urlscan.io logo urlscan.io
SecurityTrails logo

vshl.my.redcanary.co Open in urlscan Pro
3.21.138.247  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://veteransunited.backstory.chronicle.security/domainResults?domain=az416426.vo.msecnd.net&selectedList=DomainViewDistinctAssets&whoIsTimestamp...
Effective URL: https://vshl.my.redcanary.co/users/sign_in
Submission: On September 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 17 HTTP transactions. The main IP is 3.21.138.247, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is vshl.my.redcanary.co.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 26th 2020. Valid for: 2 years.
This is the only time vshl.my.redcanary.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1901:0:b... 15169 (GOOGLE)
1 5 3.21.138.247 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.194.217 54113 (FASTLY)
1 54.211.173.194 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
3 162.247.242.21 23467 (NEWRELIC-...)
17 10
1    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
veteransunited.backstory.chronicle.security
1    2600:1901:0:b7b5:: (United States)

ASN15169 (GOOGLE, US)
lanternalauth.com
5    3.21.138.247 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-138-247.us-east-2.compute.amazonaws.com
vshl.my.redcanary.co
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
3    2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
cdn.plot.ly
1    54.211.173.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-173-194.compute-1.amazonaws.com
analytics.churnzero.net
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Domain Requested by
5 vshl.my.redcanary.co 1 redirects vshl.my.redcanary.co
3 bam.nr-data.net js-agent.newrelic.com
vshl.my.redcanary.co
3 cdnjs.cloudflare.com vshl.my.redcanary.co
2 www.google-analytics.com vshl.my.redcanary.co
1 js-agent.newrelic.com vshl.my.redcanary.co
1 analytics.churnzero.net vshl.my.redcanary.co
1 cdn.plot.ly vshl.my.redcanary.co
1 maxcdn.bootstrapcdn.com vshl.my.redcanary.co
1 code.jquery.com vshl.my.redcanary.co
1 lanternalauth.com 1 redirects
1 veteransunited.backstory.chronicle.security 1 redirects
17 11

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.microsoft.com
Subject Issuer Validity Valid
*.my.redcanary.co
GeoTrust RSA CA 2018		 2020-03-26 -
2022-04-25		 2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-20 -
2020-12-18		 7 months crt.sh
*.churnzero.net
Amazon		 2020-09-08 -
2021-10-09		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-09 -
2021-05-07		 8 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://vshl.my.redcanary.co/users/sign_in
Frame ID: D63185F2C7C727881BE687454854754B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://veteransunited.backstory.chronicle.security/domainResults?domain=az416426.vo.msecnd.net&selectedList=DomainViewDistinctA... HTTP 302
    https://lanternalauth.com/auth/veteransunited?target=https://veteransunited.backstory.chronicle.securi... HTTP 302
    https://vshl.my.redcanary.co/saml/create?SAMLRequest=fZFNb4MwDIb%2FCsq9fKRAWwuQUHuptE3TOu2wy5QGVyCFhMWha%... HTTP 302
    https://vshl.my.redcanary.co/users/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

