ssoqa.winfieldunited.com Open in urlscan Pro
173.255.85.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qanew.nutrisolutions360.winfield.com/
Effective URL:
https://ssoqa.winfieldunited.com/winfield/login/?r=3
Submission: On December 20 via api (December 20th 2024, 7:19:37 pm UTC) from US — Scanned from IL

Summary HTTP 27 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 173.255.85.47, located in Neosho, United States and belongs to LANDOLAKES, US. The main domain is ssoqa.winfieldunited.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 11th 2024. Valid for: a year.

This is the only time ssoqa.winfieldunited.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	45.60.1.174 45.60.1.174	19551 (INCAPSULA) (INCAPSULA)
4	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1 2	63.234.30.162 63.234.30.162	14161 (LANDOLAKES) (LANDOLAKES)
1 6	173.255.85.47 173.255.85.47	14161 (LANDOLAKES) (LANDOLAKES)
3	23.32.238.192 23.32.238.192	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	23.32.238.187 23.32.238.187	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
27	6

13 45.60.1.174 (United States)

ASN19551 (INCAPSULA, US)

qanew.nutrisolutions360.winfield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.234.30.162 (United States) 1 redirects

ASN14161 (LANDOLAKES, US)
PTR: 63-234-30-162.dia.static.qwest.net

qa.lolportals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 173.255.85.47 (Neosho, United States) 1 redirects

ASN14161 (LANDOLAKES, US)

ssoqa.winfieldunited.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.238.192 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-32-238-192.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.238.187 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-32-238-187.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	winfield.com qanew.nutrisolutions360.winfield.com	452 KB
6	winfieldunited.com 1 redirects ssoqa.winfieldunited.com	970 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 460 p.typekit.net — Cisco Umbrella Rank: 571	48 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 466	194 KB
2	lolportals.com 1 redirects qa.lolportals.com	885 B
27	5

	Domain	Requested by
13	qanew.nutrisolutions360.winfield.com	qanew.nutrisolutions360.winfield.com
6	ssoqa.winfieldunited.com	1 redirects qanew.nutrisolutions360.winfield.com ssoqa.winfieldunited.com
4	maps.googleapis.com	qanew.nutrisolutions360.winfield.com maps.googleapis.com
3	use.typekit.net	ssoqa.winfieldunited.com use.typekit.net
2	qa.lolportals.com	1 redirects ssoqa.winfieldunited.com
1	p.typekit.net	use.typekit.net
27	6

This site contains links to these domains. Also see Links.

Domain
credentialsqa.lolportals.com
landolakesinc--uat.sandbox.my.site.com

Subject Issuer	Validity	Valid
qanew.nutrisolutions360.winfield.com Entrust OV TLS Issuing RSA CA 1	`2024-12-16` - `2025-12-16`	a year	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
ssoqa.winfieldunited.com Entrust Certification Authority - L1K	`2024-06-11` - `2025-07-10`	a year	crt.sh
qa.lolportals.com Entrust Certification Authority - L1K	`2024-01-06` - `2025-02-03`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-10` - `2026-01-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ssoqa.winfieldunited.com/winfield/login/?r=3
Frame ID: 4BE37325B0E9CDD26F82D12CE7EDAB40
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winfield United

Page URL History Show full URLs

https://qanew.nutrisolutions360.winfield.com/ Page URL
https://qa.lolportals.com/as/authorization.oauth2?client_id=rs_client_ns&response_type=code&grant_type... HTTP 302
https://ssoqa.winfieldunited.com/winfield/login?r=3 HTTP 302
https://ssoqa.winfieldunited.com/winfield/login/?r=3 Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1665 kB
Transfer

3580 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://credentialsqa.lolportals.com/UserAccess/ForgotUsername
Title: Forgot Username

Search URL Search Domain Scan URL

URL: https://landolakesinc--uat.sandbox.my.site.com/ems/EMSSelfRegistrationPage
Title: Create an Account

