sso.ukg.com Open in urlscan Pro
158.228.49.167 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://globesmart.sso.ukg.com/
Effective URL:
https://sso.ukg.com:9031/idp/SSO.saml2
Submission: On July 03 via automatic, source certstream-suspicious (July 3rd 2024, 9:52:30 pm UTC) — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 9 HTTP transactions. The main IP is 158.228.49.167, located in Newton Center, United States and belongs to KRONOS-MA, US. The main domain is sso.ukg.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 12th 2024. Valid for: a year.

This is the only time sso.ukg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:3b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.16.184.59 3.16.184.59	16509 (AMAZON-02) (AMAZON-02)
1	18.217.138.41 18.217.138.41	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:235... 2600:9000:2359:d400:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:ffb6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	158.228.49.167 158.228.49.167	46269 (KRONOS-MA) (KRONOS-MA)
9	4

1 2606:4700::6812:3b5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

globesmart.sso.ukg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.16.184.59 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-184-59.us-east-2.compute.amazonaws.com

globesmart.aperianglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.217.138.41 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-138-41.us-east-2.compute.amazonaws.com

app.aperian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:d400:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ffb6 (United States)

ASN13335 (CLOUDFLARENET, US)

auth.aperianglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 158.228.49.167 (Newton Center, United States)

ASN46269 (KRONOS-MA, US)

sso.ukg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ukg.com 1 redirects globesmart.sso.ukg.com sso.ukg.com	242 KB
2	aperianglobal.com 1 redirects globesmart.aperianglobal.com auth.aperianglobal.com	2 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6702	42 KB
1	aperian.com app.aperian.com	7 KB
9	4

	Domain	Requested by
6	sso.ukg.com	sso.ukg.com
1	auth.aperianglobal.com	cdn.auth0.com
1	cdn.auth0.com	app.aperian.com
1	app.aperian.com
1	globesmart.aperianglobal.com	1 redirects
1	globesmart.sso.ukg.com	1 redirects
9	6

This site contains no links.

Subject Issuer	Validity	Valid
*.aperian.com Amazon RSA 2048 M03	`2024-07-03` - `2025-08-02`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
auth.aperianglobal.com E5	`2024-06-16` - `2024-09-14`	3 months	crt.sh
*.ukg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-12` - `2025-04-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sso.ukg.com:9031/idp/SSO.saml2
Frame ID: B7D657374F89CF1EBF1BF4AC47A86BCE
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On

Page URL History Show full URLs

https://globesmart.sso.ukg.com/ HTTP 302
https://globesmart.aperianglobal.com/?sp=UKG-8IVAI8BA HTTP 301
https://app.aperian.com/?sp=UKG-8IVAI8BA Page URL
https://auth.aperianglobal.com/authorize?client_id=BOyamrixm1vPk_xrZhsAgUhP8cXtKzkL&response_type=token%20i... Page URL
https://sso.ukg.com:9031/idp/SSO.saml2 Page URL

Detected technologies

Auth0 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

292 kB
Transfer

393 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://globesmart.sso.ukg.com/ HTTP 302
https://globesmart.aperianglobal.com/?sp=UKG-8IVAI8BA HTTP 301
https://app.aperian.com/?sp=UKG-8IVAI8BA Page URL
https://auth.aperianglobal.com/authorize?client_id=BOyamrixm1vPk_xrZhsAgUhP8cXtKzkL&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fapp.aperian.com%2Fauthenticated&scope=openid%20email%20profile&connection=UKG-8IVAI8BA&initial_screen=signUp&state=GCMQL9Ma0jYFlL0laTNfvBr~1HgQfUYn&nonce=MRy9H8gh1M6IoREeCJQi1f7UnvH~nq5H&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D Page URL
https://sso.ukg.com:9031/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://globesmart.sso.ukg.com/ HTTP 302
https://globesmart.aperianglobal.com/?sp=UKG-8IVAI8BA HTTP 301
https://app.aperian.com/?sp=UKG-8IVAI8BA

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
app.aperian.com/
Redirect Chain

https://globesmart.sso.ukg.com/
https://globesmart.aperianglobal.com/?sp=UKG-8IVAI8BA
https://app.aperian.com/?sp=UKG-8IVAI8BA

728 B
7 KB

729ms
112ms

Document
text/html

18.217.138.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.aperian.com/?sp=UKG-8IVAI8BA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.138.41 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-138-41.us-east-2.compute.amazonaws.com

