urlscan.io logo urlscan.io
SecurityTrails logo

lillyatp.my.redcanary.co Open in urlscan Pro
3.140.2.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lillyatp.my.redcanary.co/detections/431
Effective URL: https://lillyatp.my.redcanary.co/users/sign_in
Submission Tags: falconsandbox
Submission: On February 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 3.140.2.1, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is lillyatp.my.redcanary.co.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 26th 2020. Valid for: 2 years.
This is the only time lillyatp.my.redcanary.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 3.140.2.1 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.164.248.93 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.130.137 54113 (FASTLY)
1 162.247.243.146 13335 (CLOUDFLAR...)
19 8
8    3.140.2.1 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-2-1.us-east-2.compute.amazonaws.com
lillyatp.my.redcanary.co
5    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700:10::6816:335d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.datatables.net
1    54.164.248.93 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-248-93.compute-1.amazonaws.com
analytics.churnzero.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
8 redcanary.co
lillyatp.my.redcanary.co
791 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
468 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 4794
37 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 311
711 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 306
14 KB
1 churnzero.net
analytics.churnzero.net — Cisco Umbrella Rank: 18504
139 KB
19 7
Domain Requested by
8 lillyatp.my.redcanary.co 1 redirects lillyatp.my.redcanary.co
5 cdnjs.cloudflare.com lillyatp.my.redcanary.co
2 www.google-analytics.com lillyatp.my.redcanary.co
2 cdn.datatables.net lillyatp.my.redcanary.co
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com lillyatp.my.redcanary.co
1 analytics.churnzero.net lillyatp.my.redcanary.co
19 7

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.microsoft.com
docs.microsoft.com
Subject Issuer Validity Valid
*.my.redcanary.co
GeoTrust RSA CA 2018		 2020-03-26 -
2022-04-25		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.churnzero.net
Amazon		 2022-01-03 -
2023-02-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lillyatp.my.redcanary.co/users/sign_in
Frame ID: 70B574BACAD5784587C453C9B09090D1
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Red Canary

Page URL History Show full URLs

  1. https://lillyatp.my.redcanary.co/detections/431 HTTP 302
    https://lillyatp.my.redcanary.co/users/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

