titania.winstonfinancial.com Open in urlscan Pro
2606:4700::6812:1b73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://myferringbenefits.com/
Effective URL:
https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login
Submission: On November 23 via api (November 23rd 2024, 2:54:02 am UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 26 HTTP transactions. The main IP is 2606:4700::6812:1b73, located in United States and belongs to CLOUDFLARENET, US. The main domain is titania.winstonfinancial.com. The Cisco Umbrella rank of the primary domain is 980290.
TLS certificate: Issued by WE1 on November 15th 2024. Valid for: 3 months.

This is the only time titania.winstonfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	20.106.1.90 20.106.1.90	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2606:4700::68... 2606:4700::6812:1b73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6812:1a73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
26	4

1 20.106.1.90 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

myferringbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:1b73 (United States)

ASN13335 (CLOUDFLARENET, US)

titania.winstonfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.winstonfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:1a73 (United States)

ASN13335 (CLOUDFLARENET, US)

media.winstonfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
telemetry.winstonfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	winstonfinancial.com titania.winstonfinancial.com — Cisco Umbrella Rank: 980290 media.winstonfinancial.com — Cisco Umbrella Rank: 878538 telemetry.winstonfinancial.com — Cisco Umbrella Rank: 937553	808 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3	967 B
1	gstatic.com www.gstatic.com	218 KB
1	myferringbenefits.com 1 redirects myferringbenefits.com	235 B
26	4

	Domain	Requested by
17	media.winstonfinancial.com	titania.winstonfinancial.com media.winstonfinancial.com
3	www.google.com	titania.winstonfinancial.com www.gstatic.com
3	titania.winstonfinancial.com	titania.winstonfinancial.com
2	telemetry.winstonfinancial.com	media.winstonfinancial.com
1	www.gstatic.com	www.google.com
1	myferringbenefits.com	1 redirects
26	6

This site contains links to these domains. Also see Links.

Domain
launcher.myapps.microsoft.com

Subject Issuer	Validity	Valid
winstonfinancial.com WE1	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login
Frame ID: 09C8E07ECAF7EA826187BD108F88021C
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfwp0UUAAAAAPRBa_O6SZRyYc6qWZ7qqd0rAXy2&co=aHR0cHM6Ly90aXRhbmlhLndpbnN0b25maW5hbmNpYWwuY29tOjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=omtmzq5f1vcb
Frame ID: F7036E17C80FE71E01457B0BB1FB96E1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6Lfwp0UUAAAAAPRBa_O6SZRyYc6qWZ7qqd0rAXy2
Frame ID: 92EB693F68A4FA9860E72FD03B139184
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ferring Pharmaceuticals - HRAlly Enroll Powered By Winston

Page URL History Show full URLs

https://myferringbenefits.com/ HTTP 302
https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

26
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

1027 kB
Transfer

2590 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://launcher.myapps.microsoft.com/api/signin/05afbdd9-6475-4cdf-9f04-b07977c17dd2?tenantId=3d438f08-e047-4f9a-a191-69dd7cce14ea
Title: Click Here To Login!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://myferringbenefits.com/ HTTP 302
https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/
Redirect Chain

https://myferringbenefits.com/
https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

12 KB
3 KB

609ms
526ms

Document
text/html

2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3430ef3b3b6de9fe821259f30e0c59ae741f5b5eff3dd92bd062795de54eb23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8e6ddf2c1b29d368-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 23 Nov 2024 02:53:57 GMT
request-context: appId=cid-v1:79015a12-bc5c-4be8-982f-2ff33eb20310
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

content-length: 0
date: Sat, 23 Nov 2024 02:53:55 GMT
location: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 ai.3.gbl.min.js Show response
media.winstonfinancial.com/Titania/application-insights/ 143 KB
57 KB 88ms
29ms Script
application/javascript 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/application-insights/ai.3.gbl.min.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cca128a6605c60b1e8ab28db2a4c39423783d82965896194439c2e7783b38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD975CD785FA3"
age: 212002
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:11:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: 5b9286ce-701e-0070-5a65-3b45a3000000
cf-ray: 8e6ddf307d3ad9d2-FRA
access-control-allow-origin: *
x-azure-ref: 20241120T160034Z-1756c9f4c58sfjzfhC1WAWr5f000000008u000000000mpbu
server: cloudflare