Software

Resource Hash

404c054e74b5546b74984582a2ef2bbc2cdfe740880aef0497185898c551e839

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.aperian.com https://gateway.zscalertwo.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://auth.aperianglobal.com https://aperianglobal.auth0.com https://api.xmltime.com https://api.worldweatheronline.com https://cdn.auth0.com https://.aperian.com https://.appcues.com https://.wistia.com https://.mxpnl.com https://.cloudflare.com https://js.appboycdn.com https://secure.gravatar.com https://.googleapis.com https://www.googletagmanager.com https://www.googleadservices.com https://translate.google.com https://www.google-analytics.com https://.braze.com https://.rollbar.com https://.zdassets.com https://.zopim.com https://.stripe.com https://snap.licdn.com https://usage.clientsuccess.com https://www.surveygizmo.com https://gateway.zscalertwo.net;img-src 'self' data: https://resources.aperian.com https://www.google-analytics.com https://www.googletagmanager.com https://.amazonaws.com https://.aperian.com https://.wistia.com https://.gstatic.com https://.googleapis.com https://.linkedin.com https://stats.g.doubleclick.net https://res.cloudinary.com https://.google.com https://.google.ad https://.google.ae https://.google.com.af https://.google.com.ag https://.google.al https://.google.am https://.google.co.ao https://.google.com.ar https://.google.as https://.google.at https://.google.com.au https://.google.az https://.google.ba https://.google.com.bd https://.google.be https://.google.bf https://.google.bg https://.google.com.bh https://.google.bi https://.google.bj https://.google.com.bn https://.google.com.bo https://.google.com.br https://.google.bs https://.google.bt https://.google.co.bw https://.google.by https://.google.com.bz https://.google.ca https://.google.cd https://.google.cf https://.google.cg https://.google.ch https://.google.ci https://.google.co.ck https://.google.cl https://.google.cm https://.google.cn https://.google.com.co https://.google.co.cr https://.google.com.cu https://.google.cv https://.google.com.cy https://.google.cz https://.google.de https://.google.dj https://.google.dk https://.google.dm https://.google.com.do https://.google.dz https://.google.com.ec https://.google.ee https://.google.com.eg https://.google.es https://.google.com.et https://.google.fi https://.google.com.fj https://.google.fm https://.google.fr https://.google.ga https://.google.ge https://.google.gg https://.google.com.gh https://.google.com.gi https://.google.gl https://.google.gm https://.google.gr https://.google.com.gt https://.google.gy https://.google.com.hk https://.google.hn https://.google.hr https://.google.ht https://.google.hu https://.google.co.id https://.google.ie https://.google.co.il https://.google.im https://.google.co.in https://.google.iq https://.google.is https://.google.it https://.google.je https://.google.com.jm https://.google.jo https://.google.co.jp https://.google.co.ke https://.google.com.kh https://.google.ki https://.google.kg https://.google.co.kr https://.google.com.kw https://.google.kz https://.google.la https://.google.com.lb https://.google.li https://.google.lk https://.google.co.ls https://.google.lt https://.google.lu https://.google.lv https://.google.com.ly https://.google.co.ma https://.google.md https://.google.me https://.google.mg https://.google.mk https://.google.ml https://.google.com.mm https://.google.mn https://.google.com.mt https://.google.mu https://.google.mv https://.google.mw https://.google.com.mx https://.google.com.my https://.google.co.mz https://.google.com.na https://.google.com.ng https://.google.com.ni https://.google.ne https://.google.nl https://.google.no https://.google.com.np https://.google.nr https://.google.nu https://.google.co.nz https://.google.com.om https://.google.com.pa https://.google.com.pe https://.google.com.pg https://.google.com.ph https://.google.com.pk https://.google.pl https://.google.pn https://.google.com.pr https://.google.ps https://.google.pt https://.google.com.py https://.google.com.qa https://.google.ro https://.google.ru https://.google.rw https://.google.com.sa https://.google.com.sb https://.google.sc https://.google.se https://.google.com.sg https://.google.sh https://.google.si https://.google.sk https://.google.com.sl https://.google.sn https://.google.so https://.google.sm https://.google.sr https://.google.st https://.google.com.sv https://.google.td https://.google.tg https://.google.co.th https://.google.com.tj https://.google.tl https://.google.tm https://.google.tn https://.google.to https://.google.com.tr https://.google.tt https://.google.com.tw https://.google.co.tz https://.google.com.ua https://.google.co.ug https://.google.co.uk https://.google.com.uy https://.google.co.uz https://.google.com.vc https://.google.co.ve https://.google.co.vi https://.google.com.vn https://.google.vu https://.google.ws https://.google.rs https://.google.co.za https://.google.co.zm https://.google.co.zw