1470 kB
Transfer

10667 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lillyatp.my.redcanary.co/detections/431 HTTP 302
    https://lillyatp.my.redcanary.co/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
lillyatp.my.redcanary.co/users/
Redirect Chain
  • https://lillyatp.my.redcanary.co/detections/431
  • https://lillyatp.my.redcanary.co/users/sign_in
36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.140.2.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-2-1.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
922a0074ed8f53d20ecd966aa9648da66eaf42359bbaff832e50aaf11eb3fc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 21 Feb 2022 01:26:04 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Origin
ETag
W/"922a0074ed8f53d20ecd966aa9648da6"
Cache-Control
max-age=0, private, must-revalidate
X-Request-Id
7dcaebb5-c457-4297-922b-901bef78aa7a
X-Runtime
0.095260
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 21 Feb 2022 01:26:04 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://lillyatp.my.redcanary.co/users/sign_in
Cache-Control
no-cache
X-Request-Id
8ff53d48-880e-40b7-aebc-97430a1bf848
X-Runtime
0.014283
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Vary
Origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
application-3d7d69cbb3e1b93d421f58eb5282bdf0e6edd03588763ad9a58ee06606518d37.css
lillyatp.my.redcanary.co/assets/ 		6 MB
289 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/assets/application-3d7d69cbb3e1b93d421f58eb5282bdf0e6edd03588763ad9a58ee06606518d37.css
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.140.2.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-2-1.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
610da12b3df105b8371e4d61b4dca8527dd8c518de29eae49575c93a6b74c9f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 01:26:04 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
keep-alive
Content-Length
295604
Expires
Tue, 21 Feb 2023 01:26:04 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 01:26:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
507457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29919
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-176de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slp%2FUhK43xADPUFEkE6RfsuAIwGr40CMar%2B%2Bvmks7o%2FlYOsnxHkVWSIz2QOWZq9oZKHvFpespInB5%2F00fItROblDWo6KVKymuq9uBFYOwvGxcr6LhYtFmOVsAbMsU%2FSlTW1oOed%2BQBeLfHnUp8oA3kqD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e0c2f382c849136-FRA
expires
Sat, 11 Feb 2023 01:26:04 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 01:26:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2295620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8722
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTJSCzYfX4twOibMVfVPOMlWjQFga%2BrVmuQO2Z%2BlORf4G6TpteTTZwr8nIguTJaOI5dKFsF8kgGh%2BIYSeGdjFbuHaxqPboX1ockw3UE6YsWsbN2iFKhn1TWHCMtzwVYMON3ueAx2WieNE1Yg26e2TXMD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e0c2f382c879136-FRA
expires
Sat, 11 Feb 2023 01:26:04 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 01:26:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1488020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5303
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04015-4041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnQjqdbTDlCfdsk%2FUBKgEj%2FZN%2FGQXRtxObB2Nv21qJj91vKSjOzvKYiYmAb5CHP%2B1JCO8tsOE0qtXVxLPeLLYGsUpPKCCcsS6cMItmBlMxMKlFhW2dHmAwDTch1dfD57wu205J1CYJ9cv18rAiMbaT99"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e0c2f382c889136-FRA
expires
Sat, 11 Feb 2023 01:26:04 GMT
plotly.min.js
cdnjs.cloudflare.com/ajax/libs/plotly.js/1.17.3/ 		2 MB
417 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/plotly.js/1.17.3/plotly.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1bb8251cd332dfe7aec950a364aa1021e85c5f6c952be57feecf1e30f5a448c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 01:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
425766
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f90-1b5050"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4lKd4HOpVLchS6H5IHKwS3eXCl8KRPaFyJHrhCP4WqNOdFU9zZ7yPVYBgvk6GiaY2i894t0omjtUxpTLWNsc19zXttj99WI0xDuK1c%2BIs%2FaStdf2J9CK4gMj%2BHir%2FWPih1736TCplsywWVslRvpqn7h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e0c2f382c899136-FRA
expires
Sat, 11 Feb 2023 01:26:05 GMT
autotrack.js
cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/autotrack.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 01:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1486459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7172
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:05:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d61-60d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ0JZaTqhN%2F5tv0mxoU5QOTbSzsGsFmjdcTY5xma1aCGmsuIHuXUc6D1fr2TI7vhnFVmSF7oY3kqLvyDnqIxDnCvOIhwxlPBgXKnsuV5y17eqRVBcUNm%2BfH7TZcnhPTY6EZ7dupHm5IXgg8KdNg6Iw84"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e0c2f3cdb7b9136-FRA
expires
Sat, 11 Feb 2023 01:26:05 GMT
datatables.min.js
cdn.datatables.net/v/dt/dt-1.11.3/sc-2.0.5/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/v/dt/dt-1.11.3/sc-2.0.5/datatables.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d985473566431d6cf61637eef95ffcad2a599d6bb0a9da5d0d0b351120d8c06

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 01:26:05 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Feb 2022 01:26:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31557600
cf-ray
6e0c2f383dc89052-FRA
datatables.min.css
cdn.datatables.net/v/dt/dt-1.11.3/sc-2.0.5/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/v/dt/dt-1.11.3/sc-2.0.5/datatables.min.css
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc733362065617383a46f88f292f27669f244a6e36aaeea301e5318febd30fba

Request headers

Referer
https://lillyatp.my.redcanary.co/
Origin
https://lillyatp.my.redcanary.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 01:26:05 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 21 Feb 2022 01:26:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31557600
cf-ray
6e0c2f383dc69052-FRA
runtime-9727458175ae3f6cb0ab.js
lillyatp.my.redcanary.co/packs/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/packs/js/runtime-9727458175ae3f6cb0ab.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.140.2.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-2-1.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
db98cc66d8435c20a50f27dff6299b70be326725575c7e03664991c41bc4e320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 01:26:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 18 Feb 2022 23:35:19 GMT
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding, Origin
Content-Length
856
X-XSS-Protection
1; mode=block
935-b6ee2adbe802f10c30ba.js
lillyatp.my.redcanary.co/packs/js/ 		126 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/packs/js/935-b6ee2adbe802f10c30ba.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.140.2.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-2-1.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
17d8c75e0448b1f9001aff323dd5acb9f5a0fcd8d8473e2ef311965332c3d843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 01:26:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 18 Feb 2022 23:35:19 GMT
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding, Origin
Content-Length
40642
X-XSS-Protection
1; mode=block
mount_webpacker_react-bd0dc6a28706ba8dfeae.js
lillyatp.my.redcanary.co/packs/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/packs/js/mount_webpacker_react-bd0dc6a28706ba8dfeae.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.140.2.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-2-1.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
00ecc75abee719dc6ccdcd2169c56cb530c8763e1ab42630a48eefbead5d61d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 01:26:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 18 Feb 2022 23:35:19 GMT
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding, Origin
Content-Length
8830
X-XSS-Protection
1; mode=block
application-4a9cd85ea9f81f31c83bced26ad66aaadd404bcc0ade1b5ddd34590769ccb7cc.js
lillyatp.my.redcanary.co/assets/ 		2 MB
407 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lillyatp.my.redcanary.co/assets/application-4a9cd85ea9f81f31c83bced26ad66aaadd404bcc0ade1b5ddd34590769ccb7cc.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.140.2.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-2-1.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
58473e35f13f185cf66120287ea217f2eb5ea8d6efff4ae9991079dc9d7ca602