GET
H2 200 analytics-99c30ffaea.js Show response
media.winstonfinancial.com/titania/jsbundles/live/ 835 B
669 B 80ms
21ms Script
application/javascript 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/titania/jsbundles/live/analytics-99c30ffaea.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900581d4766f511037a712fc872b7720145104fd2c5115c18897537bc4c6ba61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD975C57C1FA9"
age: 302149
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: application/javascript
last-modified: Fri, 20 Sep 2024 13:11:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: ff49a037-701e-003d-1b93-3a8a4f000000
cf-ray: 8e6ddf307d3cd9d2-FRA
access-control-allow-origin: *
x-azure-ref: 20241119T145808Z-1686bd79b7fmc297hC1PRAffdn00000007tg00000000hh8w
server: cloudflare

GET
H2 200 jquery-3.4.1.min.js Show response
media.winstonfinancial.com/Titania/jquery/3.4.1/ 86 KB
30 KB 922ms
864ms Script
application/javascript 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/jquery/3.4.1/jquery-3.4.1.min.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: MISS
etag: W/"0x8DCD97633187B40"
content-encoding: gzip
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:58 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:14:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: 7bd9027e-e01e-005a-6752-3d285d000000
cf-ray: 8e6ddf307d39d9d2-FRA
access-control-allow-origin: *
x-azure-ref: 20241123T025357Z-1686bd79b7fcjtjchC1PRAk1qs00000009s0000000003gdg
server: cloudflare

GET
H2 200 bootstrap.min.css
media.winstonfinancial.com/Titania/bootstrap/4.4.1/css/ 156 KB
23 KB 46ms
25ms Stylesheet
text/css 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD976B3F447A6"
age: 302148
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:18:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: f47242fd-201e-0020-0d93-3a87f3000000
cf-ray: 8e6ddf3038b5d368-FRA
access-control-allow-origin: *
x-azure-ref: 20241119T145808Z-1686bd79b7fdbg4thC1PRAg9z800000009bg00000000nt57
server: cloudflare

GET
H2 200 bootstrap.bundle.min.js Show response
media.winstonfinancial.com/Titania/bootstrap/4.4.1/js/ 79 KB
22 KB 79ms
21ms Script
application/javascript 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/bootstrap/4.4.1/js/bootstrap.bundle.min.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD976EFDB158E"
age: 212003
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:20:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: bf73a4f1-701e-0015-2357-3b5909000000
cf-ray: 8e6ddf307d31d9d2-FRA
access-control-allow-origin: *
x-azure-ref: 20241120T141904Z-175cf8f69dc8ljcxhC1STO1bpn00000009ag000000006g1u
server: cloudflare

GET
H2 200 all.min.css
media.winstonfinancial.com/Stingray/IconFont/fontawesome-pro-6.5.1-web/css/ 508 KB
95 KB 90ms
70ms Stylesheet
text/css 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Stingray/IconFont/fontawesome-pro-6.5.1-web/css/all.min.css

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd8116b29315be8c31b60ad7c62823055b16a00a2dd0e845e3f9636ba85b51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/

Response headers

x-cache-info: L2_T2
x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD975FADBBBBA"
age: 302148
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_REMOTE_HIT
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:13:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: e476ffca-a01e-0028-7591-3ac1dc000000
cf-ray: 8e6ddf3048bad368-FRA
access-control-allow-origin: *
x-azure-ref: 20241119T145809Z-1686bd79b7fdvhcrhC1PRAkqac0000000d8000000000f63t
server: cloudflare

GET
H2 200 bootstrap-datepicker.min.js Show response
media.winstonfinancial.com/Titania/bootstrap-datepicker/1.9.0/js/ 33 KB
10 KB 136ms
79ms Script
application/javascript 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/bootstrap-datepicker/1.9.0/js/bootstrap-datepicker.min.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c129f5956bc8e9c3a2838069e9a3ff50ad7a540a077b42934b2c5d7c902f4efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD97614A39EA4"
content-encoding: gzip
x-fd-int-roxy-purgeid: 79530421
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:13:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: f947f976-401e-0020-4296-3adbd3000000
cf-ray: 8e6ddf307d34d9d2-FRA
access-control-allow-origin: *
x-azure-ref: 20241119T151917Z-1756c9f4c58sq2fnhC1WAWrb500000000700000000006w5g
server: cloudflare