55 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

1392 kB
Transfer

5948 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://veteransunited.backstory.chronicle.security/domainResults?domain=az416426.vo.msecnd.net&selectedList=DomainViewDistinctAssets&whoIsTimestamp=2020-09-15T20%3A10%3A18Z HTTP 302
    https://lanternalauth.com/auth/veteransunited?target=https://veteransunited.backstory.chronicle.security/domainResults?domain%3Daz416426.vo.msecnd.net%26selectedList%3DDomainViewDistinctAssets%26whoIsTimestamp%3D2020-09-15T20:10:18Z HTTP 302
    https://vshl.my.redcanary.co/saml/create?SAMLRequest=fZFNb4MwDIb%2FCsq9fKRAWwuQUHuptE3TOu2wy5QGVyCFhMWha%2F%2F9AlWl7rKz7ffxYxckejVAPbpWv%2BH3iOSCS680wVwo2Wg1GEEdgRY9EjgJh%2Fr5CXgYw2CNM9IoFtREaF1n9NZoGnu0B7TnTuJeN3gpWcKCnU%2FutJh6StY6NxBE0ZlaFfbX0GIjhRb2GkoTTeBIWhQOWbDflewLc8H5cb3ipzxp8iZLmmPG06VME75qTuulbyMaPYyc0K5kPObxIt4skuydJxBvIE4%2FWfCBlma6X51VxYSBec4%2BGP8vLO6arLorKE9Eq4US%2FoR%2B%2Fb6IHpJvmAFefNR%2B92pUJ69BrZT52c6C02mi6jby9wvVLw%3D%3D&RelayState=ss%3Amem%3A893f1dc3804408b7db4e11dcfc94d96a3cebbe7787e5db551a96aafe9eb69e44&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=aERvYw2c%2BA%2BaubiBvF7oIdD2ZO4zu39jM3BWbOtFOlQucmN0F8fOiSTBpkkSIOnxwjkW2QiEdmuEQ960nCckEawMMhRoeC0v88uYw67vuZ6dt5ujAP5vv9FAW78m3JLomzQWaklPyXI9MgwGUn7ojGTixpsx3CKvfMippVK%2FO8dV7EmbyeXg0oCDo9ZRFXkVmTcocqEPOxFtDsi7r2AF%2BNh9sDEZtn1MocniF%2BkLTw6ix9Kbmzm6Mn9X9NyVHwBY6Om8a5HfmQJzVV5B%2FzHlBN5FtOduqA%2BgEgZBL95YNhDpGHqujdi6SnqIK5jIrmMMq6%2BlBDNGakpK%2BCL2NYFcgw%3D%3D HTTP 302
    https://vshl.my.redcanary.co/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set sign_in
vshl.my.redcanary.co/users/
Redirect Chain
  • https://veteransunited.backstory.chronicle.security/domainResults?domain=az416426.vo.msecnd.net&selectedList=DomainViewDistinctAssets&whoIsTimestamp=2020-09-15T20%3A10%3A18Z
  • https://lanternalauth.com/auth/veteransunited?target=https://veteransunited.backstory.chronicle.security/domainResults?domain%3Daz416426.vo.msecnd.net%26selectedList%3DDomainViewDistinctAssets%26wh...
  • https://vshl.my.redcanary.co/saml/create?SAMLRequest=fZFNb4MwDIb%2FCsq9fKRAWwuQUHuptE3TOu2wy5QGVyCFhMWha%2F%2F9AlWl7rKz7ffxYxckejVAPbpWv%2BH3iOSCS680wVwo2Wg1GEEdgRY9EjgJh%2Fr5CXgYw2CNM9IoFtREaF1n9N...
  • https://vshl.my.redcanary.co/users/sign_in
31 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vshl.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.21.138.247 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-138-247.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3e33d44525add3c6890391c8ffb0d792c3b38ec56ec90e7806690fa97f05d126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
vshl.my.redcanary.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_portal_saml_redirect_to=d09PZkFEaUc3L01tR1JzSnhiZFR4c2lzS2QvYmNFQmhiR1NROFFueXhBazg0Rm10eUxQcDVaOHlRYi81ck9uM3RKQUc5TmxWOFQ1RlRESCtZWjh1VnhycldGOUZNT2JwZkd5aFB4U0kvTXpGajEwYTJZeDlzbkkyb0t5MTFETFhxR1RINEM5YnFVWE1oYTkwRHFHZDZPRnR6RC9rWkZLeXRrRnhNbFliN1kraGVCVHJRcEtHckVXaVNtOGh6UlE3dHY0T05ER3VDR0YzM1FsOFBYS09qTUMrZEtGcW9CSFJkYWM5Vmc2SWZ3dEQ5NTg2c2Nvc056N3JKelZzZ0d6Wm4yQkRQeVc2aWxERlE3NzhlQ1kzOVQrY1VtU21sSEhqZUFpTzk5SGJJMW9CdEcyR0poNlVLaWQ3TmZKdnh1anhYK2g4eWs0ZUphdy9RSE5JN3NXWUkvVm5HZmZ6UmlpNGlBTUcvQ0lpbVRWcUN3SjVzMGFpY28wQzdhV3Q3U1FaazFWTnhFWDUydFJOcXkwZnpOUzdDNlpJU0pxRmJPQU5BV3BUMHUyNExhbDcxV21sOThqeGNDZUNRNy9OaGdaNVNoODVyc3I4cVpweWJYbTcvMDRqbFoxNml4djhHQmY2UURJWlV1QWtYdVhLRTMwYzY1d24zbU0wNytRZEFlSE9mWUh6WHVXYWlXaXJrSUdxVEtlRVh0MW5WcmlWaTJQRnhHSGVOVzdOb3pMdUVUQURZdWpCdWRlTTdrMzZvSzJHVXVSUnJiVVJmdmp4bDBxU0xzWlo2Tlh0bzdxbEptQ3k2TWpVb2JQMWkzOXIwS3ErazZFbi9rSjAzaVJuNWNpY2MxYThNL2RQMEZVSzI5aFpQbnorWTRZeFFGWm9SYlNrWmI1WmwydWJxYWNRMGxDdmRBUm1ROHdCTHZTczlGT2NFVzIrUTNGY2pOY3BlRTVSdEhzU0xNT1ZaeVlDNVBVV2NDK0hTdFYzNFpFeHYxSnpIaHZ6UlVUZ2ZkNzREMExxQUhLWm5QR1BUcnhQenovcGl0WkdmTHRtWDZ4ZE9rMlJkNHpPNDlJRm1jczZoZm9JY2tBbVVZVjVVMWZTMUpGTGVoUEVVQVgxbngzNTJ5WWZORWx6RDZLeWlvV0NYWVIzYkR3RHpNdkhGUitVNlJuTVRvcFBITE1UTWt5TndFMjdaNGplTDAvTHZWbWFDblhqRWo3QzNQSGtvTDF0RXp6ODllcmU2eEFBb2NqR3U0cEpVZmxnRyt3dEJVM2lwL0VzMkdmYk95SG5maFJmaUQ5N0hCTm9BODh4TVFvcWRzTlcrdVVLbVk1MVlIVTNPQ3FtcWxNTTBYNFQvL3dDK2Z1VDJsZkk3OWJZU2FOViszSTlLZXViOTVmeHRLWlF2dEM1U0VpM3FTOU52ZUNKODQ5SDV4Q0FZNTdIcGUzcFhJU0Z0VGhYa2MwVHdGdW16ZzE0clVWSXN4eHdXZ2VlTmtqUkRuZ2JucjlWamowQzBVSDFXbGNSbGR6am42cnRBUm8xZ3dFWGlPakVISmc1MWFOZ2ZNYithVnlDekFlZzlGUCtCaDhJWW12Rkw2L2QrSEcxZVpZbExhQ1NCSG0yQWxJMUF0ZDlnWmFvVXUydFNNbmRiek01MkUxZDM0bU1ueEVWdjBaUUs4ZkRrVWIyb1h1UEpVOHdNb2hBKzBoM1JsSlVOb05taXZVN2NpN3ZOelpBbVVLY2d3cExhTjR5aEw0dHVQTmVjWHJENjFXQlhvTmlPT0lhQncyRktwSkVmb1VCLS01NUdIemZZbmw0NXh3MFN6djVaOTlRPT0%3D--2bd3cddf79760962a44bb709345cd8f45f2cc67f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Tue, 15 Sep 2020 21:09:05 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Origin
ETag
W/"3e33d44525add3c6890391c8ffb0d792"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
_portal3_session=OTJKZEFsN0FDLzBCVFdZR2k1cnhDUjJGZmVNWDVmK0tHaGMvNnhOdjFlVnd6TCtFbFFCT3pUa1dvMk9xcm5wR2FJckg0WTB4YkRQTU11clpZT2E0M09zS1B5NHorRDVLc1RrQWtxUHpnNlVGUHp2TjhQWlJGNVJZUFN5bFBKMTRydGlUeFhoWTNTa2tjNitkOS9JS0xnPT0tLW02ckV3K1phUXJnQUZhejVvVzhVd0E9PQ%3D%3D--707094ecfe025b3cc11e3cb0723d39dcb393f855; domain=.my.redcanary.co; path=/; HttpOnly; secure; SameSite=Lax
X-Request-Id
815d2f7c-62c6-4d41-9093-8020c5deb3a5
X-Runtime
0.919543
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 15 Sep 2020 21:09:04 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://vshl.my.redcanary.co/users/sign_in
Cache-Control
no-cache
Set-Cookie
_portal_saml_redirect_to=d09PZkFEaUc3L01tR1JzSnhiZFR4c2lzS2QvYmNFQmhiR1NROFFueXhBazg0Rm10eUxQcDVaOHlRYi81ck9uM3RKQUc5TmxWOFQ1RlRESCtZWjh1VnhycldGOUZNT2JwZkd5aFB4U0kvTXpGajEwYTJZeDlzbkkyb0t5MTFETFhxR1RINEM5YnFVWE1oYTkwRHFHZDZPRnR6RC9rWkZLeXRrRnhNbFliN1kraGVCVHJRcEtHckVXaVNtOGh6UlE3dHY0T05ER3VDR0YzM1FsOFBYS09qTUMrZEtGcW9CSFJkYWM5Vmc2SWZ3dEQ5NTg2c2Nvc056N3JKelZzZ0d6Wm4yQkRQeVc2aWxERlE3NzhlQ1kzOVQrY1VtU21sSEhqZUFpTzk5SGJJMW9CdEcyR0poNlVLaWQ3TmZKdnh1anhYK2g4eWs0ZUphdy9RSE5JN3NXWUkvVm5HZmZ6UmlpNGlBTUcvQ0lpbVRWcUN3SjVzMGFpY28wQzdhV3Q3U1FaazFWTnhFWDUydFJOcXkwZnpOUzdDNlpJU0pxRmJPQU5BV3BUMHUyNExhbDcxV21sOThqeGNDZUNRNy9OaGdaNVNoODVyc3I4cVpweWJYbTcvMDRqbFoxNml4djhHQmY2UURJWlV1QWtYdVhLRTMwYzY1d24zbU0wNytRZEFlSE9mWUh6WHVXYWlXaXJrSUdxVEtlRVh0MW5WcmlWaTJQRnhHSGVOVzdOb3pMdUVUQURZdWpCdWRlTTdrMzZvSzJHVXVSUnJiVVJmdmp4bDBxU0xzWlo2Tlh0bzdxbEptQ3k2TWpVb2JQMWkzOXIwS3ErazZFbi9rSjAzaVJuNWNpY2MxYThNL2RQMEZVSzI5aFpQbnorWTRZeFFGWm9SYlNrWmI1WmwydWJxYWNRMGxDdmRBUm1ROHdCTHZTczlGT2NFVzIrUTNGY2pOY3BlRTVSdEhzU0xNT1ZaeVlDNVBVV2NDK0hTdFYzNFpFeHYxSnpIaHZ6UlVUZ2ZkNzREMExxQUhLWm5QR1BUcnhQenovcGl0WkdmTHRtWDZ4ZE9rMlJkNHpPNDlJRm1jczZoZm9JY2tBbVVZVjVVMWZTMUpGTGVoUEVVQVgxbngzNTJ5WWZORWx6RDZLeWlvV0NYWVIzYkR3RHpNdkhGUitVNlJuTVRvcFBITE1UTWt5TndFMjdaNGplTDAvTHZWbWFDblhqRWo3QzNQSGtvTDF0RXp6ODllcmU2eEFBb2NqR3U0cEpVZmxnRyt3dEJVM2lwL0VzMkdmYk95SG5maFJmaUQ5N0hCTm9BODh4TVFvcWRzTlcrdVVLbVk1MVlIVTNPQ3FtcWxNTTBYNFQvL3dDK2Z1VDJsZkk3OWJZU2FOViszSTlLZXViOTVmeHRLWlF2dEM1U0VpM3FTOU52ZUNKODQ5SDV4Q0FZNTdIcGUzcFhJU0Z0VGhYa2MwVHdGdW16ZzE0clVWSXN4eHdXZ2VlTmtqUkRuZ2JucjlWamowQzBVSDFXbGNSbGR6am42cnRBUm8xZ3dFWGlPakVISmc1MWFOZ2ZNYithVnlDekFlZzlGUCtCaDhJWW12Rkw2L2QrSEcxZVpZbExhQ1NCSG0yQWxJMUF0ZDlnWmFvVXUydFNNbmRiek01MkUxZDM0bU1ueEVWdjBaUUs4ZkRrVWIyb1h1UEpVOHdNb2hBKzBoM1JsSlVOb05taXZVN2NpN3ZOelpBbVVLY2d3cExhTjR5aEw0dHVQTmVjWHJENjFXQlhvTmlPT0lhQncyRktwSkVmb1VCLS01NUdIemZZbmw0NXh3MFN6djVaOTlRPT0%3D--2bd3cddf79760962a44bb709345cd8f45f2cc67f; path=/; secure; HttpOnly; SameSite=Lax
X-Request-Id
8ed803a8-e63a-464b-bc6c-6c6299a5fa71
X-Runtime
0.026427
Vary
Origin
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
application-b4b083d95fe620bca4d192d3e61316cf91047f2ab4fc3b473b127954fc64df6e.css
vshl.my.redcanary.co/assets/ 		1 MB
126 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vshl.my.redcanary.co/assets/application-b4b083d95fe620bca4d192d3e61316cf91047f2ab4fc3b473b127954fc64df6e.css
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.21.138.247 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-138-247.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
30295945f5ef800942ce34140b30c1926d548a2967cfcc021796ee3f09602733

