app101prodazureadb2c01.b2clogin.com Open in urlscan Pro
20.190.160.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://support.ceridian.com/
Effective URL:
https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a4...
Submission: On August 30 via manual (August 30th 2021, 12:04:09 am UTC) from HK

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 42 HTTP transactions. The main IP is 20.190.160.73, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is app101prodazureadb2c01.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 17th 2021. Valid for: a year.

This is the only time app101prodazureadb2c01.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 25	45.60.65.3 45.60.65.3	19551 (INCAPSULA) (INCAPSULA)
6	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	20.190.160.73 20.190.160.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
42	11

25 45.60.65.3 (United States) 5 redirects

ASN19551 (INCAPSULA, US)

support.ceridian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crmws.ceridian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

content.powerapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.190.160.73 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

app101prodazureadb2c01.b2clogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	ceridian.com 5 redirects support.ceridian.com crmws.ceridian.com	245 KB
7	cookielaw.org cdn.cookielaw.org	116 KB
6	powerapps.com content.powerapps.com	341 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	b2clogin.com app101prodazureadb2c01.b2clogin.com	130 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	63 B
1	doubleclick.net stats.g.doubleclick.net	91 B
1	onetrust.com geolocation.onetrust.com	373 B
1	googletagmanager.com www.googletagmanager.com	40 KB
42	10

	Domain	Requested by
21	support.ceridian.com	5 redirects support.ceridian.com
7	cdn.cookielaw.org	support.ceridian.com cdn.cookielaw.org
6	content.powerapps.com	support.ceridian.com
4	crmws.ceridian.com	app101prodazureadb2c01.b2clogin.com crmws.ceridian.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	app101prodazureadb2c01.b2clogin.com	support.ceridian.com app101prodazureadb2c01.b2clogin.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	support.ceridian.com
42	11

This site contains no links.

Subject Issuer	Validity	Valid
*.ceridian.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-02-05`	a year	crt.sh
content.powerapps.com Microsoft RSA TLS CA 02	`2021-07-21` - `2022-07-21`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-08-17` - `2022-08-17`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a42260b9-e8ab-466b-bdf9-0690340d3fc4&redirect_uri=https%3A%2F%2Fsupport.ceridian.com%2Fsignin-azureb2c&response_type=code%20id_token&scope=openid&state=OpenIdConnect.AuthenticationProperties%3DoC2v84vDJk1QvLQsNeqPXXM8iErq4FDt_sKaKJQosk44KAhiO-myitRctaXeOO14RBYlR3fiNDzVFOaGgwTSOLlDI-Le-RXRFxnb24at1Ip4iwZz8Ja2DWVkE5gTjbzSM4zzN99H9r35Os4EBm7bQ-MjjnGEYjcvpTvZ4QBf48RYnoe48GxJBa4ECNNIOQ-TYr1Xh0uQ2kuFbUBbLRiqf-m-8BTezZTldfLerbCoKQrI8bUgdb6htzEk0TWQp1-TfWtnVWAaNm9InmG1HsTddwZMLz_XW0DtsEBG4K9QM0J7h28mM9boKvpnfoUyctKtdPQpDvFky87Bj6YdSLhjXCEcL4EJMBruai73nosVA4QQfwRCusqlRq4JqG7331UmxRY5o3HkWiMsINqo3voGk4avFT4EXTMUCHk6wnRHV510maXIC3gEMKfFjty_5OW_&response_mode=form_post&nonce=637658786296213439.NTE0OGJkYjktN2I3Ni00YjJkLTg1NDMtYmI0ZjE4OGQ4OTNjNzUwYTY5Y2UtNmExZS00MGNhLTllMzAtYzE5ZjE1NzhhNzYw&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0
Frame ID: CE61453CD14ED1F236371D4135536575
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page URL History Show full URLs

http://support.ceridian.com/ HTTP 301
https://support.ceridian.com/ HTTP 302
https://support.ceridian.com/en-US/ Page URL
https://support.ceridian.com/signin HTTP 302
https://support.ceridian.com/en-US/signin HTTP 302
https://support.ceridian.com/en-US/Account/Login/ExternalLogin?provider=https%3A%2F%2Fapp101prodazureadb2... HTTP 302
https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/au... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