GET
H2 200 bootstrap-datepicker.min.css
media.winstonfinancial.com/Titania/bootstrap-datepicker/1.9.0/css/ 15 KB
2 KB 41ms
21ms Stylesheet
text/css 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/bootstrap-datepicker/1.9.0/css/bootstrap-datepicker.min.css

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f1ed28c8aba11cd26abcfb4671e4f0201ae61d71832fa72cee3c90abeeae982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD976119D47D5"
age: 302148
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:13:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: 436b95a0-b01e-000d-3e93-3a3480000000
cf-ray: 8e6ddf3048b6d368-FRA
access-control-allow-origin: *
x-azure-ref: 20241119T145809Z-1686bd79b7fl4xrvhC1PRA22vn0000000feg00000000dyes
server: cloudflare

GET
H2 200 bootstrap-datepicker3.min.css
media.winstonfinancial.com/Titania/bootstrap-datepicker/1.9.0/css/ 21 KB
2 KB 53ms
33ms Stylesheet
text/css 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/bootstrap-datepicker/1.9.0/css/bootstrap-datepicker3.min.css

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2695bf33b2936ec801798a54e5974c6406b4b0c8c9d6e630a74064671fe52831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD97611D0EF06"
age: 302148
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:13:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: 9a65f780-e01e-0000-5993-3afc54000000
cf-ray: 8e6ddf3048b7d368-FRA
access-control-allow-origin: *
x-azure-ref: 20241119T145809Z-1686bd79b7fdbg4thC1PRAg9z800000009dg00000000futn
server: cloudflare

GET
H2 200 jquery-ui.min.js Show response
media.winstonfinancial.com/Titania/jquery-ui-slider/1.12.1/ 22 KB
7 KB 79ms
22ms Script
application/javascript 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/jquery-ui-slider/1.12.1/jquery-ui.min.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1847ebef46d0ac25e6a8b8083aac3461ef417118c78cd8c4d4e3aa27c67eb8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD976D36A9F96"
age: 302146
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:19:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: 2c26fbc1-801e-0029-8093-3ac220000000
cf-ray: 8e6ddf307d35d9d2-FRA
access-control-allow-origin: *
x-azure-ref: 20241119T145810Z-1686bd79b7fvlhkchC1PRAc1bc0000000c1000000000gvbh
server: cloudflare

GET
H2 200 jquery-ui.min.css
media.winstonfinancial.com/Titania/jquery-ui-slider/1.12.1/ 17 KB
3 KB 128ms
108ms Stylesheet
text/css 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Titania/jquery-ui-slider/1.12.1/jquery-ui.min.css

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075e71619f390814b57111341244915bdcb9bc3aafe3f3cb4f21eebc471a8cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCD976CDC6C695"
content-encoding: gzip
x-fd-int-roxy-purgeid: 79530421
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 13:19:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: 9b93b37f-901e-000a-3b65-3b58e3000000
cf-ray: 8e6ddf3048b8d368-FRA
access-control-allow-origin: *
x-azure-ref: 20241120T160034Z-1756c9f4c58ndbg2hC1WAW5kkg00000008qg000000008shh
server: cloudflare

GET
H2 200 global-8be6ce58b8.js Show response
media.winstonfinancial.com/titania/jsbundles/live/ 195 KB
56 KB 83ms
26ms Script
application/javascript 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/titania/jsbundles/live/global-8be6ce58b8.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa36e7fb1b00888ac149f35aafb507d9ba11ba2c47e2b28eed24f66c70480e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCE3D771B26770"
age: 302146
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 03 Oct 2024 18:16:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: c6b2129e-501e-0015-3d93-3aebe7000000
cf-ray: 8e6ddf307d36d9d2-FRA
access-control-allow-origin: *
x-azure-ref: 20241119T145810Z-1686bd79b7fvs6wzhC1PRA28y8000000089g00000000hfpk
server: cloudflare