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qanew.nutrisolutions360.winfield.com/ Page URL
https://qa.lolportals.com/as/authorization.oauth2?client_id=rs_client_ns&response_type=code&grant_type=authorization_code&redirect_uri=https://qanew.nutrisolutions360.winfield.com&scope=openid%20profile&code_challenge=YLGI9KktLxqi5ygZKP2ElVvvtHj8utNCyrn-5-5nsNw&code_challenge_method=S256 HTTP 302
https://ssoqa.winfieldunited.com/winfield/login?r=3 HTTP 302
https://ssoqa.winfieldunited.com/winfield/login/?r=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
qanew.nutrisolutions360.winfield.com/ 100 KB
15 KB 1314ms
917ms Document
text/html 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

abcffc8e78c72acd13a30432d06ceea91249ae6866ca3f9c76745ae26cf75f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 20 Dec 2024 19:19:16 GMT
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 46-224938067-224938100 NNYN CT(131 276 0) RT(1734722355806 86) q(0 0 5 0) r(6 9) U12
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000

GET
H2 200 styles.c50c0d7d3b633045.css
qanew.nutrisolutions360.winfield.com/ 395 KB
53 KB 536ms
532ms Stylesheet
text/css 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/styles.c50c0d7d3b633045.css

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5caf06b17b17ce4f1b9a85f3bfe3239633e0333ec7deffdf8cc86eb95cc617d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224936210 3NYN RT(1734722355806 1308) q(0 0 0 -1) r(4 4) U18
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
date: Fri, 20 Dec 2024 19:19:17 GMT
content-type: text/css

GET
H2 200 runtime.059ac23de80e03fb.js Show response
qanew.nutrisolutions360.winfield.com/ 5 KB
3 KB 388ms
385ms Script
application/javascript 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/runtime.059ac23de80e03fb.js

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

19caa25cf1e163f47f50d5af616cb9d5a20a89598144509085cdbd05c72f569e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://qanew.nutrisolutions360.winfield.com
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224936208 3NYN RT(1734722355806 1301) q(0 0 0 -1) r(3 3) U18
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
access-control-allow-origin: *
date: Fri, 20 Dec 2024 19:19:17 GMT
content-type: application/javascript

GET
H2 200 polyfills.0227efd80b81ace1.js Show response
qanew.nutrisolutions360.winfield.com/ 34 KB
13 KB 640ms
637ms Script
application/javascript 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/polyfills.0227efd80b81ace1.js

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c14405c496437d3e28c44f141478e6ea46d120fb02644dc1f581caf5f8108a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://qanew.nutrisolutions360.winfield.com
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224935465 3NYN RT(1734722355806 1302) q(0 0 0 -1) r(5 5) U18
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
access-control-allow-origin: *
date: Fri, 20 Dec 2024 19:19:17 GMT
content-type: application/javascript

GET
H2 200 scripts.5c83cbb4dbb11a83.js Show response
qanew.nutrisolutions360.winfield.com/ 85 KB
31 KB 623ms
620ms Script
application/javascript 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/scripts.5c83cbb4dbb11a83.js

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1f36b9224df48061e91e805110d3f8690214770c35a6d0e6b779995d453079f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224925817 3NYN RT(1734722355806 1303) q(0 0 0 -1) r(5 5) U18
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
date: Fri, 20 Dec 2024 19:19:17 GMT
content-type: application/javascript

GET
H2 200 main.ff5dc5455ae7c129.js Show response
qanew.nutrisolutions360.winfield.com/ 661 KB
194 KB 486ms
484ms Script
application/javascript 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/main.ff5dc5455ae7c129.js

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8ea1da188a542cc372ffc858f5041e81fb4033e1d0b706bd4d448ae996c426d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://qanew.nutrisolutions360.winfield.com
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224929241 3NYN RT(1734722355806 1303) q(0 0 0 -1) r(4 4) U18
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
access-control-allow-origin: *
date: Fri, 20 Dec 2024 19:19:17 GMT
content-type: application/javascript

GET
H2 200 _Incapsula_Resource Show response
qanew.nutrisolutions360.winfield.com/ 81 KB
19 KB 93ms
90ms Script
application/javascript 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2035044192

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

431f38c8d10bd37f1dabe12a8d23dae26c87b796da89a1dec958ad7744b27157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex
cache-control: no-cache, no-store
content-encoding: gzip
content-length: 19738
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
qanew.nutrisolutions360.winfield.com/ 1 B
36 B 92ms
81ms Image
text/plain 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qanew.nutrisolutions360.winfield.com/_Incapsula_Resource?SWKMTFSR=1&e=0.10699127833333888

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex
cache-control: no-cache, no-store
content-length: 1
content-type: text/plain

GET
H2 200 styles.c50c0d7d3b633045.css
qanew.nutrisolutions360.winfield.com/ 395 KB
51 KB 540ms
527ms Stylesheet
text/css 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/styles.c50c0d7d3b633045.css