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 01:26:05 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Content-Length
416563
Expires
Tue, 21 Feb 2023 01:26:05 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/webp
churnzero.js
analytics.churnzero.net/ 		480 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.churnzero.net/churnzero.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.248.93 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-248-93.compute-1.amazonaws.com
Software
/
Resource Hash
68e8947dc45f21302e235f7608d1dbeaad15927f86126f1ed5226854f59cb7c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 01:26:05 GMT
content-encoding
br
last-modified
Sun, 20 Feb 2022 15:08:00 GMT
etag
"1d8266ba6478823"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, private
x-cz-serverid
91 (1)
accept-ranges
bytes
expires
Mon, 21 Feb 2022 01:41:05 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6672
date
Sun, 20 Feb 2022 23:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 21 Feb 2022 01:34:53 GMT
logo-dark-590a379378ddbd5ae48c774698492b9c8e444aec15b14d56f530053085dda389.png
lillyatp.my.redcanary.co/assets/subdomain_profile/default/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lillyatp.my.redcanary.co/assets/subdomain_profile/default/logo-dark-590a379378ddbd5ae48c774698492b9c8e444aec15b14d56f530053085dda389.png
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.140.2.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-2-1.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
36d3799b8de9c60e894a35e8dc440c1592c27b1cbde12fea51accb72ea8410e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 01:26:05 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29791
Expires
Tue, 21 Feb 2023 01:26:05 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1699892709&t=pageview&_s=1&dl=https%3A%2F%2Flillyatp.my.redcanary.co%2Fusers%2Fsign_in&ul=en-us&de=UTF-8&dt=Red%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=563000081&gjid=1558526275&cid=903129005.1645406766&tid=UA-52702906-2&_gid=595730633.1645406766&_r=1&_slc=1&_av=2.4.1&_au=37e&cd1=lillyatp&cd2=none&cd3=&cd4=paid&did=i5iSjo&z=1646240910
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lillyatp.my.redcanary.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Feb 2022 01:26:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lillyatp.my.redcanary.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1215.min.js
js-agent.newrelic.com/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1215.min.js
Requested by
Host: lillyatp.my.redcanary.co
URL: https://lillyatp.my.redcanary.co/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding
gzip
etag
"615035bb6557b191e767e19087efabaf"
x-amz-request-id
3TXWNXG1XCZ7WRCN
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13666
x-amz-id-2
iA7yrzyB8ODAOGAQI4UR4XXneb1uEsOjL6GlGLLU+6WHyOtwW0oJJDRQuazZSTrz6z2q6JWWZRM=
x-served-by
cache-hhn4052-HHN
last-modified
Mon, 24 Jan 2022 22:13:53 GMT
server
AmazonS3
x-timer
S1645406766.417397,VS0,VE0
date
Mon, 21 Feb 2022 01:26:06 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3740
4959331d8a
bam-cell.nr-data.net/1/ 		49 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/4959331d8a?a=9738878&v=1215.1253ab8&to=cFtZEEtbWFkDFh1XUkVdRAEWR1FGFQ1dXUQcWlIT&rst=2323&ck=1&ref=https://lillyatp.my.redcanary.co/users/sign_in&ap=95&be=706&fe=2294&dc=1630&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1645406764105,%22n%22:0,%22r%22:0,%22re%22:366,%22f%22:366,%22dn%22:366,%22dne%22:366,%22c%22:366,%22ce%22:366,%22rq%22:367,%22rp%22:680,%22rpe%22:682,%22dl%22:684,%22di%22:1629,%22ds%22:1629,%22de%22:1644,%22dc%22:2294,%22l%22:2294,%22le%22:2295%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1662&fcp=1662&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lillyatp.my.redcanary.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 01:26:07 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6e0c2f42680b92b4-FRA

