urlscan.io logo urlscan.io
SecurityTrails logo

lillyatp.my.redcanary.co Open in urlscan Pro
18.190.62.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lillyatp.my.redcanary.co/detections/433
Effective URL: https://lillyatp.my.redcanary.co/users/sign_in
Submission Tags: falconsandbox
Submission: On May 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 18.190.62.30, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is lillyatp.my.redcanary.co.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on December 9th 2021. Valid for: a year.
This is the only time lillyatp.my.redcanary.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 18.190.62.30 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.1.217.94 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.130.137 54113 (FASTLY)
1 162.247.243.147 13335 (CLOUDFLAR...)
19 8
9    18.190.62.30 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-62-30.us-east-2.compute.amazonaws.com
lillyatp.my.redcanary.co
5    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700:10::ac43:e8b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.datatables.net
1    52.1.217.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-217-94.compute-1.amazonaws.com
analytics.churnzero.net
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
9 redcanary.co
lillyatp.my.redcanary.co
811 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
468 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 5258
37 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 369
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 381
14 KB
1 churnzero.net
analytics.churnzero.net — Cisco Umbrella Rank: 19965
140 KB
19 7
Domain Requested by
9 lillyatp.my.redcanary.co 2 redirects lillyatp.my.redcanary.co
5 cdnjs.cloudflare.com lillyatp.my.redcanary.co
2 www.google-analytics.com lillyatp.my.redcanary.co
2 cdn.datatables.net lillyatp.my.redcanary.co
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com lillyatp.my.redcanary.co
1 analytics.churnzero.net lillyatp.my.redcanary.co
19 7

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.microsoft.com
docs.microsoft.com
Subject Issuer Validity Valid
*.my.redcanary.co
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-09 -
2022-12-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.churnzero.net
Amazon		 2022-01-03 -
2023-02-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lillyatp.my.redcanary.co/users/sign_in
Frame ID: 7F2A50105E306E9E5A8ED67F8F2F907E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Red Canary

Page URL History Show full URLs

  1. https://lillyatp.my.redcanary.co/detections/433 HTTP 302
    https://lillyatp.my.redcanary.co/threats/433 HTTP 302
    https://lillyatp.my.redcanary.co/users/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

1487 kB
Transfer

10787 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lillyatp.my.redcanary.co/detections/433 HTTP 302
    https://lillyatp.my.redcanary.co/threats/433 HTTP 302
    https://lillyatp.my.redcanary.co/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
lillyatp.my.redcanary.co/users/
Redirect Chain
  • https://lillyatp.my.redcanary.co/detections/433
  • https://lillyatp.my.redcanary.co/threats/433
  • https://lillyatp.my.redcanary.co/users/sign_in
36 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.190.62.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-62-30.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4831982c199aec663e4449520b9f0b6611ebc02d1b5111cb01ad25c1dd04727d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src 'self' *.internal.redcanary.io:* *.my.redcanary.co; base-uri 'self'; connect-src 'self' *.internal.redcanary.io:* *.my.redcanary.co analytics.churnzero.net redcanary.us1app.churnzero.net www.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com *.statuspage.io bam-cell.nr-data.net bam.nr-data.net; font-src 'self' data: redcanary.us1app.churnzero.net fonts.gstatic.com; frame-src 'self'; img-src data: 'self' help.redcanary.com cdn.datatables.net us1img.churnzero.net us2img.churnzero.net www.gstatic.com/charts/ chart.googleapis.com www.google-analytics.com v2assets.zopim.io static.zdassets.com logo.clearbit.com store-images.s-microsoft.com *.mzstatic.com; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.datatables.net cdnjs.cloudflare.com analytics.churnzero.net www.google.com/jsapi www.gstatic.com/charts/ www.google-analytics.com ssl.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com cdn.statuspage.io js-agent.newrelic.com bam-cell.nr-data.net bam.nr-data.net code.jquery.com; style-src 'self' 'unsafe-inline' cdn.datatables.net cdnjs.cloudflare.com redcanary.us1app.churnzero.net www.google.com/jsapi www.gstatic.com/charts/; report-uri https://o433963.ingest.sentry.io/api/5723629/security/?sentry_key=209f3e6b3a6f43ca88129b07ddac74eb