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224924896 3CNN RT(1734722355806 1946) q(0 0 0 -1) r(4 4) U19
cache-control: max-age=299, public
content-encoding: gzip
etag: "bd92dd4a"
x-cdn: Imperva
expires: Fri, 20 Dec 2024 19:24:17 GMT
content-length: 51913
date: Fri, 20 Dec 2024 19:19:18 GMT
content-type: text/css

GET
H2 200 js
maps.googleapis.com/maps/api/ 238 KB
80 KB 451ms
157ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBdwfxOC3n-cb-oHQPLIBnorUqkTRsGqH0

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/main.ff5dc5455ae7c129.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 10ecebc9
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81790
date: Fri, 20 Dec 2024 19:19:18 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 config.json
qanew.nutrisolutions360.winfield.com/assets/config/ 385 B
406 B 232ms
230ms XHR
application/json 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/assets/config/config.json

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/polyfills.0227efd80b81ace1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224938100 PNYN RT(1734722355806 2347) q(0 0 0 -1) r(2 2) U12
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
date: Fri, 20 Dec 2024 19:19:18 GMT
content-type: application/json

GET
H/1.1

200
OK

Primary Request / Show response
ssoqa.winfieldunited.com/winfield/login/
Redirect Chain

https://qa.lolportals.com/as/authorization.oauth2?client_id=rs_client_ns&response_type=code&grant_type=authorization_code&redirect_uri=https://qanew.nutrisolutions360.winfield.com&scope=openid%20pr...
https://ssoqa.winfieldunited.com/winfield/login?r=3
https://ssoqa.winfieldunited.com/winfield/login/?r=3

4 KB
4 KB

256ms
256ms

Document
text/html

173.255.85.47
LANDOLAKES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssoqa.winfieldunited.com/winfield/login/?r=3
Requested by: Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/main.ff5dc5455ae7c129.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.255.85.47 Neosho, United States, ASN14161 (LANDOLAKES, US),
Reverse DNS
Software: /
Resource Hash: b66d68e51000e1799c780d8ba506371f2347069dc49701ac6be0ddbb6c7b346d

Request headers

Referer: https://qanew.nutrisolutions360.winfield.com/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Length: 3737
Content-Type: text/html;charset=utf-8
Date: Fri, 20 Dec 2024 19:18:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Content-Length: 0
Date: Fri, 20 Dec 2024 19:18:37 GMT
Location: https://ssoqa.winfieldunited.com/winfield/login/?r=3

GET
H2 200 lato-bold-webfont.42eb5a53cc208784.woff2
qanew.nutrisolutions360.winfield.com/ 25 KB
25 KB 250ms
247ms Font
application/font-woff 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/lato-bold-webfont.42eb5a53cc208784.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://qanew.nutrisolutions360.winfield.com
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224938100 PNYN RT(1734722355806 2668) q(0 0 0 -1) r(2 2) U12
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
access-control-allow-origin: *
date: Fri, 20 Dec 2024 19:19:18 GMT
content-type: application/font-woff

GET
H2 200 lato-regular-webfont.917794b23f2869f8.woff2
qanew.nutrisolutions360.winfield.com/ 24 KB
24 KB 645ms
643ms Font
application/font-woff 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/lato-regular-webfont.917794b23f2869f8.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://qanew.nutrisolutions360.winfield.com
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224939290 NNYN CT(132 265 0) RT(1734722355806 2675) q(0 0 4 -1) r(6 6) U12
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
access-control-allow-origin: *
date: Fri, 20 Dec 2024 19:19:19 GMT
content-type: application/font-woff

GET
H2 200 lato-semibold-webfont.917794b23f2869f8.woff2
qanew.nutrisolutions360.winfield.com/ 24 KB
24 KB 708ms
706ms Font
application/font-woff 45.60.1.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://qanew.nutrisolutions360.winfield.com/lato-semibold-webfont.917794b23f2869f8.woff2

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/styles.c50c0d7d3b633045.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://qanew.nutrisolutions360.winfield.com
Referer: https://qanew.nutrisolutions360.winfield.com/styles.c50c0d7d3b633045.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 46-224938067-224939422 NNYN CT(131 302 0) RT(1734722355806 2798) q(0 0 4 -1) r(5 6) U12
content-encoding: gzip
x-cdn: Imperva
request-context: appId=cid-v1:2773ada5-8832-4f92-8c75-4c1ed2d5deab
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
access-control-allow-origin: *
date: Fri, 20 Dec 2024 19:19:19 GMT
content-type: application/font-woff