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 21:09:05 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
keep-alive
Content-Length
128389
Expires
Wed, 15 Sep 2021 21:09:05 GMT
jquery-1.11.2.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Origin
https://vshl.my.redcanary.co
Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 21:09:05 GMT
content-encoding
gzip
last-modified
Wed, 17 Dec 2014 16:05:21 GMT
server
nginx
status
200
etag
W/"5491a9c1-176bb"
vary
Accept-Encoding
x-hw
1600204145.dop102.fr8.t,1600204145.cds224.fr8.hn,1600204145.cds202.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33262
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://vshl.my.redcanary.co
Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 21:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Origin
https://vshl.my.redcanary.co
Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 21:09:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1903313
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0535329cfe00002b412b15c200000001
timing-allow-origin
*
last-modified
Tue, 14 Jul 2020 20:03:46 GMT
server
cloudflare
etag
W/"5f0e0fa2-4041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 05 Sep 2021 21:09:05 GMT
cache-control
public, max-age=30672000
cf-ray
5d3553a7f8b62b41-FRA
served-in-seconds
0.001
plotly-1.17.3.min.js
cdn.plot.ly/ 		2 MB
519 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plot.ly/plotly-1.17.3.min.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1bb8251cd332dfe7aec950a364aa1021e85c5f6c952be57feecf1e30f5a448c