https://.google.cat https://www.googleadservices.com https://gateway.zscalertwo.net;connect-src 'self' blob: https://app.aperian.com https://auth.aperianglobal.com https://.auth0.com https://www.google-analytics.com https://analytics.google.com https://.analytics.google.com https://www.google.co.in https://.mixpanel.com https://.wistia.com https://.wistia.net https://.rollbar.com https://.braze.com https://.zdassets.com https://aperian.zendesk.com https://.zopim.com https://.googleapis.com https://.litix.io wss://widget-mediator.zopim.com wss://api.appcues.net https://api.appcues.net https://.appcues.com https://.linkedin.com https://stats.g.doubleclick.net https://usage.clientsuccess.com https://gateway.zscalertwo.net;font-src 'self' data: https://.aperian.com https://.fontawesome.com https://.amazonaws.com https://.googleapis.com https://fonts.gstatic.com https://.wistia.com https://gateway.zscalertwo.net;style-src 'self' 'unsafe-inline' https://.aperian.com https://.gstatic.com https://.appcues.com https://.fontawesome.com https://.googleapis.com https://.wistia.com https://gateway.zscalertwo.net;media-src 'self' blob: https://.aperian.com https://.zdassets.com https://.wistia.com https://gateway.zscalertwo.net;frame-ancestors 'self' https://app.chaindesk.ai https://js.stripe.com https://survey.alchemer.com https://assessments.aperianglobal.com https://auth.aperianglobal.com https://reporting.aperian.com https://td.doubleclick.net https://.wistia.com https://gateway.zscalertwo.net;frame-src 'self' https://app.chaindesk.ai https://js.stripe.com https://survey.alchemer.com https://assessments.aperianglobal.com https://auth.aperianglobal.com https://reporting.aperian.com https://td.doubleclick.net https://.wistia.com https://.wistia.net https://gateway.zscalertwo.net;manifest-src 'self' https://.aperian.com https://gateway.zscalertwo.net;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://.aperian.com https://js.stripe.com https://maps.googleapis.com https://usage.clientsuccess.com https://cdn.auth0.com https://.rollbar.com https://js.appboycdn.com https://www.googletagmanager.com https://www.googleadservices.com https://snap.licdn.com https://.cloudflare.com https://.appcues.com https://.wistia.com https://.mxpnl.com https://gateway.zscalertwo.net;worker-src 'self' blob:;upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache
content-length: 728
content-security-policy: default-src 'self' https://*.aperian.com https://gateway.zscalertwo.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://auth.aperianglobal.com https://aperianglobal.auth0.com https://api.xmltime.com https://api.worldweatheronline.com https://cdn.auth0.com https://*.aperian.com https://*.appcues.com https://*.wistia.com https://*.mxpnl.com https://*.cloudflare.com https://js.appboycdn.com https://secure.gravatar.com https://*.googleapis.com https://www.googletagmanager.com https://www.googleadservices.com https://translate.google.com https://www.google-analytics.com https://*.braze.com https://*.rollbar.com https://*.zdassets.com https://*.zopim.com https://*.stripe.com https://snap.licdn.com https://usage.clientsuccess.com https://www.surveygizmo.com https://gateway.zscalertwo.net;img-src 'self' data: https://resources.aperian.com https://www.google-analytics.com https://www.googletagmanager.com https://*.amazonaws.com https://*.aperian.com https://*.wistia.com https://*.gstatic.com https://*.googleapis.com https://*.linkedin.com https://stats.g.doubleclick.net https://res.cloudinary.com https://*.google.com https://*.google.ad https://*.google.ae https://*.google.com.af https://*.google.com.ag https://*.google.al https://*.google.am https://*.google.co.ao https://*.google.com.ar https://*.google.as https://*.google.at https://*.google.com.au https://*.google.az https://*.google.ba https://*.google.com.bd https://*.google.be https://*.google.bf https://*.google.bg https://*.google.com.bh https://*.google.bi https://*.google.bj https://*.google.com.bn https://*.google.com.bo https://*.google.com.br https://*.google.bs https://*.google.bt https://*.google.co.bw https://*.google.by https://*.google.com.bz https://*.google.ca https://*.google.cd https://*.google.cf https://*.google.cg https://*.google.ch https://*.google.ci https://*.google.co.ck https://*.google.cl https://*.google.cm https://*.google.cn https://*.google.com.co https://*.google.co.cr https://*.google.com.cu https://*.google.cv https://*.google.com.cy https://*.google.cz https://*.google.de https://*.google.dj https://*.google.dk https://*.google.dm https://*.google.com.do https://*.google.dz https://*.google.com.ec https://*.google.ee https://*.google.com.eg https://*.google.es https://*.google.com.et https://*.google.fi https://*.google.com.fj https://*.google.fm https://*.google.fr https://*.google.ga https://*.google.ge https://*.google.gg https://*.google.com.gh https://*.google.com.gi https://*.google.gl https://*.google.gm https://*.google.gr https://*.google.com.gt https://*.google.gy