GET
H3 200 gen_204
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 396ms
139ms XHR
application/json 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: qanew.nutrisolutions360.winfield.com
URL: https://qanew.nutrisolutions360.winfield.com/polyfills.0227efd80b81ace1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://qanew.nutrisolutions360.winfield.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Fri, 20 Dec 2024 19:19:19 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 common.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/iw_ALL/ 268 KB
56 KB 149ms
148ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/iw_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBdwfxOC3n-cb-oHQPLIBnorUqkTRsGqH0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

content-encoding: br
age: 296187
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:02:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:02:56 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 57063
x-xss-protection: 0
server: sffe

GET
H3 200 util.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/iw_ALL/ 192 KB
58 KB 139ms
139ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/iw_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBdwfxOC3n-cb-oHQPLIBnorUqkTRsGqH0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://qanew.nutrisolutions360.winfield.com/

Response headers

content-encoding: br
age: 295800
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:09:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:09:23 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 59648
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK logout.js Show response
qa.lolportals.com/Branding/LOL/js/ 2 B
381 B 1019ms
278ms Script
application/javascript 63.234.30.162
LANDOLAKES

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.lolportals.com/Branding/LOL/js/logout.js
Requested by: Host: ssoqa.winfieldunited.com
URL: https://ssoqa.winfieldunited.com/winfield/login/?r=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.234.30.162 , United States, ASN14161 (LANDOLAKES, US),
Reverse DNS: 63-234-30-162.dia.static.qwest.net
Software: /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ssoqa.winfieldunited.com/

Response headers

Accept-Ranges: bytes
Content-Length: 2
X-UA-Compatible: IE=EmulateIE8
Date: Fri, 20 Dec 2024 19:18:38 GMT
ETag: W/"mk8t5nDJVcgmk8slrH+xJc"
Last-Modified: Mon, 09 Mar 2020 21:33:29 GMT
Content-Type: application/javascript

GET
H/1.1 200
OK app3.css
ssoqa.winfieldunited.com/winfield/assets/css/ 146 KB
146 KB 267ms
264ms Stylesheet
text/css 173.255.85.47
LANDOLAKES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssoqa.winfieldunited.com/winfield/assets/css/app3.css
Requested by: Host: ssoqa.winfieldunited.com
URL: https://ssoqa.winfieldunited.com/winfield/login/?r=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.255.85.47 Neosho, United States, ASN14161 (LANDOLAKES, US),
Reverse DNS
Software: /
Resource Hash: 80997dd395eee0c6bed6ff227b252a23b01d5a4181ec4336baaf732d181811da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ssoqa.winfieldunited.com/winfield/login/?r=3

Response headers

Accept-Ranges: bytes
Content-Length: 149613
Date: Fri, 20 Dec 2024 19:18:38 GMT
ETag: W/"LBdqd+/vwJ4LBdrGThEgqM"
Last-Modified: Thu, 05 Dec 2019 20:03:30 GMT
Content-Type: text/css

GET
H/1.1 200
OK login-wf-logo.png
ssoqa.winfieldunited.com/winfield/assets/img/ 16 KB
16 KB 883ms
413ms Image
image/png 173.255.85.47
LANDOLAKES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssoqa.winfieldunited.com/winfield/assets/img/login-wf-logo.png
Requested by: Host: ssoqa.winfieldunited.com
URL: https://ssoqa.winfieldunited.com/winfield/login/?r=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.255.85.47 Neosho, United States, ASN14161 (LANDOLAKES, US),
Reverse DNS
Software: /
Resource Hash: 061c74c6a5188cdcb57000962ba2268131686ef8c118a052a57fe75c4311efef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ssoqa.winfieldunited.com/winfield/login/?r=3

Response headers

Accept-Ranges: bytes
Content-Length: 16266
Date: Fri, 20 Dec 2024 19:18:38 GMT
ETag: W/"XfYX+1tXPikXfYWlf5gxNM"
Last-Modified: Tue, 26 Nov 2019 00:58:46 GMT
Content-Type: image/png

GET
H2 200 ren2adb.css
use.typekit.net/ 41 KB
3 KB 634ms
344ms Stylesheet
text/css 23.32.238.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ren2adb.css