Request headers

Origin
https://vshl.my.redcanary.co
Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 21:09:06 GMT
content-encoding
gzip
age
1
x-cache
MISS
status
200
content-length
530322
x-amz-id-2
D2EoxYXG2TBZVnC9yzLGz6iUboxmi0hdkqUVYl44Upi6Qzd14wAz+MyyfBQlAJCId8qrQ1rrnjk=
x-served-by
cache-hhn4036-HHN
access-control-allow-origin
*
last-modified
Thu, 22 Sep 2016 17:18:06 GMT
server
AmazonS3
x-timer
S1600204146.022909,VS0,VE951
etag
"b8e557ea7803d04fa314a5e2ba0aa23c"
vary
Accept-Encoding
x-amz-request-id
D49188EC58080080
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0
client.min.js
cdnjs.cloudflare.com/ajax/libs/airbrake-js/1.6.7/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/airbrake-js/1.6.7/client.min.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daf6f4220497e701c57b2170868b5f9b13610e552f3df90082c4daeb251952d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Origin
https://vshl.my.redcanary.co
Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 21:09:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1727224
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9435
cf-request-id
0535329cfe00002b412b15d200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:09 GMT
server
cloudflare
etag
"5eb03cf9-868e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d3553a7f8b92b41-FRA
expires
Sun, 05 Sep 2021 21:09:05 GMT
autotrack.js
cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/autotrack.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Origin
https://vshl.my.redcanary.co
Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 21:09:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1903771
content-security-policy-report-only
default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=5d3553ae5f6e2b41
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7172
cf-request-id
053532a0f900002b412b1a7200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:05:53 GMT
server
cloudflare
etag
"5eb03d61-60d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d3553ae5f6e2b41-FRA
expires
Sun, 05 Sep 2021 21:09:06 GMT
application-be0bffeb84b4b22207ecd1ba3aea7092df4dca5b279ea01e83d047505a1af7dd.js
vshl.my.redcanary.co/assets/ 		2 MB
508 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vshl.my.redcanary.co/assets/application-be0bffeb84b4b22207ecd1ba3aea7092df4dca5b279ea01e83d047505a1af7dd.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.21.138.247 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-138-247.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
be0bffeb84b4b22207ecd1ba3aea7092df4dca5b279ea01e83d047505a1af7dd