Verdicts & Comments Add Verdict or Comment

329 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| NREUM object| newrelic function| __nr_require boolean| supportsES6 function| $ function| jQuery object| jQuery111204804472920393361 function| _ object| __TYPEDARRAY_POOL object| __TEXT_CACHE object| Plotly object| $jscomp function| $jscomp$lookupPolyfilledValue function| DataTable object| webpackChunk object| ReactRailsUJS function| mountWebpackerReact function| ga object| gaDevIds object| gaplugins function| showConfetti function| showNextConfettiModal function| custom_check_master_changed function| custom_check_num_checked function| custom_check_changed function| show_custom_check_action_bar function| hide_custom_check_action_bar function| custom_check_values function| custom_check_submit_action function| incrementTextTemplate function| initializeTributeForTextTemplates function| submit_shared_search_and_submit_form function| _classCallCheck function| _inherits function| _toConsumableArray function| createElements function| randomPhysics function| updateFetti function| animate function| backwardPatch function| confetti function| _defineProperty function| _objectWithoutProperties function| addFlashMessage function| addFlashMessageSafe function| apiRequestJSON function| preventClick function| rcConfirm function| rcAlert function| updateDate function| cleanup_missing_clearbit_logos function| populate_sjrs function| populate_sjr function| createCookie function| readCookie function| eraseCookie function| can function| redact_if function| manually_collapse_main_sidenav function| copyToClipboardFromInput function| formatHelpURL function| rotateChevron function| Haml function| BrowserRouter function| HashRouter function| Link function| MemoryRouter function| NavLink function| Prompt function| Redirect function| Route function| Router function| StaticRouter function| Switch function| generatePath function| matchPath function| withRouter function| _createClass function| _get function| TextTemplateList function| CustomerExternalAlertSourceIndexAlertSource function| CustomerExternalAlertSourceIndexApp function| CustomerExternalAlertSourceIndexPlatformCategory function| CustomerExternalAlertsDashboard function| CustomerExternalAlertsDashboardAffectedApplications function| CustomerExternalAlertsDashboardAffectedEndpoints function| CustomerExternalAlertsDashboardAffectedIdentities function| CustomerExternalAlertsDashboardAlertSource function| _slicedToArray function| CustomerExternalAlertsDashboardAlertSources function| CustomerExternalAlertsDataFlow object| defaultColors object| defaults function| ExecCondition function| ExecConditionForm function| ErrorList function| ExecApp function| ExecActionTestJsonInterpolationModal function| ExecNav function| ExecBaseActionExecution function| _extends function| ExecBaseActionExecutionBuilder function| ExecActionExecutionsAddOktaUserToGroup function| ExecActionExecutionsAllowUnsignedAppExecution function| ExecActionExecutionsBanDomain function| ExecActionExecutionsBanHashes function| ExecActionExecutionsBanIpAddress function| ExecActionExecutionsClearOktaUserSessions function| ExecActionExecutionsCommentOnExternalAlert function| ExecActionExecutionsDeleteAndCaptureFile function| ExecActionExecutionsDeleteRegistry function| ExecActionExecutionsIsolateEndpoint function| ExecActionExecutionsKillProcess function| ExecActionExecutionsQuarantineFile function| ExecActionExecutionsRemoveOktaUserFromGroup function| ExecActionExecutionsRestrictUnsignedAppExecution function| ExecActionExecutionsSendDetectionToSentinel function| ExecActionExecutionsSuspendOktaUser function| ExecActionExecutionsUnsuspendOktaUser function| ExecActionExecutionsUpdateStateOfExternalAlert function| ExecActionInputWithInterpolation function| ExecActionSidebarByTechnology function| ExecBaseAction function| ExecActionsAddOktaUserToGroup function| ExecActionsAllowUnsignedAppExecution function| ExecActionsBanDomain function| ExecActionsBanHashes function| ExecActionsBanIpAddress function| ExecActionsCallPhoneNumber function| ExecActionsClearOktaUserSessions function| ExecActionsCollectForensicsPackage function| ExecActionsCommentOnExternalAlert function| ExecActionsDecommissionEndpoint function| ExecActionsDeisolateEndpoint function| ExecActionsDeleteAndCaptureFile function| ExecActionsDeleteAndCaptureFileCapture function| ExecActionsDeleteAndCaptureFileDelete function| ExecActionsDeleteRegistry function| ExecActionHelperApprovalNotificationEditor function| ExecActionHelperApprovalNotificationView function| ExecActionHelperApprovalNotificationBaseForm function| ExecActionHelperApprovalNotificationEmailForm function| ExecActionHelperApprovalNotificationSMSForm function| ExecActionHelperApprovalNotificationSlackForm function| ExecActionHelperApprovalNotificationMicrosoftTeamsForm function| ExecActionHelperPagerDutyHelp function| ExecActionHelperSMSItemFields function| ExecActionHelperSMSFormFields function| ExecActionsIsolateEndpoint function| ExecActionsKillProcess function| ExecActionsMarkDetectionAsAcknowledged function| ExecActionsMarkDetectionAsNotRemediated function| ExecActionsMarkDetectionAsRemediated function| ExecActionsQuarantineFile