https://*.google.com.hk https://*.google.hn https://*.google.hr https://*.google.ht https://*.google.hu https://*.google.co.id https://*.google.ie https://*.google.co.il https://*.google.im https://*.google.co.in https://*.google.iq https://*.google.is https://*.google.it https://*.google.je https://*.google.com.jm https://*.google.jo https://*.google.co.jp https://*.google.co.ke https://*.google.com.kh https://*.google.ki https://*.google.kg https://*.google.co.kr https://*.google.com.kw https://*.google.kz https://*.google.la https://*.google.com.lb https://*.google.li https://*.google.lk https://*.google.co.ls https://*.google.lt https://*.google.lu https://*.google.lv https://*.google.com.ly https://*.google.co.ma https://*.google.md https://*.google.me https://*.google.mg https://*.google.mk https://*.google.ml https://*.google.com.mm https://*.google.mn https://*.google.com.mt https://*.google.mu https://*.google.mv https://*.google.mw https://*.google.com.mx https://*.google.com.my https://*.google.co.mz https://*.google.com.na https://*.google.com.ng https://*.google.com.ni https://*.google.ne https://*.google.nl https://*.google.no https://*.google.com.np https://*.google.nr https://*.google.nu https://*.google.co.nz https://*.google.com.om https://*.google.com.pa https://*.google.com.pe https://*.google.com.pg https://*.google.com.ph https://*.google.com.pk https://*.google.pl https://*.google.pn https://*.google.com.pr https://*.google.ps https://*.google.pt https://*.google.com.py https://*.google.com.qa https://*.google.ro https://*.google.ru https://*.google.rw https://*.google.com.sa https://*.google.com.sb https://*.google.sc https://*.google.se https://*.google.com.sg https://*.google.sh https://*.google.si https://*.google.sk https://*.google.com.sl https://*.google.sn https://*.google.so https://*.google.sm https://*.google.sr https://*.google.st https://*.google.com.sv https://*.google.td https://*.google.tg https://*.google.co.th https://*.google.com.tj https://*.google.tl https://*.google.tm https://*.google.tn https://*.google.to https://*.google.com.tr https://*.google.tt https://*.google.com.tw https://*.google.co.tz https://*.google.com.ua https://*.google.co.ug https://*.google.co.uk https://*.google.com.uy https://*.google.co.uz https://*.google.com.vc https://*.google.co.ve https://*.google.co.vi https://*.google.com.vn https://*.google.vu https://*.google.ws https://*.google.rs https://*.google.co.za https://*.google.co.zm https://*.google.co.zw https://*.google.cat https://www.googleadservices.com https://gateway.zscalertwo.net;connect-src 'self' blob: https://app.aperian.com https://auth.aperianglobal.com https://*.auth0.com https://www.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://www.google.co.in https://*.mixpanel.com https://*.wistia.com https://*.wistia.net https://*.rollbar.com https://*.braze.com https://*.zdassets.com https://aperian.zendesk.com https://*.zopim.com https://*.googleapis.com https://*.litix.io wss://widget-mediator.zopim.com wss://api.appcues.net https://api.appcues.net https://*.appcues.com https://*.linkedin.com https://stats.g.doubleclick.net https://usage.clientsuccess.com https://gateway.zscalertwo.net;font-src 'self' data: https://*.aperian.com https://*.fontawesome.com https://*.amazonaws.com https://*.googleapis.com https://fonts.gstatic.com https://*.wistia.com https://gateway.zscalertwo.net;style-src 'self' 'unsafe-inline' https://*.aperian.com https://*.gstatic.com https://*.appcues.com https://*.fontawesome.com https://*.googleapis.com https://*.wistia.com https://gateway.zscalertwo.net;media-src 'self' blob: https://*.aperian.com https://*.zdassets.com https://*.wistia.com https://gateway.zscalertwo.net;frame-ancestors 'self' https://app.chaindesk.ai https://js.stripe.com https://survey.alchemer.com https://assessments.aperianglobal.com https://auth.aperianglobal.com https://reporting.aperian.com https://td.doubleclick.net https://*.wistia.com https://gateway.zscalertwo.net;frame-src 'self' https://app.chaindesk.ai https://js.stripe.com https://survey.alchemer.com https://assessments.aperianglobal.com https://auth.aperianglobal.com https://reporting.aperian.com https://td.doubleclick.net https://*.wistia.com https://*.wistia.net https://gateway.zscalertwo.net;manifest-src 'self' https://*.aperian.com https://gateway.zscalertwo.net;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://*.aperian.com https://js.stripe.com https://maps.googleapis.com https://usage.clientsuccess.com https://cdn.auth0.com https://*.rollbar.com https://js.appboycdn.com https://www.googletagmanager.com https://www.googleadservices.com https://snap.licdn.com https://*.cloudflare.com https://*.appcues.com https://*.wistia.com https://*.mxpnl.com https://gateway.zscalertwo.net;worker-src 'self' blob:;upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 21:52:24 GMT
etag: W/"2d8-JEbyDeL0M9qCvSTlHq1/dS5D1Bw"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-robots-tag: noindex
x-xss-protection: 0