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 21:09:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Content-Length
519598
Expires
Wed, 15 Sep 2021 21:09:06 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
churnzero.js
analytics.churnzero.net/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.churnzero.net/churnzero.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.173.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-173-194.compute-1.amazonaws.com
Software
/
Resource Hash
80f4b0ef19a8989741c5ba2e3b1429e11bfa4a2df44dac2ce0fcbff122e6cfac

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 21:09:07 GMT
content-encoding
br
last-modified
Tue, 15 Sep 2020 12:46:48 GMT
etag
"1d68b5e46856886"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=900, private
accept-ranges
bytes
expires
Tue, 15 Sep 2020 21:24:07 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
2126
date
Tue, 15 Sep 2020 20:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Tue, 15 Sep 2020 22:33:41 GMT
logo-dark-36d3799b8de9c60e894a35e8dc440c1592c27b1cbde12fea51accb72ea8410e9.png
vshl.my.redcanary.co/assets/subdomain_profile/default/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vshl.my.redcanary.co/assets/subdomain_profile/default/logo-dark-36d3799b8de9c60e894a35e8dc440c1592c27b1cbde12fea51accb72ea8410e9.png
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.21.138.247 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-138-247.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
36d3799b8de9c60e894a35e8dc440c1592c27b1cbde12fea51accb72ea8410e9

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 21:09:07 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29791
Expires
Wed, 15 Sep 2021 21:09:07 GMT
collect
www.google-analytics.com/j/ 		1 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1474544123&t=pageview&_s=1&dl=https%3A%2F%2Fvshl.my.redcanary.co%2Fusers%2Fsign_in&ul=en-us&de=UTF-8&dt=Red%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1536776458&gjid=1695758220&cid=1518724422.1600204147&tid=UA-52702906-2&_gid=1888977675.1600204147&_r=1&_av=2.4.1&_au=37e&cd1=vshl&cd2=none&cd3=&cd4=paid&did=i5iSjo&z=1732919988
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Sep 2020 21:09:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://vshl.my.redcanary.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1177.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1177.min.js
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67f243af83cf56b2fd0fb502ab9f7a8533500e2571b4459d5bf6f6481a2da4ca