function| ExecActionsRemoveOktaUserFromGroup function| ExecActionsResolvePagerDuty function| ExecActionsRestrictUnsignedAppExecution function| ExecActionsSendDetectionToSentinel function| ExecActionsSendMail function| ExecActionsSendMicrosoftTeamsWebhook function| ExecActionsSendSlackWebhook function| ExecActionsSendSMSMessage function| ExecActionsSendSyslog function| ExecActionsSendWebhook function| ExecActionsSuspendOktaUser function| ExecActionsTriggerPagerDuty function| ExecActionsUnsuspendOktaUser function| ExecActionsUpdateStateOfExternalAlert function| ExecPlaybookHistoryActionExecution function| ExecPlaybookHistoryChangeLog function| ExecPlaybookHistoryPlaybookExecution function| ExecOnDemandPreview function| ExecPlaybook function| ExecPlaybookEditor function| ExecPlaybookExecuteModal function| ExecPlaybookExecution function| ExecPlaybookHistory function| ExecPlaybookListItem function| ExecPlaybookTab function| ExecActionVariableDescription function| ExecTriggersEmptyState function| ExecIncludedPlaybook function| ExecIncludedPlaybookList function| ExecPlaybookSelector function| ExecTriggerForm function| ExecTriggerList function| ExecTriggerListItem function| ExecTriggerTab function| ReportApp function| ReportBase function| ReportGraphAffectedEndpoints function| ReportGraphByTheNumbers function| ReportGraphChevron function| ReportGraphConfirmedThreats function| ReportGraphDetections function| ReportGraphRiskByPlatform function| ReportGraphSquares function| ReportGraphTipoffs function| ReportGraphTriangle function| ReportNav function| AffectedEndpoints function| ByTheNumbers function| Collection function| CompareToOtherOrgs function| ConfirmedThreats function| DetectedThreatsEffectiveness function| ExpertAnalysisAndInvestigation function| IntelAndDetectionEngineering function| MedianTimeToRemediation function| Roi function| SecurityControls function| ErrorBoundary object| Box function| HBox function| VBox function| AutocompleteDropdown function| AutocompleteInput function| Button function| DataFlowSegment function| DataFlowSegmentFlow function| DataFlowSegmentNotice function| Label function| ReactOdometer function| Spinner function| Dropdown function| ToggleButton function| IntelReportingApp function| IntelReportingDetection function| IntelReportingEndpoint function| IntelReportingFullScreenButton object| IntelReportingHeader function| IntelReportingLoading object| IntelReportingTimeline function| IntelReportingBaseActivity function| IntelReportingBlockquote function| IntelReportingDetectionAcknowledgedActivity function| IntelReportingDetectionMarkedNotRemediatedActivity function| IntelReportingDetectionMarkedRemediatedActivity function| IntelReportingDetectionNoteAddedActivity function| IntelReportingDetectionPublishedActivity function| IntelReportingDetectionSubstantiallyUpdatedActivity function| IntelReportingDetectorActivatedActivity function| IntelReportingDetectorUpdatedActivity function| IntelReportingEndpointChangesCreatedActivity function| IntelReportingEventInvestigatedActivity function| IntelReportingExternalAlertCorrelatedToEndpointActivity function| IntelReportingExternalAlertCorrelatedToEndpointUserActivity function| IntelReportingIntelIndicatorCreatedActivity function| IntelReportingIntelligenceInsightPublishedActivity function| IntelReportingPlaybookExecutedActivity function| IntelReportingPotentiallyThreateningActivityActivity function| IntelReportingThreatHuntCompleteActivity function| IntelReportingAppContainer function| EndpointLink function| Endpoints function| ExternalAlerts function| RiskBadge function| Identities function| IdentityLink function| IgnoredTargetedProductForm function| IgnoredTargetedProductsRow function| IgnoredTargetedProductsTable function| TargetedProductsRow function| TargetedProducts function| TargetedProductsTable function| moment object| d3 function| daterangepicker function| Odometer function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| s object| Subdomains object| Common function| reset_tablesorter function| refilter_detections_table function| initDetectionClassifications function| search_for_endpoint_users function| refilter_endpoints_table function| initialize_inbox function| plot_endpoints_active_over_time function| toggleMark function| toggleIndicatorCommandLine function| toggleIndicatorFieldInclusion function| plot_mttd function| plot_stacked_bar function| plot_risk function| plot_per_endpoint_risk object| g_hide_popover_timeouts function| EdgeTable function| DataLoader function| change_focused_vertex function| Tree function| ProcessTree object| TextTemplates function| Bloodhound object| React object| ReactDOM function| createReactClass object| PropTypes object| ReactRouterDOM object| Redux object| ReactRedux object| ReduxThunk function| ExecList object| ReportActions object| ReportReducers object| IntelReportingActions object| IntelReportingAppC object| IntelReportingReducers function| Tribute object| I18n string| organization_name object| current_user boolean| user_signed_in function| mark_setup_complete object| ChurnZero string| GoogleAnalyticsObject object| exec object| nowElements object| google_tag_data object| gaGlobal object| gaData object| __tracerCZ