Redirect headers

content-length: 134
content-type: text/html
date: Wed, 03 Jul 2024 21:52:23 GMT
location: https://app.aperian.com:443/?sp=UKG-8IVAI8BA
server: awselb/2.0

GET
H2 200 auth0.min.js
cdn.auth0.com/js/auth0/9.14.3/ 154 KB
42 KB 106ms
57ms Script
application/javascript 2600:9000:2359:d400:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/auth0/9.14.3/auth0.min.js

Requested by

Host: app.aperian.com
URL: https://app.aperian.com/?sp=UKG-8IVAI8BA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:d400:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: v7u3FWbmvJfA0GFUjdJjSKEHTJ9EFhb9
content-encoding: gzip
via: 1.1 9a97e41242551c9a56be1311e4d3db70.cloudfront.net (CloudFront)
date: Wed, 03 Jul 2024 06:32:13 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 74596
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 26 Jan 2021 12:29:45 GMT
server: AmazonS3
etag: W/"8987f6d982d09cf27f1ec734c42a3089"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2628000,public
x-robots-tag: noindex
x-amz-cf-id: 1tktziWWXih_0NIPv6CKvJjzZaSDP-kYZQmiqdYeD2ZkKo2iYaWqCQ==

GET
H2 200 authorize Show response
auth.aperianglobal.com/ 1 KB
2 KB 592ms
296ms Document
text/html 2606:4700::6811:ffb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.aperianglobal.com/authorize?client_id=BOyamrixm1vPk_xrZhsAgUhP8cXtKzkL&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fapp.aperian.com%2Fauthenticated&scope=openid%20email%20profile&connection=UKG-8IVAI8BA&initial_screen=signUp&state=GCMQL9Ma0jYFlL0laTNfvBr~1HgQfUYn&nonce=MRy9H8gh1M6IoREeCJQi1f7UnvH~nq5H&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/auth0/9.14.3/auth0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ffb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9440965a2c9071dfe6619fefc304fde9fb1282258e128ccaadf9b6c162096ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 89da1a39fd619754-FRA
content-type: text/html; charset=utf-8
date: Wed, 03 Jul 2024 21:52:24 GMT
etag: W/"4da-Nkp9BWnTkd7AQ0pPBcOmM1T7pnU"
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: ca7448980270042b6c35
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1720043545

POST
H/1.1 200
OK Primary Request SSO.saml2 Show response
sso.ukg.com/idp/ 9 KB
10 KB 439ms
116ms Document
text/html 158.228.49.167
KRONOS-MA

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.ukg.com:9031/idp/SSO.saml2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

158.228.49.167 Newton Center, United States, ASN46269 (KRONOS-MA, US),

Reverse DNS

Software

Resource Hash

5436f951237cb765a910b330b95ee7a084732307051bb854dca4c2cc82ac5a02

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.ukg.com https://.kronos.com https://.ultimatesoftware.com https://.us.corp https://.force.com https://.salesforce.com https://.my.salesforce.com https://.lightning.force.com https://*.visualforce.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://auth.aperianglobal.com
Referer: https://auth.aperianglobal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store
Content-Length: 9702
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.ukg.com https://*.kronos.com https://*.ultimatesoftware.com https://*.us.corp https://*.force.com https://*.salesforce.com https://*.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com ;
Content-Type: text/html;charset=utf-8
Date: Wed, 03 Jul 2024 21:52:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Referrer-Policy: origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK main.css
sso.ukg.com/assets/css/ 170 KB
171 KB 100ms
100ms Stylesheet
text/css 158.228.49.167
KRONOS-MA

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.ukg.com:9031/assets/css/main.css

Requested by

Host: sso.ukg.com
URL: https://sso.ukg.com:9031/idp/SSO.saml2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

158.228.49.167 Newton Center, United States, ASN46269 (KRONOS-MA, US),

Reverse DNS

Software

Resource Hash

c84232e64dd5eee1b0ac425d136fbf8d9748d0db6a6bfd2dc7d38056fe467bc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.ukg.com https://.kronos.com https://.ultimatesoftware.com https://.us.corp https://.force.com https://.salesforce.com https://.my.salesforce.com https://.lightning.force.com https://*.visualforce.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sso.ukg.com:9031/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:52:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 00:10:44 GMT
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.ukg.com https://*.kronos.com https://*.ultimatesoftware.com https://*.us.corp https://*.force.com https://*.salesforce.com https://*.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com ;
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=0, must-revalidate
Content-Length: 174113

GET
H/1.1 200
OK ukg-logo.jpg
sso.ukg.com/assets/images/ 25 KB
26 KB 386ms
199ms Image
image/jpeg 158.228.49.167
KRONOS-MA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.ukg.com:9031/assets/images/ukg-logo.jpg

Requested by

Host: sso.ukg.com
URL: https://sso.ukg.com:9031/idp/SSO.saml2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

158.228.49.167 Newton Center, United States, ASN46269 (KRONOS-MA, US),

Reverse DNS

Software

Resource Hash

a08dee5bceb33ef2ab44bd717ee52438a8dcdda3064e215460159fa34bffe501

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.ukg.com https://.kronos.com https://.ultimatesoftware.com https://.us.corp https://.force.com https://.salesforce.com https://.my.salesforce.com https://.lightning.force.com https://*.visualforce.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sso.ukg.com:9031/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:52:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 23 Sep 2020 20:24:02 GMT
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.ukg.com https://*.kronos.com https://*.ultimatesoftware.com https://*.us.corp https://*.force.com https://*.salesforce.com https://*.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com ;
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=0, must-revalidate
Content-Length: 25660