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 21:09:08 GMT
content-encoding
gzip
x-amz-request-id
4F930AF2622C2177
x-cache
HIT
status
200
content-length
10405
x-amz-id-2
U7tObmI036MTRpBI0DMqANsZED0ff6ySLFb6J6xUAvrjeydJkzxfcOtpUXwF34MJgKtcfhq4e+o=
x-served-by
cache-hhn4066-HHN
last-modified
Tue, 18 Aug 2020 17:23:32 GMT
server
AmazonS3
x-timer
S1600204148.184074,VS0,VE0
etag
"97c8d5802b0de603104986846cdc509a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
23522
4959331d8a
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/4959331d8a?a=9738878&v=1177.96a4d39&to=cFtZEEtbWFkDFh1XUkVdRAEWR1FGFQ1dXUQcWlIT&rst=4830&ck=1&ref=https://vshl.my.redcanary.co/users/sign_in&ap=917&be=2533&fe=4717&dc=3958&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1600204143372,%22n%22:0,%22f%22:1434,%22dn%22:1434,%22dne%22:1434,%22c%22:1434,%22ce%22:1434,%22rq%22:1435,%22rp%22:2522,%22rpe%22:2523,%22dl%22:2526,%22di%22:3958,%22ds%22:3958,%22de%22:3971,%22dc%22:4717,%22l%22:4717,%22le%22:4718%7D,%22navigation%22:%7B%7D%7D&fp=4100&fcp=4100&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1177.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
4959331d8a
bam.nr-data.net/resources/1/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/4959331d8a?a=9738878&v=1177.96a4d39&to=cFtZEEtbWFkDFh1XUkVdRAEWR1FGFQ1dXUQcWlIT&rst=5422&ck=1&ref=https://vshl.my.redcanary.co/users/sign_in&st=1600204143372
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://vshl.my.redcanary.co
Access-Control-Allow-Credentials
true
Content-Length
0
Content-Type
text/plain
4959331d8a
bam.nr-data.net/events/1/ 		24 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/4959331d8a?a=9738878&v=1177.96a4d39&to=cFtZEEtbWFkDFh1XUkVdRAEWR1FGFQ1dXUQcWlIT&rst=14830&ck=1&ref=https://vshl.my.redcanary.co/users/sign_in
Requested by
Host: vshl.my.redcanary.co
URL: https://vshl.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://vshl.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://vshl.my.redcanary.co
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| NREUM object| newrelic function| __nr_require boolean| supportsES6 function| $ function| jQuery object| jQuery1112005052864636729004 function| _ object| __TYPEDARRAY_POOL object| __TEXT_CACHE object| Plotly object| airbrakeJs function| setImmediate function| clearImmediate function| showConfetti function| showNextConfettiModal function| custom_check_master_changed function| custom_check_changed function| show_custom_check_action_bar function| hide_custom_check_action_bar function| custom_check_values function| custom_check_submit_action function| search_for_endpoints function| endpoints_precheck_decommission_multiple function| endpoints_precheck_safe_mode_multiple function| endpoints_precheck_remove_safe_mode_multiple function| endpoints_precheck_isolate_multiple function| endpoints_precheck_deisolate_multiple function| incrementTextTemplate function| initializeTributeForTextTemplates function| submit_shared_search_and_submit_form function| _classCallCheck function| _inherits function| _toConsumableArray function| createElements function| randomPhysics function| updateFetti function| animate function| backwardPatch function| confetti function| _defineProperty function| _objectWithoutProperties function| addFlashMessage function| addFlashMessageSafe function| apiRequestJSON function| preventClick function| rcAlert function| rcConfirm function| updateDate function| cleanup_missing_clearbit_logos function| populate_sjrs function| populate_sjr function| createCookie function| readCookie function| eraseCookie function| can function| redact_if function| manually_collapse_main_sidenav function| Haml function| BrowserRouter function| HashRouter function| Link function| MemoryRouter function| NavLink function| Prompt function| Redirect function| Route function| Router function| StaticRouter function| Switch function| generatePath function| matchPath function| withRouter function| _createClass function| _get function| TextTemplateList function| CanaryForwarderHealthShell function| CustomerExternalAlertSourceIndexAlertSource function| CustomerExternalAlertSourceIndexApp function| CustomerExternalAlertSourceIndexPlatformCategory function| CustomerExternalAlertsDataFlow object| defaultColors object| defaults function| ExecCondition function| ExecConditionForm function| ErrorList function| ExecApp function| ExecNav function| ExecBaseActionExecution function| _extends function| ExecBaseActionExecutionBuilder function| ExecActionExecutionsAddOktaUserToGroup function| ExecActionExecutionsBanHashes function| ExecActionExecutionsClearOktaUserSessions function| ExecActionExecutionsCommentOnExternalAlert function| ExecActionExecutionsDeleteAndCaptureFile function| ExecActionExecutionsDeleteRegistry function| ExecActionExecutionsIsolateEndpoint function| ExecActionExecutionsKillProcess function| ExecActionExecutionsQuarantineFile function| ExecActionExecutionsRemoveOktaUserFromGroup function| ExecActionExecutionsSuspendOktaUser function| ExecActionExecutionsUnsuspendOktaUser function| ExecActionExecutionsUpdateStateOfExternalAlert function| ExecActionInputWithInterpolation function| ExecActionSidebarByTechnology function| ExecBaseAction function| ExecActionsAddOktaUserToGroup function| ExecActionsBanHashes function| ExecActionsCallPhoneNumber function| ExecActionsClearOktaUserSessions function| ExecActionsCollectForensicsPackage function| ExecActionsCommentOnExternalAlert function| ExecActionsDecommissionEndpoint function| ExecActionsDeisolateEndpoint function| ExecActionsDeleteAndCaptureFile function| ExecActionsDeleteAndCaptureFileCapture function| ExecActionsDeleteAndCaptureFileDelete function| ExecActionsDeleteRegistry function| ExecActionHelperApprovalNotificationEditor function| ExecActionHelperApprovalNotificationView function| ExecActionHelperApprovalNotificationBaseForm function| ExecActionHelperApprovalNotificationEmailForm function| ExecActionHelperApprovalNotificationSMSForm function| ExecActionHelperApprovalNotificationSlackForm function| ExecActionHelperSMSItemFields function| ExecActionHelperSMSFormFields function| ExecActionsIsolateEndpoint function| ExecActionsKillProcess function| ExecActionsMarkDetectionAsAcknowledged function| ExecActionsMarkDetectionAsNotRemediated function| ExecActionsMarkDetectionAsRemediated function| ExecActionsQuarantineFile function| ExecActionsRemoveOktaUserFromGroup function| ExecActionsResolvePagerDuty function| ExecActionsSendMail function| ExecActionsSendMicrosoftTeamsWebhook function| ExecActionsSendSlackWebhook function| ExecActionsSendSMSMessage function| ExecActionsSendSyslog function| ExecActionsSendWebhook function| ExecActionsSuspendOktaUser function| ExecActionsTriggerPagerDuty function| ExecActionsUnsuspendOktaUser function| ExecActionsUpdateStateOfExternalAlert function| ExecPlaybookHistoryActionExecution function| ExecPlaybookHistoryChangeLog function| ExecPlaybookHistoryPlaybookExecution function| ExecOnDemandPreview function| ExecPlaybook function| ExecPlaybookEditor function| ExecPlaybookExecuteModal function| ExecPlaybookExecution function| ExecPlaybookHistory function| ExecPlaybookListItem function| ExecPlaybookTab function| ExecActionVariableDescription function| ExecTriggersEmptyState function| ExecIncludedPlaybook function| ExecIncludedPlaybookList function| ExecPlaybookSelector function| ExecTriggerForm function| ExecTriggerList function| ExecTriggerListItem function| ExecTriggerTab function| ReportApp function| ReportBase function| ReportGraphAffectedEndpoints function| ReportGraphByTheNumbers function| ReportGraphChevron function| ReportGraphConfirmedThreats function| ReportGraphDetections function| ReportGraphRiskByPlatform function| ReportGraphSquares function| ReportGraphTipoffs function| ReportGraphTriangle function| ReportNav function| AffectedEndpoints function| ByTheNumbers function| Collection function| CompareToOtherOrgs function| ConfirmedThreats function| DetectedThreatsEffectiveness function| ExpertAnalysisAndInvestigation function| IntelAndDetectionEngineering function| MedianTimeToRemediation function| Roi function| SecurityControls function| ErrorBoundary object| Box function| HBox function| VBox function| AutocompleteDropdown function| AutocompleteInput function| Button function| DataFlowSegment function| DataFlowSegmentFlow function| DataFlowSegmentNotice function| Label function| ReactOdometer function| Dropdown function| ToggleButton function| IntelReportingApp function| IntelReportingDetection function| IntelReportingEndpoint function| IntelReportingFullScreenButton object| IntelReportingHeader function| IntelReportingLoading object| IntelReportingTimeline function| IntelReportingBaseActivity function| IntelReportingBlockquote function| IntelReportingDetectionAcknowledgedActivity function| IntelReportingDetectionMarkedNotRemediatedActivity function| IntelReportingDetectionMarkedRemediatedActivity function| IntelReportingDetectionNoteAddedActivity function| IntelReportingDetectionPublishedActivity function| IntelReportingDetectionSubstantiallyUpdatedActivity function| IntelReportingDetectorActivatedActivity function| IntelReportingDetectorUpdatedActivity function| IntelReportingIntelIndicatorCreatedActivity function| IntelReportingPotentiallyThreateningActivityActivity function| IntelReportingThreatHuntCompleteActivity function| IntelReportingAppContainer function| IgnoredTargetedProductForm function| IgnoredTargetedProductsRow function| IgnoredTargetedProductsTable function| TargetedProductsRow function| TargetedProducts function| TargetedProductsTable function| moment object| d3 function| daterangepicker function| Odometer function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| s object| Subdomains object| Common function| reset_tablesorter function| refilter_detections_table function| initDetectionClassifications function| search_for_endpoint_users function| refilter_endpoints_table function| initialize_inbox function| plot_endpoints_active_over_time function| toggleMark function| toggleIndicatorCommandLine function| toggleIndicatorFieldInclusion function| plot_mttd function| plot_stacked_bar function| plot_risk function| plot_per_endpoint_risk object| g_hide_popover_timeouts function| EdgeTable function| DataLoader function| change_focused_vertex function| Tree function| ProcessTree object| TextTemplates function| Bloodhound object| React object| ReactDOM function| createReactClass object| PropTypes object| ReactRailsUJS object| ReactRouterDOM object| Redux object| ReactRedux object| ReduxThunk function| ExecList object| ReportActions object| ReportReducers object| IntelReportingActions object| IntelReportingAppC object| IntelReportingReducers function| Tribute string| organization_name string| customer_shortname string| external_service_name object| subdomain string| api_url string| master_url object| current_user string| support_email object| egress_ips object| user_abilities boolean| user_signed_in object| airbrake function| ga object| gaDevIds object| gaplugins function| mark_setup_complete object| ChurnZero string| GoogleAnalyticsObject object| exec object| nowElement object| google_tag_data object| gaGlobal object| gaData object| __tracerCZ