GET
H2 200 portal-7cd86e012e.js Show response
media.winstonfinancial.com/titania/jsbundles/live/ 44 KB
11 KB 75ms
19ms Script
application/javascript 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/titania/jsbundles/live/portal-7cd86e012e.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c7c61e89d4b84025932eb7cc98071e2c5b3dc97b2df467d85b5f0ff47782af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DCE971621DFAF5"
age: 218092
x-fd-int-roxy-purgeid: 79530421
content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 21:20:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: c9002dd0-001e-0052-6b57-3b3252000000
cf-ray: 8e6ddf307d37d9d2-FRA
access-control-allow-origin: *
x-azure-ref: 20241120T141904Z-1686bd79b7fcfb4khC1PRAxb3c0000000ffg000000006srf
server: cloudflare

GET
H2 200 231acfa80e0884bdec15373967adea24.css
media.winstonfinancial.com/titania/live/generated-css/ 257 KB
43 KB 169ms
150ms Stylesheet
text/css 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/titania/live/generated-css/231acfa80e0884bdec15373967adea24.css

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3c6fa653c9c1c8bbb0d7c13775c38ee07ffe4721be86cd4dbada6c528c13cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: W/"0x8DD0433066880C0"
content-encoding: gzip
x-fd-int-roxy-purgeid: 79530421
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 22:32:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: 516cc542-b01e-0078-6665-3ced42000000
cf-ray: 8e6ddf3048b9d368-FRA
access-control-allow-origin: *
x-azure-ref: 20241121T223734Z-1756c9f4c58jlb95hC1WAW2q1w0000000a8g000000008f4g
server: cloudflare

GET
H2 200 globalModalComponents.css
titania.winstonfinancial.com/Content/ 766 B
484 B 149ms
148ms Stylesheet
text/css 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://titania.winstonfinancial.com/Content/globalModalComponents.css

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1188a93288836e9d0832a1ff5cc804a7bf90186664510fb6a67fde6903681632

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"1dae8f6f58b5bfe"
x-content-type-options: nosniff
request-context: appId=cid-v1:79015a12-bc5c-4be8-982f-2ff33eb20310
cf-ray: 8e6ddf302887d368-FRA
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: text/css
last-modified: Wed, 07 Aug 2024 18:23:54 GMT
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
967 B 40ms
18ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

ESF /

Resource Hash

d0c5f3bd0d8aaaa58b9b5c76863bd8e34a1814eda4054bc501dc42e4cc5ebd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 02:53:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 23 Nov 2024 02:53:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 Total-Rewards-Benefits-Portal-4.jpg
media.winstonfinancial.com/Ferring/images/ 69 KB
69 KB 181ms
176ms Image
image/jpeg 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.winstonfinancial.com/Ferring/images/Total-Rewards-Benefits-Portal-4.jpg

Requested by

Host: titania.winstonfinancial.com
URL: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f62c110d25f32ae35444a3b77f79cdde6693f481c36b39cab676553b6fc73697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/

Response headers

x-ms-version: 2018-03-28
cf-bgj: h2pri
etag: "0x8DCD976364AE058"
cf-cache-status: REVALIDATED
x-fd-int-roxy-purgeid: 79530421
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 06:53:57 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:57 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 13:14:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
x-ms-request-id: 9bc32bbc-501e-0070-0265-3cf74d000000
cf-ray: 8e6ddf30a94dd368-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70195
x-azure-ref: 20241121T223734Z-155979768cdsx9sphC1STOmdzg00000000rg000000006530
server: cloudflare

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 549 KB
218 KB 28ms
9ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://titania.winstonfinancial.com/

Response headers

content-encoding: gzip
age: 40474
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 15:39:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 15:39:24 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222835
x-xss-protection: 0
server: sffe

GET
H2 200 sourcesans3-v15-latin-normal-200-900-20240930.woff2
media.winstonfinancial.com/shared/web-fonts/20240930/ 28 KB
28 KB 18ms
18ms Font
font/woff2 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/shared/web-fonts/20240930/sourcesans3-v15-latin-normal-200-900-20240930.woff2

Requested by

Host: media.winstonfinancial.com
URL: https://media.winstonfinancial.com/titania/live/generated-css/231acfa80e0884bdec15373967adea24.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9015686cf54e5e643e2bffe8cf0aa2c3140f56b0d84c1a315845e8a31601db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://media.winstonfinancial.com/titania/live/generated-css/231acfa80e0884bdec15373967adea24.css