GET
H/1.1 200
OK ping-horizontal-logo.svg
sso.ukg.com/assets/images/ 4 KB
5 KB 99ms
98ms Image
image/svg+xml 158.228.49.167
KRONOS-MA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.ukg.com:9031/assets/images/ping-horizontal-logo.svg

Requested by

Host: sso.ukg.com
URL: https://sso.ukg.com:9031/assets/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

158.228.49.167 Newton Center, United States, ASN46269 (KRONOS-MA, US),

Reverse DNS

Software

Resource Hash

e85fa95966d2ce21af29a616c2e779c85a2b983a365ca1187dd36f2bcda16b96

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.ukg.com https://.kronos.com https://.ultimatesoftware.com https://.us.corp https://.force.com https://.salesforce.com https://.my.salesforce.com https://.lightning.force.com https://*.visualforce.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sso.ukg.com:9031/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:52:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 00:08:28 GMT
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.ukg.com https://*.kronos.com https://*.ultimatesoftware.com https://*.us.corp https://*.force.com https://*.salesforce.com https://*.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com ;
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=0, must-revalidate
Content-Length: 3992

GET
H/1.1 200
OK iconfont.ttf
sso.ukg.com/assets/fonts/icons/ 21 KB
22 KB 103ms
99ms Font
text/plain 158.228.49.167
KRONOS-MA

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.ukg.com:9031/assets/fonts/icons/iconfont.ttf?-sa9xtz

Requested by

Host: sso.ukg.com
URL: https://sso.ukg.com:9031/assets/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

158.228.49.167 Newton Center, United States, ASN46269 (KRONOS-MA, US),

Reverse DNS

Software

Resource Hash

ce7bdfddd1d0ccb2745e5bb6a92131d09afaac87a0f7d94c0be4a72720dd25d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.ukg.com https://.kronos.com https://.ultimatesoftware.com https://.us.corp https://.force.com https://.salesforce.com https://.my.salesforce.com https://.lightning.force.com https://*.visualforce.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sso.ukg.com:9031/
Origin: https://sso.ukg.com:9031
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:52:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 00:08:28 GMT
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.ukg.com https://*.kronos.com https://*.ultimatesoftware.com https://*.us.corp https://*.force.com https://*.salesforce.com https://*.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com ;
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, must-revalidate
Content-Length: 21676

GET
H/1.1 200
OK favicon.ico
sso.ukg.com/ 7 KB
8 KB 95ms
94ms Other
image/x-icon 158.228.49.167
KRONOS-MA

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.ukg.com:9031/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

158.228.49.167 Newton Center, United States, ASN46269 (KRONOS-MA, US),

Reverse DNS

Software

Resource Hash

13cdabd902393eb932efe980f89b78fad664cacc755f2b8cdaf8b908fe72991b

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.ukg.com https://.kronos.com https://.ultimatesoftware.com https://.us.corp https://.force.com https://.salesforce.com https://.my.salesforce.com https://.lightning.force.com https://*.visualforce.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sso.ukg.com:9031/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 21:52:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: origin
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 00:08:28 GMT
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.ukg.com https://*.kronos.com https://*.ultimatesoftware.com https://*.us.corp https://*.force.com https://*.salesforce.com https://*.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com ;
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon
Content-Length: 7406