Content-Type
text/html; charset=utf-8
Date
Sun, 22 May 2022 04:50:00 GMT
ETag
W/"4831982c199aec663e4449520b9f0b66"
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
7b06a91d-8f34-45fc-b592-3ae8c99200f0
X-Runtime
0.050354
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Security-Policy-Report-Only
default-src 'self' *.internal.redcanary.io:* *.my.redcanary.co; base-uri 'self'; connect-src 'self' *.internal.redcanary.io:* *.my.redcanary.co analytics.churnzero.net redcanary.us1app.churnzero.net www.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com *.statuspage.io bam-cell.nr-data.net bam.nr-data.net; font-src 'self' data: redcanary.us1app.churnzero.net fonts.gstatic.com; frame-src 'self'; img-src data: 'self' help.redcanary.com cdn.datatables.net us1img.churnzero.net us2img.churnzero.net www.gstatic.com/charts/ chart.googleapis.com www.google-analytics.com v2assets.zopim.io static.zdassets.com logo.clearbit.com store-images.s-microsoft.com *.mzstatic.com; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.datatables.net cdnjs.cloudflare.com analytics.churnzero.net www.google.com/jsapi www.gstatic.com/charts/ www.google-analytics.com ssl.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com cdn.statuspage.io js-agent.newrelic.com bam-cell.nr-data.net bam.nr-data.net code.jquery.com; style-src 'self' 'unsafe-inline' cdn.datatables.net cdnjs.cloudflare.com redcanary.us1app.churnzero.net www.google.com/jsapi www.gstatic.com/charts/; report-uri https://o433963.ingest.sentry.io/api/5723629/security/?sentry_key=209f3e6b3a6f43ca88129b07ddac74eb
Content-Type
text/html; charset=utf-8
Date
Sun, 22 May 2022 04:49:59 GMT
Location
https://lillyatp.my.redcanary.co/users/sign_in
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Origin
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
093eb053-70da-4447-90ad-1090d9adc4cd
X-Runtime
0.014311
X-XSS-Protection
1; mode=block
application-07b4be8755281de26d828bbafbc25cc3a98ef5a0a3f40010f4d3fa8307569f35.css
lillyatp.my.redcanary.co/assets/ 		6 MB
293 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/assets/application-07b4be8755281de26d828bbafbc25cc3a98ef5a0a3f40010f4d3fa8307569f35.css
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.190.62.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-62-30.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
83d0f7fa6d3f556e76c1235aff6854c366e8b828913f2588d9f217b1d344fdfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 04:50:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=31536000, public
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Length
300115
Expires
Mon, 22 May 2023 04:50:00 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 04:50:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1399779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29919
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-176de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aROSpiVe4LMjm69SvF8AeqLjWz%2BoodBdVRj5rytXF923cNlGDOsZmaX%2BfYRR73p9zkYyEjMMR7rSw18XhUJo0xiLGcWYO95348ZS%2BzdUd0h3dZLm77qPt1QVienkWatbo1lfGk4xyiqXel4g%2FKUuFJLd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70f2edaffa69900c-FRA
expires
Fri, 12 May 2023 04:50:00 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 04:50:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3309547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8722
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJysG4DrsRIVY2%2Bp4skL8jzHg18zqL5230IX0z5I4QIdz1tQH6G%2B7vqVvUpKos8rri8n57yhB0GZyQl8Fm3skWCGctwQXiGC%2FKKw3hRCz5LXtfm6ahfcRhXYD8lDegSda0VSTRXleEDe7ffZuTPY%2Fqgq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70f2edaffa6a900c-FRA
expires
Fri, 12 May 2023 04:50:00 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 04:50:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2707064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5303