5 Cookies

Domain/Path Name / Value
.my.redcanary.co/ Name: _portal3_session
Value: SmJDSnluYWJYMW9xQ2tKdlJUK01ucjB4Y1lwRUxDa2YyTTN2bXlmOTJxUWJaVTY5bW1pUTFFc0trQzQxYWlMN2JjU0FHZ1Fsb21NblFNUm1tcXIrck55b3lCSlp5Y09VcTFOS0tmYzFKVmdnQnI2WklneTNhK0pUQjRHcmEwbXluc2p3T2xFbVkvVDdXTlZHQ0s1MmlsOHdxN24vQ1RrNm42bllTQ1RpYW8zNzFxemVodmtLTi9MVEFjekZkUENXWUlWYSt4TVJMbWlWSlRVM3NOWnEzUT09LS1tekdnVEZHSnhTS0s2MzhBQndMVkVBPT0%3D--4fa93eba774dbe16511d97c9597dc07f1bd5314f
.redcanary.co/ Name: _ga
Value: GA1.2.903129005.1645406766
.redcanary.co/ Name: _gid
Value: GA1.2.595730633.1645406766
.redcanary.co/ Name: _gat
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: 36a431d3be77e2d8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.churnzero.net
bam-cell.nr-data.net
cdn.datatables.net
cdnjs.cloudflare.com
js-agent.newrelic.com
lillyatp.my.redcanary.co
www.google-analytics.com
151.101.130.137
162.247.243.146
2606:4700:10::6816:335d
2606:4700::6810:135e
2a00:1450:4001:810::200e
3.140.2.1
54.164.248.93
00ecc75abee719dc6ccdcd2169c56cb530c8763e1ab42630a48eefbead5d61d2
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
17d8c75e0448b1f9001aff323dd5acb9f5a0fcd8d8473e2ef311965332c3d843
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
1d985473566431d6cf61637eef95ffcad2a599d6bb0a9da5d0d0b351120d8c06
36d3799b8de9c60e894a35e8dc440c1592c27b1cbde12fea51accb72ea8410e9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
58473e35f13f185cf66120287ea217f2eb5ea8d6efff4ae9991079dc9d7ca602
610da12b3df105b8371e4d61b4dca8527dd8c518de29eae49575c93a6b74c9f9
68e8947dc45f21302e235f7608d1dbeaad15927f86126f1ed5226854f59cb7c3
922a0074ed8f53d20ecd966aa9648da66eaf42359bbaff832e50aaf11eb3fc07
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a1bb8251cd332dfe7aec950a364aa1021e85c5f6c952be57feecf1e30f5a448c
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
cc733362065617383a46f88f292f27669f244a6e36aaeea301e5318febd30fba
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
db98cc66d8435c20a50f27dff6299b70be326725575c7e03664991c41bc4e320