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukg.com/	1970-01-20 21:47:25	Name: __cf_bm Value: oGUp_kF4NljlHlRiE0f4e7SYXGWnnUJDNy5VuQcdPK4-1720043542-1.0.1.1-HdTR.XWZapnG2qN9JfLocfxRqMauLMhxrrJaXPKdW.8CPmfXOoPleWXhykSR.iKNsm0nlr_L1DcbSM68FXsdEA
app.aperian.com/	1969-12-31 23:59:59	Name: apg_redirect Value: %2F%3Fsp%3DUKG-8IVAI8BA
app.aperian.com/	1970-01-20 21:47:25	Name: com.auth0.auth.GCMQL9Ma0jYFlL0laTNfvBr~1HgQfUYn Value: {%22nonce%22:%22MRy9H8gh1M6IoREeCJQi1f7UnvH~nq5H%22%2C%22state%22:%22GCMQL9Ma0jYFlL0laTNfvBr~1HgQfUYn%22%2C%22lastUsedConnection%22:%22UKG-8IVAI8BA%22}
auth.aperianglobal.com/	1970-01-21 06:33:21	Name: did Value: s%3Av0%3A2934cf33-e297-436f-adc6-3653c8a2936c.amVX541vrQ7cM7X3FjCF9grmdzoeHJ4VHW9smGFx8xQ
auth.aperianglobal.com/	1970-01-20 21:51:42	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAecnKo2ST2UsF_IacJAMDRxTRJqz3Cj_eQTl3bu8E9_UgLVlm5PVaYwyJRRWTiILpbCb1ZXvjkT7Jd1mAGqK0WmY29va2llg6dleHBpcmVz1__J8McAZom8mK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6T%2F3XLaIbcV5SoV%2FMLvkLxOQlWprhlaB%2BzV7cW4lA%2Bg
auth.aperianglobal.com/	1970-01-21 06:33:21	Name: did_compat Value: s%3Av0%3A2934cf33-e297-436f-adc6-3653c8a2936c.amVX541vrQ7cM7X3FjCF9grmdzoeHJ4VHW9smGFx8xQ
auth.aperianglobal.com/	1970-01-20 21:51:42	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAecnKo2ST2UsF_IacJAMDRxTRJqz3Cj_eQTl3bu8E9_UgLVlm5PVaYwyJRRWTiILpbCb1ZXvjkT7Jd1mAGqK0WmY29va2llg6dleHBpcmVz1__J8McAZom8mK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.6T%2F3XLaIbcV5SoV%2FMLvkLxOQlWprhlaB%2BzV7cW4lA%2Bg
sso.ukg.com/	1969-12-31 23:59:59	Name: PF Value: Ut53UirADoVbJhDptXmZwP
sso.ukg.com/	1969-12-31 23:59:59	Name: UKGSSO Value: 2718052362.18211.0000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://sso.ukg.com:9031/idp/SSO.saml2 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.aperian.com https://gateway.zscalertwo.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://auth.aperianglobal.com https://aperianglobal.auth0.com https://api.xmltime.com https://api.worldweatheronline.com https://cdn.auth0.com https://.aperian.com https://.appcues.com https://.wistia.com https://.mxpnl.com https://.cloudflare.com https://js.appboycdn.com https://secure.gravatar.com https://.googleapis.com https://www.googletagmanager.com https://www.googleadservices.com https://translate.google.com https://www.google-analytics.com https://.braze.com https://.rollbar.com https://.zdassets.com https://.zopim.com https://.stripe.com https://snap.licdn.com https://usage.clientsuccess.com https://www.surveygizmo.com https://gateway.zscalertwo.net;img-src 'self' data: https://resources.aperian.com https://www.google-analytics.com https://www.googletagmanager.com https://.amazonaws.com https://.aperian.com https://.wistia.com https://.gstatic.com https://.googleapis.com https://.linkedin.com https://stats.g.doubleclick.net https://res.cloudinary.com https://.google.com https://.google.ad https://.google.ae https://.google.com.af https://.google.com.ag https://.google.al https://.google.am https://.google.co.ao https://.google.com.ar https://.google.as https://.google.at https://.google.com.au https://.google.az https://.google.ba https://.google.com.bd https://.google.be https://.google.bf https://.google.bg https://.google.com.bh https://.google.bi https://.google.bj https://.google.com.bn https://.google.com.bo https://.google.com.br https://.google.bs https://.google.bt https://.google.co.bw https://.google.by https://.google.com.bz https://.google.ca https://.google.cd https://.google.cf https://.google.cg https://.google.ch https://.google.ci https://.google.co.ck https://.google.cl https://.google.cm https://.google.cn https://.google.com.co https://.google.co.cr https://.google.com.cu https://.google.cv https://.google.com.cy https://.google.cz https://.google.de https://.google.dj https://.google.dk https://.google.dm https://.google.com.do https://.google.dz https://.google.com.ec https://.google.ee https://.google.com.eg https://.google.es https://.google.com.et https://.google.fi https://.google.com.fj https://.google.fm https://.google.fr https://.google.ga https://.google.ge https://.google.gg https://.google.com.gh https://.google.com.gi https://.google.gl https://.google.gm https://.google.gr https://.google.com.gt https://.google.gy https://.google.com.hk https://.google.hn https://.google.hr https://.google.ht https://.google.hu https://.google.co.id https://.google.ie https://.google.co.il https://.google.im https://.google.co.in https://.google.iq https://.google.is https://.google.it https://.google.je https://.google.com.jm https://.google.jo https://.google.co.jp https://.google.co.ke https://.google.com.kh https://.google.ki https://.google.kg https://.google.co.kr https://.google.com.kw https://.google.kz https://.google.la https://.google.com.lb https://.google.li https://.google.lk https://.google.co.ls https://.google.lt https://.google.lu https://.google.lv https://.google.com.ly https://.google.co.ma https://.google.md https://.google.me https://.google.mg https://.google.mk https://.google.ml https://.google.com.mm https://.google.mn