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04015-4041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmYmcOg4VjnW8VeKgcAoePpGuojWGsNU2khbrpT9D%2FsS139VrFEgavByPRfIMVnZ2oXNbhP0lGNIZ2QZpleoB1nMbqUx%2BlayUOKk7BfYEnNy1rToXVIXpGoAYkJymzSHBb653j%2B%2BHvLX0ZgRa7L2iSF7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70f2edaffa6b900c-FRA
expires
Fri, 12 May 2023 04:50:00 GMT
plotly.min.js
cdnjs.cloudflare.com/ajax/libs/plotly.js/1.17.3/ 		2 MB
417 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/plotly.js/1.17.3/plotly.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1bb8251cd332dfe7aec950a364aa1021e85c5f6c952be57feecf1e30f5a448c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 04:50:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
49187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
425766
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f90-1b5050"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fw7J6Y5zNghhGv%2BclDckSUNrNBNU0Ry1MpVd3OvHd3L%2FQ7e8IzBDLDFf8j9CrTsa8pykNKQiuyjSNrp2hAo6REbB3D2ZpeM0whfQUX62evQhW25zOwAIqVpvBBXmXEnV9K6NPvGHbaOP79oukkA3QQ1F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70f2edaffa6d900c-FRA
expires
Fri, 12 May 2023 04:50:00 GMT
autotrack.js
cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/autotrack.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 04:50:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4083376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7172
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:05:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d61-60d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO12%2BsmYWPPJfqz5CpPLZwtQsfEbHBZyJ%2F1Q2IVVNCQ6aLxjO%2Fwu1sjGqRojtI7EvPjY0B1PZxEFd7GY8Vhstql8qUzvW0qaHp0QgeU8W5CPvRW%2F8H5%2F5hWPyZ7ZqvhucrnuNSbo6xYQxzm7yGVRIymf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70f2edb34d32900c-FRA
expires
Fri, 12 May 2023 04:50:00 GMT
datatables.min.js
cdn.datatables.net/v/dt/dt-1.11.3/sc-2.0.5/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/v/dt/dt-1.11.3/sc-2.0.5/datatables.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d985473566431d6cf61637eef95ffcad2a599d6bb0a9da5d0d0b351120d8c06

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 04:50:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 22 May 2022 00:27:29 GMT
server
cloudflare
age
15751
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31557600
cf-ray
70f2edaffbf15c14-FRA
datatables.min.css
cdn.datatables.net/v/dt/dt-1.11.3/sc-2.0.5/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/v/dt/dt-1.11.3/sc-2.0.5/datatables.min.css
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc733362065617383a46f88f292f27669f244a6e36aaeea301e5318febd30fba

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 04:50:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 22 May 2022 00:27:29 GMT
server
cloudflare
age
15751
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31557600
cf-ray
70f2edaffbee5c14-FRA
runtime-4191e7d03ed61d1ee721.js
lillyatp.my.redcanary.co/packs/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/packs/js/runtime-4191e7d03ed61d1ee721.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.190.62.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-62-30.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d4eb0b3fcab67282a1e9b489793f9954a35e7ecfc0412ec851389057d10046c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 04:50:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Fri, 20 May 2022 20:39:04 GMT
Server
nginx
Content-Security-Policy-Report-Only
default-src 'self' *.internal.redcanary.io:* *.my.redcanary.co; base-uri 'self'; connect-src 'self' *.internal.redcanary.io:* *.my.redcanary.co analytics.churnzero.net redcanary.us1app.churnzero.net www.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com *.statuspage.io bam-cell.nr-data.net bam.nr-data.net; font-src 'self' data: redcanary.us1app.churnzero.net fonts.gstatic.com; frame-src 'self'; img-src data: 'self' help.redcanary.com cdn.datatables.net us1img.churnzero.net us2img.churnzero.net www.gstatic.com/charts/ chart.googleapis.com www.google-analytics.com v2assets.zopim.io static.zdassets.com logo.clearbit.com store-images.s-microsoft.com *.mzstatic.com; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.datatables.net cdnjs.cloudflare.com analytics.churnzero.net www.google.com/jsapi www.gstatic.com/charts/ www.google-analytics.com ssl.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com cdn.statuspage.io js-agent.newrelic.com bam-cell.nr-data.net bam.nr-data.net code.jquery.com; style-src 'self' 'unsafe-inline' cdn.datatables.net cdnjs.cloudflare.com redcanary.us1app.churnzero.net www.google.com/jsapi www.gstatic.com/charts/; report-uri https://o433963.ingest.sentry.io/api/5723629/security/?sentry_key=209f3e6b3a6f43ca88129b07ddac74eb