Response headers

x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: "0x8DCE188F586FB5C"
age: 302146
x-fd-int-roxy-purgeid: 79530421
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:58 GMT
x-cache: TCP_MISS
date: Sat, 23 Nov 2024 02:53:58 GMT
content-type: font/woff2
last-modified: Mon, 30 Sep 2024 19:49:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: ff49ad64-701e-003d-5b93-3a8a4f000000
cf-ray: 8e6ddf364c64d9d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28816
x-azure-ref: 20241119T145812Z-1686bd79b7fl4xrvhC1PRA22vn0000000fe000000000ffc2
server: cloudflare

GET
H2 200 fa-solid-900.woff2
media.winstonfinancial.com/Stingray/IconFont/fontawesome-pro-6.5.1-web/webfonts/ 340 KB
340 KB 23ms
22ms Font
font/woff2 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.winstonfinancial.com/Stingray/IconFont/fontawesome-pro-6.5.1-web/webfonts/fa-solid-900.woff2

Requested by

Host: media.winstonfinancial.com
URL: https://media.winstonfinancial.com/Stingray/IconFont/fontawesome-pro-6.5.1-web/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://titania.winstonfinancial.com
Referer: https://media.winstonfinancial.com/Stingray/IconFont/fontawesome-pro-6.5.1-web/css/all.min.css

Response headers

x-cache-info: L2_T2
x-ms-version: 2018-03-28
cf-cache-status: HIT
etag: "0x8DCD975E70E2375"
age: 302146
x-fd-int-roxy-purgeid: 79530421
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 02:53:58 GMT
x-cache: TCP_REMOTE_HIT
date: Sat, 23 Nov 2024 02:53:58 GMT
content-type: font/woff2
last-modified: Fri, 20 Sep 2024 13:12:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=31536000
x-ms-request-id: 12bee364-c01e-003e-3b91-3a370b000000
cf-ray: 8e6ddf364c65d9d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 348036
x-azure-ref: 20241119T145812Z-1686bd79b7fcfb4khC1PRAxb3c0000000ceg00000000h19z
server: cloudflare

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F703 0
0 47ms
35ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfwp0UUAAAAAPRBa_O6SZRyYc6qWZ7qqd0rAXy2&co=aHR0cHM6Ly90aXRhbmlhLndpbnN0b25maW5hbmNpYWwuY29tOjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=omtmzq5f1vcb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mv7eukB7uWMikBqErN1-ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://titania.winstonfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Mv7eukB7uWMikBqErN1-ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 02:53:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 output.ico
titania.winstonfinancial.com/Images/favicons/ 15 KB
2 KB 516ms
513ms Other
image/x-icon 2606:4700::6812:1b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://titania.winstonfinancial.com/Images/favicons/output.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

790f8e025b8145f58c2ff7e1baafa8cd2e10b3db10d726a5a7ffbb528cc8e558

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://titania.winstonfinancial.com/Portal/Ferring%20Pharmaceuticals/Main%20Portal/Login

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"1dae8f6f623d56e"
x-content-type-options: nosniff
request-context: appId=cid-v1:79015a12-bc5c-4be8-982f-2ff33eb20310
cf-ray: 8e6ddf38ac7cd368-FRA
date: Sat, 23 Nov 2024 02:53:59 GMT
content-type: image/x-icon
last-modified: Wed, 07 Aug 2024 18:23:55 GMT
server: cloudflare

OPTIONS
H2 204 track
telemetry.winstonfinancial.com/v2/ Frame 0
0 62ms
23ms Preflight 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetry.winstonfinancial.com/v2/track

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://titania.winstonfinancial.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cf-ray: 8e6ddf38f814d9d2-FRA
date: Sat, 23 Nov 2024 02:53:58 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 track Show response
telemetry.winstonfinancial.com/v2/ 62 B
206 B 658ms
657ms XHR
application/json 2606:4700::6812:1a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetry.winstonfinancial.com/v2/track