Requested by

Host: ssoqa.winfieldunited.com
URL: https://ssoqa.winfieldunited.com/winfield/assets/css/app3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-32-238-192.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

57c1b85de6cb0b92d99be8fcb9b999920981fe37d95e92f26e4a05597eea408e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ssoqa.winfieldunited.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 3127
date: Fri, 20 Dec 2024 19:19:29 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 462ms
127ms Stylesheet
text/css 23.32.238.187
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ren2adb&ht=tk&f=137.139.140.169.175.176.143.144.147.148.156.157.161.162.25269.25271.25272.25273.25274.25275.26034.26053.26054.26056.26062.26068.25996.25998.25999.26000.26001.26012.26014.26016.26017.26018.26019.26030.26036.26037.26046.26047.26072.26073.26086.26087.39680.39681.39684.39687.39688.39689.39691.39692.39693.39694.39700.39701.39697.39699.39703.39704&a=20893412&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ren2adb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-32-238-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "6739e73d-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Fri, 20 Dec 2024 19:19:30 GMT
content-type: text/css
last-modified: Sun, 17 Nov 2024 12:53:17 GMT
server: nginx

GET
H/1.1 200
OK login-bg.jpg
ssoqa.winfieldunited.com/winfield/assets/img/ 796 KB
796 KB 250ms
250ms Image
image/jpeg 173.255.85.47
LANDOLAKES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssoqa.winfieldunited.com/winfield/assets/img/login-bg.jpg
Requested by: Host: ssoqa.winfieldunited.com
URL: https://ssoqa.winfieldunited.com/winfield/assets/css/app3.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.255.85.47 Neosho, United States, ASN14161 (LANDOLAKES, US),
Reverse DNS
Software: /
Resource Hash: 438f95106b6054a69750f6767bd0582a78a79bfce402e417c047114dc05e6df6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ssoqa.winfieldunited.com/winfield/assets/css/app3.css

Response headers

Accept-Ranges: bytes
Content-Length: 814924
Date: Fri, 20 Dec 2024 19:18:40 GMT
ETag: W/"bqUqaS3wS5MbqUrB4jL4a8"
Last-Modified: Tue, 26 Nov 2019 00:58:46 GMT
Content-Type: image/jpeg

GET
H2 200 l
use.typekit.net/af/9832ec/00000000000000003b9acb09/27/ 19 KB
19 KB 600ms
247ms Font
application/font-woff2 23.32.238.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9832ec/00000000000000003b9acb09/27/l?subset_id=2&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ren2adb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-32-238-192.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73bff3ef2582d7f590ac8096b36aab2d2ecdc5c16850015d0c8950a7ec33db01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ssoqa.winfieldunited.com
Referer: https://use.typekit.net/ren2adb.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "dd290cee3de8ee074bdd4a6b07011d2caee9ffef"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 19292
date: Fri, 20 Dec 2024 19:19:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/4b28f4/00000000000000003b9acb08/27/ 25 KB
26 KB 496ms
143ms Font
application/font-woff2 23.32.238.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4b28f4/00000000000000003b9acb08/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ren2adb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-32-238-192.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 74e66c6fffa12e9f5637a8c5e46aae8afe022b8ae19370d7bd0a9fb4dc5ed7fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ssoqa.winfieldunited.com
Referer: https://use.typekit.net/ren2adb.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "9b2f7f4f97b2a727703206062462973fb459907c"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 25976
date: Fri, 20 Dec 2024 19:19:30 GMT
content-type: application/font-woff2
server: nginx

GET
H/1.1 200
OK favicon.ico
ssoqa.winfieldunited.com/ 7 KB
7 KB 241ms
240ms Other
image/x-icon 173.255.85.47
LANDOLAKES

General

Check archive.org

Show headers Download Go to

Full URL

https://ssoqa.winfieldunited.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.255.85.47 Neosho, United States, ASN14161 (LANDOLAKES, US),

Reverse DNS

Software

Resource Hash

ac25996dbe8bfd6117755f8a389a05f862ac52e40105704415da648caba9f2da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ssoqa.winfieldunited.com/winfield/login/?r=3

Response headers

Referrer-Policy: origin
Content-Length: 7406
Date: Fri, 20 Dec 2024 19:18:41 GMT
Content-Type: image/x-icon
Last-Modified: Fri, 07 Oct 2022 23:30:48 GMT
X-Frame-Options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| postOk