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding, Origin
Content-Length
1982
X-XSS-Protection
1; mode=block
3935-abb8013f9923c8a544b1.js
lillyatp.my.redcanary.co/packs/js/ 		126 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/packs/js/3935-abb8013f9923c8a544b1.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.190.62.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-62-30.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
60926e636348341bdba408b3df949586f22464260b37e06a27d45de96222a7b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 04:50:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Fri, 20 May 2022 20:39:04 GMT
Server
nginx
Content-Security-Policy-Report-Only
default-src 'self' *.internal.redcanary.io:* *.my.redcanary.co; base-uri 'self'; connect-src 'self' *.internal.redcanary.io:* *.my.redcanary.co analytics.churnzero.net redcanary.us1app.churnzero.net www.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com *.statuspage.io bam-cell.nr-data.net bam.nr-data.net; font-src 'self' data: redcanary.us1app.churnzero.net fonts.gstatic.com; frame-src 'self'; img-src data: 'self' help.redcanary.com cdn.datatables.net us1img.churnzero.net us2img.churnzero.net www.gstatic.com/charts/ chart.googleapis.com www.google-analytics.com v2assets.zopim.io static.zdassets.com logo.clearbit.com store-images.s-microsoft.com *.mzstatic.com; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.datatables.net cdnjs.cloudflare.com analytics.churnzero.net www.google.com/jsapi www.gstatic.com/charts/ www.google-analytics.com ssl.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com cdn.statuspage.io js-agent.newrelic.com bam-cell.nr-data.net bam.nr-data.net code.jquery.com; style-src 'self' 'unsafe-inline' cdn.datatables.net cdnjs.cloudflare.com redcanary.us1app.churnzero.net www.google.com/jsapi www.gstatic.com/charts/; report-uri https://o433963.ingest.sentry.io/api/5723629/security/?sentry_key=209f3e6b3a6f43ca88129b07ddac74eb
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding, Origin
Content-Length
40646
X-XSS-Protection
1; mode=block
mount_webpacker_react-ec85597767f2590c7d47.js
lillyatp.my.redcanary.co/packs/js/ 		24 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/packs/js/mount_webpacker_react-ec85597767f2590c7d47.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.190.62.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-62-30.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5a751f10968ee4a40c7e05e89390690b0606ebb3f3e7365f17f39c639498c490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 04:50:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Fri, 20 May 2022 20:39:04 GMT
Server
nginx
Content-Security-Policy-Report-Only
default-src 'self' *.internal.redcanary.io:* *.my.redcanary.co; base-uri 'self'; connect-src 'self' *.internal.redcanary.io:* *.my.redcanary.co analytics.churnzero.net redcanary.us1app.churnzero.net www.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com *.statuspage.io bam-cell.nr-data.net bam.nr-data.net; font-src 'self' data: redcanary.us1app.churnzero.net fonts.gstatic.com; frame-src 'self'; img-src data: 'self' help.redcanary.com cdn.datatables.net us1img.churnzero.net us2img.churnzero.net www.gstatic.com/charts/ chart.googleapis.com www.google-analytics.com v2assets.zopim.io static.zdassets.com logo.clearbit.com store-images.s-microsoft.com *.mzstatic.com; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.datatables.net cdnjs.cloudflare.com analytics.churnzero.net www.google.com/jsapi www.gstatic.com/charts/ www.google-analytics.com ssl.google-analytics.com static.zdassets.com ekr.zdassets.com redcanaryhelp.zendesk.com *.zopim.com wss://redcanaryhelp.zendesk.com wss://*.zopim.com cdn.statuspage.io js-agent.newrelic.com bam-cell.nr-data.net bam.nr-data.net code.jquery.com; style-src 'self' 'unsafe-inline' cdn.datatables.net cdnjs.cloudflare.com redcanary.us1app.churnzero.net www.google.com/jsapi www.gstatic.com/charts/; report-uri https://o433963.ingest.sentry.io/api/5723629/security/?sentry_key=209f3e6b3a6f43ca88129b07ddac74eb
