll&ea=%2F&el=100%25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=827813099.1722039565&tid=UA-81122046-39&_gid=593920159.1722039566&gtm=45He47o0n81NJ8G7V4v831537990za200&cd3=1722039565172-bfksfhodjivb26g&cd4=2024-07-27T00%3A19%3A25.798Z&cd5=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=1101902753
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 03:23:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75354
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
ca.lilly.com/assets/images/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ca.lilly.com/assets/images/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.80.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-80-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0d81b72e24abc8e514a67614f5266c59d40877d1c27378268aafbe2f60a85db8
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.lilly.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 00:19:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
content-encoding
br
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 24 Jul 2024 12:55:37 GMT
etag
W/"3aee-190e4cfb928"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
public, no-cache, max-age=0
x-robots-tag
noarchive
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=696438103&t=event&ni=0&_s=1&dl=https%3A%2F%2Fca.lilly.com%2F&ul=en-us&de=UTF-8&dt=Lilly%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section%20View&ea=https%3A%2F%2Fca.lilly.com%2F&el=Lilly%20Products&ev=0&_u=aADAAEABAAAAACACI~&jid=&gjid=&cid=827813099.1722039565&tid=UA-81122046-39&_gid=593920159.1722039566&gtm=45He47o0n81NJ8G7V4v831537990za200&cd3=1722039565172-bfksfhodjivb26g&cd4=2024-07-27T00%3A19%3A26.197Z&cd5=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=932997781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 01:44:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81284
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=696438103&t=event&ni=0&_s=1&dl=https%3A%2F%2Fca.lilly.com%2F&ul=en-us&de=UTF-8&dt=Lilly%20Products&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section%20View&ea=https%3A%2F%2Fca.lilly.com%2F&el=Lilly%20Products&ev=0&_u=aADAAEABAAAAACACIAC~&jid=&gjid=&cid=827813099.1722039565&tid=UA-81122046-39&_gid=593920159.1722039566&gtm=45He47o0n81NJ8G7V4v831537990za200&cd3=1722039565172-bfksfhodjivb26g&cd4=2024-07-27T00%3A19%3A26.205Z&cd5=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=903994173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 01:44:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81284
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __NUXT__ object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| dataLayer object| $nuxt object| google_tag_manager object| google_tag_data string| sessionId number| sessionTime function| generateSessionId function| removeSessionId function| idleCheck function| ontouchstart function| ontouchmove string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

6 Cookies

Domain/Path Name / Value
ca.lilly.com/ Name: gtm-session-start
Value: 1722039564985
ca.lilly.com/ Name: PageNumber
Value: 1
.lilly.com/ Name: _ga
Value: GA1.2.827813099.1722039565
.lilly.com/ Name: _gid
Value: GA1.2.593920159.1722039566
.lilly.com/ Name: _gat_UA-81122046-39
Value: 1
.lilly.com/ Name: _ga_H0QLD78RY3
Value: GS1.1.1722039565.1.0.1722039566.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'none'; style-src 'self' *.cassiecloud.com *.googleapis.com 'unsafe-inline' https://cscript-cdn-use.lilly.com/templates/2/template.min.css *.lillytempo.com *.kisunla.com; script-src 'nonce-Vs8RmQhC8nRC4tgm94DbOw==' 'sha256-hDweRQlncVe/NV82WAXYPmF1kkOJCxXYb89nNqKOaYA=' 'self' 'strict-dynamic' 'unsafe-eval' *.kaltura.com/ *.cassiecloud.com *.googletagmanager.com https://google-analytics.com *.google-analytics.com *.bing.com https://connect.facebook.net https://lilly-customerconnect.secure.force.com https://customerconnect.my.salesforce-sites.com https://ispot.tv *.turn.com *.myadvocado.com *.doubleclick.net *.analytics.yahoo.com *.google.com https://facebook.com *.salesforceliveagent.com *.youtube.com *.ytimg.com *.gstatic.com *.googlevideo.com blob: http://d22xmn10vbouk4.cloudfront.net *.googleapis.com assets.adobedtm.com assets.ctfassets.net *.kisunla.com *.lillyproducts.ca *.lilly.com *.ca.lilly.com 'nonce-OU8YaOsK/N4g9SL0QgGwww==' 'sha256-WkALVocPI48c0B1F/65qVEQYG+bCGKQFAWQtCLEPihI='; object-src 'none'; frame-src *.doubleclick.net/ *.myadvocado.com/ *.lillytempo.com *.lillycares.com *.lillyoncologysupport.com *.lillyloxooncologypipeline.com *.lillydirect.com *.lrlscience.com *.syrenis.com *.taltz.com *.olumiant.com *.verzenio.com *.omvoh.com *.true.lilly *.tap.lilly *.together.lilly *.certuitad.com *.lilly.com *.enrollment.taltz.com *.enrollment.olumiant.com *.enrollment.verzenio.com *.enrollment.omvoh.com *.kisunla.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block