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ssoqa.winfieldunited.com/winfield	1969-12-31 23:59:59	Name: JSESSIONID Value: node01rn49k6d91gdd4u4r2xyz7iqk87890.node0
.qanew.nutrisolutions360.winfield.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 8d31544f541c08c8d928da3b348f9799550f408b27e08a3e4938cce84d051d31
.qanew.nutrisolutions360.winfield.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 8d31544f541c08c8d928da3b348f9799550f408b27e08a3e4938cce84d051d31
.nutrisolutions360.winfield.com/	1970-01-21 10:37:25	Name: visid_incap_3173659 Value: +pb+pMWhTyGDgVYrMsv/YDPDZWcAAAAAQUIPAAAAAADA9mW3EIXLnfJsaqGV7Xrb
.nutrisolutions360.winfield.com/	1969-12-31 23:59:59	Name: nlbi_3173659 Value: ixWHAnWH/Gws/cwt6VhRrAAAAAC7FABcEk7lsv0Pl+Ybpxp9
.nutrisolutions360.winfield.com/	1969-12-31 23:59:59	Name: incap_ses_1456_3173659 Value: RkiHR0WzsR+pnezFjMA0FDTDZWcAAAAAe4/j0dnJwEw3CH4afQB0kg==
.qa.lolportals.com/	1969-12-31 23:59:59	Name: breadcrumb2 Value: https://qa.lolportals.com/as/authorization.oauth2?client_id=rs_client_ns&response_type=code&grant_type=authorization_code&redirect_uri=https://qanew.nutrisolutions360.winfield.com&scope=openid%20profile&code_challenge=YLGI9KktLxqi5ygZKP2ElVvvtHj8utNCyrn-5-5nsNw&code_challenge_method=S256
ssoqa.winfieldunited.com/	1969-12-31 23:59:59	Name: BIGipServerpool_qa_sso_winfieldunited Value: !w/ytEm3CoeZsbLDKt35a6MYb7AFOqPEFEZF6oD4mdIw2e4qZBKq8HDlMkWdEGZymmPGG8QMPTYYUfMI=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://ssoqa.winfieldunited.com/winfield/login/?r=3 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

maps.googleapis.com
p.typekit.net
qa.lolportals.com
qanew.nutrisolutions360.winfield.com
ssoqa.winfieldunited.com
use.typekit.net
142.250.184.202
173.255.85.47
23.32.238.187
23.32.238.192
45.60.1.174
63.234.30.162
061c74c6a5188cdcb57000962ba2268131686ef8c118a052a57fe75c4311efef
19caa25cf1e163f47f50d5af616cb9d5a20a89598144509085cdbd05c72f569e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f36b9224df48061e91e805110d3f8690214770c35a6d0e6b779995d453079f0
431f38c8d10bd37f1dabe12a8d23dae26c87b796da89a1dec958ad7744b27157
438f95106b6054a69750f6767bd0582a78a79bfce402e417c047114dc05e6df6
57c1b85de6cb0b92d99be8fcb9b999920981fe37d95e92f26e4a05597eea408e
5caf06b17b17ce4f1b9a85f3bfe3239633e0333ec7deffdf8cc86eb95cc617d9
73bff3ef2582d7f590ac8096b36aab2d2ecdc5c16850015d0c8950a7ec33db01
74e66c6fffa12e9f5637a8c5e46aae8afe022b8ae19370d7bd0a9fb4dc5ed7fa
80997dd395eee0c6bed6ff227b252a23b01d5a4181ec4336baaf732d181811da
8ea1da188a542cc372ffc858f5041e81fb4033e1d0b706bd4d448ae996c426d4
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
abcffc8e78c72acd13a30432d06ceea91249ae6866ca3f9c76745ae26cf75f77
ac25996dbe8bfd6117755f8a389a05f862ac52e40105704415da648caba9f2da
b66d68e51000e1799c780d8ba506371f2347069dc49701ac6be0ddbb6c7b346d
c14405c496437d3e28c44f141478e6ea46d120fb02644dc1f581caf5f8108a4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ssoqa.winfieldunited.com Open in urlscan Pro 173.255.85.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

1665 kBTransfer

3580 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

ssoqa.winfieldunited.com Open in urlscan Pro
173.255.85.47 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1665 kB
Transfer

3580 kB
Size

8
Cookies

27 HTTP transactions
0 data transactions