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding, Origin
Content-Length
8832
X-XSS-Protection
1; mode=block
application-72fa396025180cd2a9dbfa9db1808096cd95ea64354fc22a1c3c6994cc5471c7.js
lillyatp.my.redcanary.co/assets/ 		2 MB
411 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/assets/application-72fa396025180cd2a9dbfa9db1808096cd95ea64354fc22a1c3c6994cc5471c7.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.190.62.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-62-30.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6a3e61d6030bb73f3acd51237efbc8574613b123972788ab1b09453c80961285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 04:50:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Length
420580
Expires
Mon, 22 May 2023 04:50:00 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/webp
churnzero.js
analytics.churnzero.net/ 		490 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.churnzero.net/churnzero.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.217.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-217-94.compute-1.amazonaws.com
Software
/
Resource Hash
3a005df8719ef0fc7ea343df1020d28a36ea1b3caf289aeda0e804327c3de2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 04:50:01 GMT
content-encoding
br
last-modified
Sun, 22 May 2022 00:56:40 GMT
etag
"1d86d76cbce7df2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
x-cz-server-id
6723 (1)
x-cz-request-id
8cacec0ac183433a8a6c484325915f71
accept-ranges
bytes
expires
Sun, 22 May 2022 05:05:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1853
date
Sun, 22 May 2022 04:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 22 May 2022 06:19:08 GMT
logo-dark-590a379378ddbd5ae48c774698492b9c8e444aec15b14d56f530053085dda389.png
lillyatp.my.redcanary.co/assets/subdomain_profile/default/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lillyatp.my.redcanary.co/assets/subdomain_profile/default/logo-dark-590a379378ddbd5ae48c774698492b9c8e444aec15b14d56f530053085dda389.png
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.190.62.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-62-30.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
36d3799b8de9c60e894a35e8dc440c1592c27b1cbde12fea51accb72ea8410e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 04:50:01 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/png
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29791
Expires
Mon, 22 May 2023 04:50:01 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1609623650&t=pageview&_s=1&dl=https%3A%2F%2Flillyatp.my.redcanary.co%2Fusers%2Fsign_in&ul=en-us&de=UTF-8&dt=Red%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1494778389&gjid=1081434303&cid=1920048405.1653195001&tid=UA-52702906-2&_gid=469977173.1653195001&_r=1&_slc=1&_av=2.4.1&_au=37e&cd1=lillyatp&cd2=none&cd3=&cd4=paid&did=i5iSjo&z=187393740
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 04:50:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lillyatp.my.redcanary.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
702BXDH9DS50TBSA
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
5vd9vstz3V3z74kfjj1dCPZWEqafZIkasHjA0BdDCJvZTnwH4UnkRjWckumVI0cOdusYAlzF0pM=
x-served-by
cache-hhn4077-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1653195002.090953,VS0,VE0
date
Sun, 22 May 2022 04:50:02 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3724
4959331d8a
bam-cell.nr-data.net/1/ 		49 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/4959331d8a?a=9738878&v=1216.487a282&to=cFtZEEtbWFkDFh1XUkVdRAEWR1FGFQ1dXUQcWlIT&rst=2689&ck=1&ref=https://lillyatp.my.redcanary.co/users/sign_in&ap=61&be=841&fe=2607&dc=1870&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1653194999419,%22n%22:0,%22r%22:0,%22re%22:511,%22f%22:511,%22dn%22:511,%22dne%22:511,%22c%22:511,%22ce%22:511,%22rq%22:513,%22rp%22:816,%22rpe%22:817,%22dl%22:820,%22di%22:1870,%22ds%22:1870,%22de%22:1884,%22dc%22:2607,%22l%22:2607,%22le%22:2608%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=1907&fcp=1907&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 04:50:02 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Connection
keep-alive