Requested by

Host: media.winstonfinancial.com
URL: https://media.winstonfinancial.com/Titania/application-insights/ai.3.gbl.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a6b8f8dced09bf18920a311f765abe1ee41b3153a14ac76cad8e42e7b8a563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://titania.winstonfinancial.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e6ddf39186bd9d2-FRA
access-control-allow-origin: *
date: Sat, 23 Nov 2024 02:53:59 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 92EB 0
0 21ms
20ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6Lfwp0UUAAAAAPRBa_O6SZRyYc6qWZ7qqd0rAXy2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bhqsx2Cxs_gyCjhWYWgyXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://titania.winstonfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bhqsx2Cxs_gyCjhWYWgyXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 02:53:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
titania.winstonfinancial.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 211fd3940f99a8602578703cf20024ca
titania.winstonfinancial.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 211fd3940f99a8602578703cf20024ca
titania.winstonfinancial.com/	1969-12-31 23:59:59	Name: loginUrl Value: %2Fportal%2FFerring%2520Pharmaceuticals%2FMain%2520Portal%2FLogin
titania.winstonfinancial.com/	1969-12-31 23:59:59	Name: Case Value: Ferring%20Pharmaceuticals
titania.winstonfinancial.com/	1969-12-31 23:59:59	Name: Portal Value: Main%20Portal
titania.winstonfinancial.com/	1970-01-21 09:57:46	Name: ai_user Value: 3O15dxd86t9HiEhghc97rF\|2024-11-23T02:53:57.311Z
titania.winstonfinancial.com/	1969-12-31 23:59:59	Name: a2hsOptedOut Value: false
titania.winstonfinancial.com/	1970-01-21 01:12:12	Name: ai_session Value: i5waWI8e9HBhgGFtNUzCHk\|1732330438503\|1732330438503

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

media.winstonfinancial.com
myferringbenefits.com
telemetry.winstonfinancial.com
titania.winstonfinancial.com
www.google.com
www.gstatic.com
142.250.184.228
142.250.186.131
20.106.1.90
2606:4700::6812:1a73
2606:4700::6812:1b73
075e71619f390814b57111341244915bdcb9bc3aafe3f3cb4f21eebc471a8cc3
0bd8116b29315be8c31b60ad7c62823055b16a00a2dd0e845e3f9636ba85b51c
1188a93288836e9d0832a1ff5cc804a7bf90186664510fb6a67fde6903681632
25b8df945ab6bdb4ac6f55a345112dcdc89907e9b0c37bab18e6fea90ba035ca
2695bf33b2936ec801798a54e5974c6406b4b0c8c9d6e630a74064671fe52831
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3430ef3b3b6de9fe821259f30e0c59ae741f5b5eff3dd92bd062795de54eb23b
34c7c61e89d4b84025932eb7cc98071e2c5b3dc97b2df467d85b5f0ff47782af
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
3a3c6fa653c9c1c8bbb0d7c13775c38ee07ffe4721be86cd4dbada6c528c13cd
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
790f8e025b8145f58c2ff7e1baafa8cd2e10b3db10d726a5a7ffbb528cc8e558
900581d4766f511037a712fc872b7720145104fd2c5115c18897537bc4c6ba61
9f1ed28c8aba11cd26abcfb4671e4f0201ae61d71832fa72cee3c90abeeae982
b5a6b8f8dced09bf18920a311f765abe1ee41b3153a14ac76cad8e42e7b8a563
c129f5956bc8e9c3a2838069e9a3ff50ad7a540a077b42934b2c5d7c902f4efc
c1847ebef46d0ac25e6a8b8083aac3461ef417118c78cd8c4d4e3aa27c67eb8b
c7cca128a6605c60b1e8ab28db2a4c39423783d82965896194439c2e7783b38c
c9015686cf54e5e643e2bffe8cf0aa2c3140f56b0d84c1a315845e8a31601db4
d0c5f3bd0d8aaaa58b9b5c76863bd8e34a1814eda4054bc501dc42e4cc5ebd45
f62c110d25f32ae35444a3b77f79cdde6693f481c36b39cab676553b6fc73697
fa36e7fb1b00888ac149f35aafb507d9ba11ba2c47e2b28eed24f66c70480e52

titania.winstonfinancial.com Open in urlscan Pro 2606:4700::6812:1b73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

40 %IPv6

4 Domains

6 Subdomains

4 IPs

1 Countries

1027 kBTransfer

2590 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

8 Cookies

Security Headers

titania.winstonfinancial.com Open in urlscan Pro
2606:4700::6812:1b73 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

1027 kB
Transfer

2590 kB
Size

8
Cookies

26 HTTP transactions
0 data transactions