5 Cookies

Domain/Path Name / Value
.redcanary.co/ Name: _gid
Value: GA1.2.1888977675.1600204147
.redcanary.co/ Name: _ga
Value: GA1.2.1518724422.1600204147
.redcanary.co/ Name: _gat
Value: 1
.my.redcanary.co/ Name: _portal3_session
Value: OTJKZEFsN0FDLzBCVFdZR2k1cnhDUjJGZmVNWDVmK0tHaGMvNnhOdjFlVnd6TCtFbFFCT3pUa1dvMk9xcm5wR2FJckg0WTB4YkRQTU11clpZT2E0M09zS1B5NHorRDVLc1RrQWtxUHpnNlVGUHp2TjhQWlJGNVJZUFN5bFBKMTRydGlUeFhoWTNTa2tjNitkOS9JS0xnPT0tLW02ckV3K1phUXJnQUZhejVvVzhVd0E9PQ%3D%3D--707094ecfe025b3cc11e3cb0723d39dcb393f855
vshl.my.redcanary.co/ Name: _portal_saml_redirect_to
Value: d09PZkFEaUc3L01tR1JzSnhiZFR4c2lzS2QvYmNFQmhiR1NROFFueXhBazg0Rm10eUxQcDVaOHlRYi81ck9uM3RKQUc5TmxWOFQ1RlRESCtZWjh1VnhycldGOUZNT2JwZkd5aFB4U0kvTXpGajEwYTJZeDlzbkkyb0t5MTFETFhxR1RINEM5YnFVWE1oYTkwRHFHZDZPRnR6RC9rWkZLeXRrRnhNbFliN1kraGVCVHJRcEtHckVXaVNtOGh6UlE3dHY0T05ER3VDR0YzM1FsOFBYS09qTUMrZEtGcW9CSFJkYWM5Vmc2SWZ3dEQ5NTg2c2Nvc056N3JKelZzZ0d6Wm4yQkRQeVc2aWxERlE3NzhlQ1kzOVQrY1VtU21sSEhqZUFpTzk5SGJJMW9CdEcyR0poNlVLaWQ3TmZKdnh1anhYK2g4eWs0ZUphdy9RSE5JN3NXWUkvVm5HZmZ6UmlpNGlBTUcvQ0lpbVRWcUN3SjVzMGFpY28wQzdhV3Q3U1FaazFWTnhFWDUydFJOcXkwZnpOUzdDNlpJU0pxRmJPQU5BV3BUMHUyNExhbDcxV21sOThqeGNDZUNRNy9OaGdaNVNoODVyc3I4cVpweWJYbTcvMDRqbFoxNml4djhHQmY2UURJWlV1QWtYdVhLRTMwYzY1d24zbU0wNytRZEFlSE9mWUh6WHVXYWlXaXJrSUdxVEtlRVh0MW5WcmlWaTJQRnhHSGVOVzdOb3pMdUVUQURZdWpCdWRlTTdrMzZvSzJHVXVSUnJiVVJmdmp4bDBxU0xzWlo2Tlh0bzdxbEptQ3k2TWpVb2JQMWkzOXIwS3ErazZFbi9rSjAzaVJuNWNpY2MxYThNL2RQMEZVSzI5aFpQbnorWTRZeFFGWm9SYlNrWmI1WmwydWJxYWNRMGxDdmRBUm1ROHdCTHZTczlGT2NFVzIrUTNGY2pOY3BlRTVSdEhzU0xNT1ZaeVlDNVBVV2NDK0hTdFYzNFpFeHYxSnpIaHZ6UlVUZ2ZkNzREMExxQUhLWm5QR1BUcnhQenovcGl0WkdmTHRtWDZ4ZE9rMlJkNHpPNDlJRm1jczZoZm9JY2tBbVVZVjVVMWZTMUpGTGVoUEVVQVgxbngzNTJ5WWZORWx6RDZLeWlvV0NYWVIzYkR3RHpNdkhGUitVNlJuTVRvcFBITE1UTWt5TndFMjdaNGplTDAvTHZWbWFDblhqRWo3QzNQSGtvTDF0RXp6ODllcmU2eEFBb2NqR3U0cEpVZmxnRyt3dEJVM2lwL0VzMkdmYk95SG5maFJmaUQ5N0hCTm9BODh4TVFvcWRzTlcrdVVLbVk1MVlIVTNPQ3FtcWxNTTBYNFQvL3dDK2Z1VDJsZkk3OWJZU2FOViszSTlLZXViOTVmeHRLWlF2dEM1U0VpM3FTOU52ZUNKODQ5SDV4Q0FZNTdIcGUzcFhJU0Z0VGhYa2MwVHdGdW16ZzE0clVWSXN4eHdXZ2VlTmtqUkRuZ2JucjlWamowQzBVSDFXbGNSbGR6am42cnRBUm8xZ3dFWGlPakVISmc1MWFOZ2ZNYithVnlDekFlZzlGUCtCaDhJWW12Rkw2L2QrSEcxZVpZbExhQ1NCSG0yQWxJMUF0ZDlnWmFvVXUydFNNbmRiek01MkUxZDM0bU1ueEVWdjBaUUs4ZkRrVWIyb1h1UEpVOHdNb2hBKzBoM1JsSlVOb05taXZVN2NpN3ZOelpBbVVLY2d3cExhTjR5aEw0dHVQTmVjWHJENjFXQlhvTmlPT0lhQncyRktwSkVmb1VCLS01NUdIemZZbmw0NXh3MFN6djVaOTlRPT0%3D--2bd3cddf79760962a44bb709345cd8f45f2cc67f

1 Console Messages

Source Level URL
Text
console-api info URL: https://vshl.my.redcanary.co/assets/application-be0bffeb84b4b22207ecd1ba3aea7092df4dca5b279ea01e83d047505a1af7dd.js(Line 210)
Message:
%cDownload the React DevTools for a better development experience: https://fb.me/react-devtools font-weight:bold

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.churnzero.net
bam.nr-data.net
cdn.plot.ly
cdnjs.cloudflare.com
code.jquery.com
js-agent.newrelic.com
lanternalauth.com
maxcdn.bootstrapcdn.com
veteransunited.backstory.chronicle.security
vshl.my.redcanary.co
www.google-analytics.com
151.101.114.110
151.101.194.217
162.247.242.21
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2a
2600:1901:0:b7b5::
2606:4700::6811:4e6b
2a00:1450:4001:80b::200e
2a00:1450:4001:81f::2004
3.21.138.247
54.211.173.194
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30295945f5ef800942ce34140b30c1926d548a2967cfcc021796ee3f09602733
36d3799b8de9c60e894a35e8dc440c1592c27b1cbde12fea51accb72ea8410e9
3e33d44525add3c6890391c8ffb0d792c3b38ec56ec90e7806690fa97f05d126
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
67f243af83cf56b2fd0fb502ab9f7a8533500e2571b4459d5bf6f6481a2da4ca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80f4b0ef19a8989741c5ba2e3b1429e11bfa4a2df44dac2ce0fcbff122e6cfac
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a1bb8251cd332dfe7aec950a364aa1021e85c5f6c952be57feecf1e30f5a448c
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
be0bffeb84b4b22207ecd1ba3aea7092df4dca5b279ea01e83d047505a1af7dd
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
daf6f4220497e701c57b2170868b5f9b13610e552f3df90082c4daeb251952d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855