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BeiogC%2FKU05XmR17hB4tjaB7aYsxXI2yPB%2BXG7uyfNEcjWzIzTSYJ8Ciy6dqHmxVLei%2F6WgBQf73SbpLSsYWNLC0eqBT5VL0G1Tge7gKmnEIE5ASRAhi6gQBMs3uQ9QTjVqCD3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
access-control-allow-credentials
true
CF-Ray
70f2edbb9cfd9a0c-FRA

Verdicts & Comments Add Verdict or Comment

342 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| NREUM object| newrelic function| __nr_require boolean| supportsES6 function| $ function| jQuery object| jQuery1112045377639032119066 function| _ object| __TYPEDARRAY_POOL object| __TEXT_CACHE object| Plotly object| $jscomp function| $jscomp$lookupPolyfilledValue function| DataTable object| webpackChunk object| ReactRailsUJS function| mountWebpackerReact function| ga object| gaDevIds object| gaplugins function| showConfetti function| showNextConfettiModal function| custom_check_master_changed function| custom_check_num_checked function| custom_check_changed function| show_custom_check_action_bar function| hide_custom_check_action_bar function| custom_check_values function| custom_check_submit_action function| incrementTextTemplate function| initializeTributeForTextTemplates function| submit_shared_search_and_submit_form function| _classCallCheck function| _inherits function| _toConsumableArray function| createElements function| randomPhysics function| updateFetti function| animate function| backwardPatch function| confetti function| _defineProperty function| _objectWithoutProperties function| addFlashMessage function| addFlashMessageSafe function| apiRequestJSON function| preventClick function| rcConfirm function| rcAlert function| updateDate function| cleanup_missing_clearbit_logos function| populate_sjrs function| populate_sjr function| createCookie function| readCookie function| eraseCookie function| can function| redact_if function| manually_collapse_main_sidenav function| copyToClipboardFromInput function| formatHelpURL function| rotateChevron function| Haml function| BrowserRouter function| HashRouter function| Link function| MemoryRouter function| NavLink function| Prompt function| Redirect function| Route function| Router function| StaticRouter function| Switch function| generatePath function| matchPath function| withRouter function| _createClass function| _get function| TextTemplateList function| CustomerExternalAlertSourceIndexAlertSource function| CustomerExternalAlertSourceIndexApp function| CustomerExternalAlertSourceIndexPlatformCategory function| CustomerExternalAlertsDashboard function| CustomerExternalAlertsDashboardAffectedApplications function| CustomerExternalAlertsDashboardAffectedEndpoints function| CustomerExternalAlertsDashboardAffectedIdentities function| CustomerExternalAlertsDashboardAlertSource function| _slicedToArray function| CustomerExternalAlertsDashboardAlertSources function| CustomerExternalAlertsDataFlow object| defaultColors object| defaults function| ExecCondition function| ExecConditionForm function| ErrorList function| ExecApp function| ExecActionTestJsonInterpolationModal function| ExecNav function| ExecBaseActionExecution function| _extends function| ExecBaseActionExecutionBuilder function| ExecActionExecutionsAddOktaUserToGroup function| ExecActionExecutionsAllowUnsignedAppExecution function| ExecActionExecutionsBanDomain function| ExecActionExecutionsBanHashes function| ExecActionExecutionsBanIpAddress function| ExecActionExecutionsClearOktaUserSessions function| ExecActionExecutionsCommentOnExternalAlert function| ExecActionExecutionsDeleteAndCaptureFile function| ExecActionExecutionsDeleteRegistry function| ExecActionExecutionsIsolateEndpoint function| ExecActionExecutionsKillProcess function| ExecActionExecutionsQuarantineFile function| ExecActionExecutionsRemoveOktaUserFromGroup function| ExecActionExecutionsRestrictUnsignedAppExecution function| ExecActionExecutionsSendDetectionToSentinel function| ExecActionExecutionsSuspendOktaUser function| ExecActionExecutionsUnsuspendOktaUser function| ExecActionExecutionsUpdateStateOfExternalAlert function| ExecActionInputWithInterpolation function| ExecActionSidebarByTechnology function| ExecBaseAction function| ExecActionsAddNoteToExternalAlert function| ExecActionsAddOktaUserToGroup function| ExecActionsAllowUnsignedAppExecution function| ExecActionsAssignExternalAlert function| ExecActionsBanDomain function| ExecActionsBanHashes