https://.google.com.mt https://.google.mu https://.google.mv https://.google.mw https://.google.com.mx https://.google.com.my https://.google.co.mz https://.google.com.na https://.google.com.ng https://.google.com.ni https://.google.ne https://.google.nl https://.google.no https://.google.com.np https://.google.nr https://.google.nu https://.google.co.nz https://.google.com.om https://.google.com.pa https://.google.com.pe https://.google.com.pg https://.google.com.ph https://.google.com.pk https://.google.pl https://.google.pn https://.google.com.pr https://.google.ps https://.google.pt https://.google.com.py https://.google.com.qa https://.google.ro https://.google.ru https://.google.rw https://.google.com.sa https://.google.com.sb https://.google.sc https://.google.se https://.google.com.sg https://.google.sh https://.google.si https://.google.sk https://.google.com.sl https://.google.sn https://.google.so https://.google.sm https://.google.sr https://.google.st https://.google.com.sv https://.google.td https://.google.tg https://.google.co.th https://.google.com.tj https://.google.tl https://.google.tm https://.google.tn https://.google.to https://.google.com.tr https://.google.tt https://.google.com.tw https://.google.co.tz https://.google.com.ua https://.google.co.ug https://.google.co.uk https://.google.com.uy https://.google.co.uz https://.google.com.vc https://.google.co.ve https://.google.co.vi https://.google.com.vn https://.google.vu https://.google.ws https://.google.rs https://.google.co.za https://.google.co.zm https://.google.co.zw https://.google.cat https://www.googleadservices.com https://gateway.zscalertwo.net;connect-src 'self' blob: https://app.aperian.com https://auth.aperianglobal.com https://.auth0.com https://www.google-analytics.com https://analytics.google.com https://.analytics.google.com https://www.google.co.in https://.mixpanel.com https://.wistia.com https://.wistia.net https://.rollbar.com https://.braze.com https://.zdassets.com https://aperian.zendesk.com https://.zopim.com https://.googleapis.com https://.litix.io wss://widget-mediator.zopim.com wss://api.appcues.net https://api.appcues.net https://.appcues.com https://.linkedin.com https://stats.g.doubleclick.net https://usage.clientsuccess.com https://gateway.zscalertwo.net;font-src 'self' data: https://.aperian.com https://.fontawesome.com https://.amazonaws.com https://.googleapis.com https://fonts.gstatic.com https://.wistia.com https://gateway.zscalertwo.net;style-src 'self' 'unsafe-inline' https://.aperian.com https://.gstatic.com https://.appcues.com https://.fontawesome.com https://.googleapis.com https://.wistia.com https://gateway.zscalertwo.net;media-src 'self' blob: https://.aperian.com https://.zdassets.com https://.wistia.com https://gateway.zscalertwo.net;frame-ancestors 'self' https://app.chaindesk.ai https://js.stripe.com https://survey.alchemer.com https://assessments.aperianglobal.com https://auth.aperianglobal.com https://reporting.aperian.com https://td.doubleclick.net https://.wistia.com https://gateway.zscalertwo.net;frame-src 'self' https://app.chaindesk.ai https://js.stripe.com https://survey.alchemer.com https://assessments.aperianglobal.com https://auth.aperianglobal.com https://reporting.aperian.com https://td.doubleclick.net https://.wistia.com https://.wistia.net https://gateway.zscalertwo.net;manifest-src 'self' https://.aperian.com https://gateway.zscalertwo.net;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://.aperian.com https://js.stripe.com https://maps.googleapis.com https://usage.clientsuccess.com https://cdn.auth0.com https://.rollbar.com https://js.appboycdn.com https://www.googletagmanager.com https://www.googleadservices.com https://snap.licdn.com https://.cloudflare.com https://.appcues.com https://.wistia.com https://.mxpnl.com https://gateway.zscalertwo.net;worker-src 'self' blob:;upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.aperian.com
auth.aperianglobal.com
cdn.auth0.com
globesmart.aperianglobal.com
globesmart.sso.ukg.com
sso.ukg.com
158.228.49.167
18.217.138.41
2600:9000:2359:d400:10:474e:104a:2961
2606:4700::6811:ffb6
2606:4700::6812:3b5
3.16.184.59
13cdabd902393eb932efe980f89b78fad664cacc755f2b8cdaf8b908fe72991b
404c054e74b5546b74984582a2ef2bbc2cdfe740880aef0497185898c551e839
5436f951237cb765a910b330b95ee7a084732307051bb854dca4c2cc82ac5a02
a08dee5bceb33ef2ab44bd717ee52438a8dcdda3064e215460159fa34bffe501
c84232e64dd5eee1b0ac425d136fbf8d9748d0db6a6bfd2dc7d38056fe467bc5
ce7bdfddd1d0ccb2745e5bb6a92131d09afaac87a0f7d94c0be4a72720dd25d3
e85fa95966d2ce21af29a616c2e779c85a2b983a365ca1187dd36f2bcda16b96
e9440965a2c9071dfe6619fefc304fde9fb1282258e128ccaadf9b6c162096ef

sso.ukg.com Open in urlscan Pro 158.228.49.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

50 %IPv6

4 Domains

6 Subdomains

4 IPs

1 Countries

292 kBTransfer

393 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

9 Cookies

1 Console Messages

Security Headers

Indicators

sso.ukg.com Open in urlscan Pro
158.228.49.167 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

292 kB
Transfer

393 kB
Size

9
Cookies

9 HTTP transactions
0 data transactions