function| ExecActionsBanIpAddress function| ExecActionsCallPhoneNumber function| ExecActionsClearOktaUserSessions function| ExecActionsCollectForensicsPackage function| ExecActionsCommentOnExternalAlert function| ExecActionsDecommissionEndpoint function| ExecActionsDeisolateEndpoint function| ExecActionsDeleteAndCaptureFile function| ExecActionsDeleteAndCaptureFileCapture function| ExecActionsDeleteAndCaptureFileDelete function| ExecActionsDeleteRegistry function| ExecActionHelperApprovalNotificationEditor function| ExecActionHelperApprovalNotificationView function| ExecActionHelperApprovalNotificationBaseForm function| ExecActionHelperApprovalNotificationEmailForm function| ExecActionHelperApprovalNotificationSMSForm function| ExecActionHelperApprovalNotificationSlackForm function| ExecActionHelperApprovalNotificationMicrosoftTeamsForm function| ExecActionHelperPagerDutyHelp function| ExecActionHelperSMSItemFields function| ExecActionHelperSMSFormFields function| ExecActionsIsolateEndpoint function| ExecActionsKillProcess function| ExecActionsMarkDetectionAsAcknowledged function| ExecActionsMarkDetectionAsNotRemediated function| ExecActionsMarkDetectionAsRemediated function| ExecActionsQuarantineFile function| ExecActionsRemoveOktaUserFromGroup function| ExecActionsResolvePagerDuty function| ExecActionsRestrictUnsignedAppExecution function| ExecActionsSendDetectionToSentinel function| ExecActionsSendMail function| ExecActionsSendMicrosoftTeamsWebhook function| ExecActionsSendSlackWebhook function| ExecActionsSendSMSMessage function| ExecActionsSendSyslog function| ExecActionsSendWebhook function| ExecActionsSetExternalAlertState function| ExecActionsSuspendOktaUser function| ExecActionsTriggerPagerDuty function| ExecActionsUnassignExternalAlert function| ExecActionsUnsuspendOktaUser function| ExecActionsUpdateStateOfExternalAlert function| ExecPlaybookHistoryActionExecution function| ExecPlaybookHistoryChangeLog function| ExecPlaybookHistoryPlaybookExecution function| ExecOnDemandPreview function| ExecPlaybook function| ExecPlaybookEditor function| ExecPlaybookExecuteModal function| ExecPlaybookExecution function| ExecPlaybookHistory function| ExecPlaybookListItem function| ExecPlaybookTab function| ExecActionVariableDescription function| ExecTriggersEmptyState function| ExecIncludedPlaybook function| ExecIncludedPlaybookList function| ExecPlaybookSelector function| ExecTriggerForm function| ExecTriggerList function| ExecTriggerListItem function| ExecTriggerTab function| ReportApp function| ReportBase function| ReportGraphAffectedEndpoints function| ReportGraphByTheNumbers function| ReportGraphChevron function| ReportGraphConfirmedThreats function| ReportGraphDetections function| ReportGraphRiskByPlatform function| ReportGraphSquares function| ReportGraphTipoffs function| ReportGraphTriangle function| ReportNav function| AffectedEndpoints function| ByTheNumbers function| Collection function| CompareToOtherOrgs function| ConfirmedThreats function| DetectedThreatsEffectiveness function| ExpertAnalysisAndInvestigation function| IntelAndDetectionEngineering function| MedianTimeToRemediation function| Roi function| SecurityControls function| ErrorBoundary object| Box function| HBox function| VBox function| AutocompleteDropdown function| AutocompleteInput function| Button function| DataFlowSegment function| DataFlowSegmentFlow function| DataFlowSegmentNotice function| Label function| ReactOdometer function| Spinner function| Dropdown function| RailsInput function| ToggleButton function| IntelReportingApp function| IntelReportingDetection function| IntelReportingEndpoint function| IntelReportingFullScreenButton object| IntelReportingHeader function| IntelReportingLoading object| IntelReportingTimeline function| IntelReportingBaseActivity function| IntelReportingBlockquote function| IntelReportingDetectionAcknowledgedActivity function| IntelReportingDetectionMarkedNotRemediatedActivity function| IntelReportingDetectionMarkedRemediatedActivity function| IntelReportingDetectionNoteAddedActivity function| IntelReportingDetectionPublishedActivity function| IntelReportingDetectionSubstantiallyUpdatedActivity function| IntelReportingDetectorActivatedActivity function| IntelReportingDetectorUpdatedActivity function| IntelReportingEndpointChangesCreatedActivity function| IntelReportingEventInvestigatedActivity function| IntelReportingExternalAlertCorrelatedToEndpointActivity function| IntelReportingExternalAlertCorrelatedToEndpointUserActivity function| IntelReportingIntelIndicatorCreatedActivity function| IntelReportingIntelligenceInsightPublishedActivity function| IntelReportingPlaybookExecutedActivity function| IntelReportingPotentiallyThreateningActivityActivity function| IntelReportingThreatHuntCompleteActivity function| IntelReportingAppContainer function| ProvisionSubdomainForm function| SubdomainFormEngagement function| SubdomainFormMeta function| SubdomainFormNotes function| SubdomainFormOrganization function| EndpointLink function| Endpoints function| ExternalAlerts function| RiskBadge function| Identities function| IdentityLink function| IgnoredTargetedProductForm function| IgnoredTargetedProductsRow function| IgnoredTargetedProductsTable function| TargetedProductsRow function| TargetedProducts function| TargetedProductsTable function| moment object| d3 function| daterangepicker function| Odometer function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| s object| Subdomains object| Common function| reset_tablesorter function| refilter_detections_table function| initDetectionClassifications function| search_for_endpoint_users function| refilter_endpoints_table function| initialize_inbox function| plot_endpoints_active_over_time function| toggleMark function| toggleIndicatorCommandLine function| toggleIndicatorFieldInclusion function| plot_mttd function| plot_stacked_bar function| plot_risk function| plot_per_endpoint_risk object| g_hide_popover_timeouts function| EdgeTable function| DataLoader function| change_focused_vertex function| Tree function| ProcessTree object| TextTemplates function| Bloodhound object| React object| ReactDOM function| createReactClass object| PropTypes object| ReactRouterDOM object| Redux object| ReactRedux object| ReduxThunk function| ExecList object| ReportActions object| ReportReducers object| IntelReportingActions object| IntelReportingAppC object| IntelReportingReducers function| Tribute object| I18n string| organization_name object| current_user boolean| user_signed_in function| mark_setup_complete object| ChurnZero string| GoogleAnalyticsObject object| exec object| nowElements object| google_tag_data object| gaGlobal object| gaData object| __tracerCZ

5 Cookies

Domain/Path Name / Value
.my.redcanary.co/ Name: _portal3_session
Value: Q2JwN1JybDNDWHNWcnBTSm4yOHdOeEhZQWk1eEVWdytYVkdoT0VVdGd5dlB3bTRlWllDYWdSaktTUWtQSmVpaTBIZWhxeHhVdWs0QUhOYTFyTkRTWDFicXpuY3lKU3pkUW43MWNsUWFMM2lqamhPcEJXbkJoOURuUmZnRjZOK1ZnV1BZZUM5dXFPalEveGRXZXhtbjdhRU12RFU4enZYS3BxcUhyL25Genoybm5zbjhSZk9QSGJHRit1YUJ4eFBnLS1aR1ZHazM1a1NEdThsdDFvK2hHb3pnPT0%3D--181f502fe299fd30c6e6b7eef577fdcbcf3e3eef
.redcanary.co/ Name: _ga
Value: GA1.2.1920048405.1653195001
.redcanary.co/ Name: _gid
Value: GA1.2.469977173.1653195001
.redcanary.co/ Name: _gat
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: 4ad5e34d665e2eba

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.churnzero.net
bam-cell.nr-data.net
cdn.datatables.net
cdnjs.cloudflare.com
js-agent.newrelic.com
lillyatp.my.redcanary.co
www.google-analytics.com
151.101.130.137
162.247.243.147
18.190.62.30
2606:4700:10::ac43:e8b
2606:4700::6811:180e
2a00:1450:4001:82b::200e
52.1.217.94
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
1d985473566431d6cf61637eef95ffcad2a599d6bb0a9da5d0d0b351120d8c06
36d3799b8de9c60e894a35e8dc440c1592c27b1cbde12fea51accb72ea8410e9
3a005df8719ef0fc7ea343df1020d28a36ea1b3caf289aeda0e804327c3de2d8
4831982c199aec663e4449520b9f0b6611ebc02d1b5111cb01ad25c1dd04727d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a751f10968ee4a40c7e05e89390690b0606ebb3f3e7365f17f39c639498c490
60926e636348341bdba408b3df949586f22464260b37e06a27d45de96222a7b7
6a3e61d6030bb73f3acd51237efbc8574613b123972788ab1b09453c80961285
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
83d0f7fa6d3f556e76c1235aff6854c366e8b828913f2588d9f217b1d344fdfb
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a1bb8251cd332dfe7aec950a364aa1021e85c5f6c952be57feecf1e30f5a448c
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
cc733362065617383a46f88f292f27669f244a6e36aaeea301e5318febd30fba
d4eb0b3fcab67282a1e9b489793f9954a35e7ecfc0412ec851389057d10046c1
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32