42
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

888 kB
Transfer

3212 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://support.ceridian.com/ HTTP 301
https://support.ceridian.com/ HTTP 302
https://support.ceridian.com/en-US/ Page URL
https://support.ceridian.com/signin HTTP 302
https://support.ceridian.com/en-US/signin HTTP 302
https://support.ceridian.com/en-US/Account/Login/ExternalLogin?provider=https%3A%2F%2Fapp101prodazureadb2c01.b2clogin.com%2Ftfp%2F5f332265-251b-4b16-896a-1ba645565716%2Fb2c_1a_crm_signup_signin%2Fv2.0%2F HTTP 302
https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a42260b9-e8ab-466b-bdf9-0690340d3fc4&redirect_uri=https%3A%2F%2Fsupport.ceridian.com%2Fsignin-azureb2c&response_type=code%20id_token&scope=openid&state=OpenIdConnect.AuthenticationProperties%3DoC2v84vDJk1QvLQsNeqPXXM8iErq4FDt_sKaKJQosk44KAhiO-myitRctaXeOO14RBYlR3fiNDzVFOaGgwTSOLlDI-Le-RXRFxnb24at1Ip4iwZz8Ja2DWVkE5gTjbzSM4zzN99H9r35Os4EBm7bQ-MjjnGEYjcvpTvZ4QBf48RYnoe48GxJBa4ECNNIOQ-TYr1Xh0uQ2kuFbUBbLRiqf-m-8BTezZTldfLerbCoKQrI8bUgdb6htzEk0TWQp1-TfWtnVWAaNm9InmG1HsTddwZMLz_XW0DtsEBG4K9QM0J7h28mM9boKvpnfoUyctKtdPQpDvFky87Bj6YdSLhjXCEcL4EJMBruai73nosVA4QQfwRCusqlRq4JqG7331UmxRY5o3HkWiMsINqo3voGk4avFT4EXTMUCHk6wnRHV510maXIC3gEMKfFjty_5OW_&response_mode=form_post&nonce=637658786296213439.NTE0OGJkYjktN2I3Ni00YjJkLTg1NDMtYmI0ZjE4OGQ4OTNjNzUwYTY5Y2UtNmExZS00MGNhLTllMzAtYzE5ZjE1NzhhNzYw&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://support.ceridian.com/ HTTP 301
https://support.ceridian.com/ HTTP 302
https://support.ceridian.com/en-US/

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
support.ceridian.com/en-US/
Redirect Chain

http://support.ceridian.com/
https://support.ceridian.com/
https://support.ceridian.com/en-US/

65 KB
15 KB

6963ms
6963ms

Document
text/html

45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1e53e0f20a89ffa62ff68ededf5b6dd63cc6bc6b1f0a6e1a580647e3358d54bd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob:; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; frame-src * blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: support.ceridian.com
:scheme: https
:path: /en-US/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Dynamics365PortalAnalytics=IEUtqomZDJhEXUG5KEuWH0sniJdA0sZ7zs5xMpD0IT8VV4Z11-1J9EQVP_nFPO7b7C1dMesKvYFwORXFzd9jPpTQCeeW4JuaeZvEbhPWdd28dQKLvXCUgSmaSKDMPMo0GzLgCmNemtk-S0nBqW0c8g2; ARRAffinity=708583241ae3b3bf282414f815ee435f1045a235e4144440ad23f7fe14250271; ARRAffinitySameSite=708583241ae3b3bf282414f815ee435f1045a235e4144440ad23f7fe14250271; visid_incap_2262494=gGQHbDEQQh6uY+IR2As3x10gLGEAAAAAQUIPAAAAAADdkwKL91ZAoVczsKLNzFsP; nlbi_2262494=exuPJEgE/D7ZfIKfxf3yAQAAAAAlIPmFzd0LHmofNe1goGvM; incap_ses_533_2262494=W8sAdGVUtjS8ZXvdI5llB10gLGEAAAAAX9I6lBcrYb/3sG+5qYPZrw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; path=/; secure; HttpOnly; SameSite=None
x-ms-request-id: b938d71b-aaa1-4c20-a7c1-784d0bd61f33
x-ms-portal-app: site-bd08b29f-ebac-4329-a01f-25b0e2a31776-USe2
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers: ceridian
content-security-policy: default-src * blob:; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *; frame-src * blob:;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Aug 2021 00:03:48 GMT
x-cdn: Imperva
x-iinfo: 5-159058564-159058522 PNNN RT(1630281821497 0) q(0 0 0 -1) r(70 70) U12

Redirect headers

location: /en-US/
set-cookie: Dynamics365PortalAnalytics=IEUtqomZDJhEXUG5KEuWH0sniJdA0sZ7zs5xMpD0IT8VV4Z11-1J9EQVP_nFPO7b7C1dMesKvYFwORXFzd9jPpTQCeeW4JuaeZvEbhPWdd28dQKLvXCUgSmaSKDMPMo0GzLgCmNemtk-S0nBqW0c8g2; expires=Sun, 28-Nov-2021 00:03:41 GMT; path=/; secure; HttpOnly; SameSite=None ARRAffinity=708583241ae3b3bf282414f815ee435f1045a235e4144440ad23f7fe14250271;Path=/;HttpOnly;Secure;Domain=support.ceridian.com ARRAffinitySameSite=708583241ae3b3bf282414f815ee435f1045a235e4144440ad23f7fe14250271;Path=/;HttpOnly;SameSite=None;Secure;Domain=support.ceridian.com visid_incap_2262494=gGQHbDEQQh6uY+IR2As3x10gLGEAAAAAQUIPAAAAAADdkwKL91ZAoVczsKLNzFsP; expires=Mon, 29 Aug 2022 08:51:07 GMT; HttpOnly; path=/; Domain=.ceridian.com; Secure; SameSite=None nlbi_2262494=exuPJEgE/D7ZfIKfxf3yAQAAAAAlIPmFzd0LHmofNe1goGvM; path=/; Domain=.ceridian.com; Secure; SameSite=None incap_ses_533_2262494=W8sAdGVUtjS8ZXvdI5llB10gLGEAAAAAX9I6lBcrYb/3sG+5qYPZrw==; path=/; Domain=.ceridian.com; Secure; SameSite=None
x-ms-request-id: 25f8b420-33c9-4d5f-9608-3f1e4904eee4
x-ms-portal-app: site-bd08b29f-ebac-4329-a01f-25b0e2a31776-USe2
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers: ceridian
content-security-policy: default-src * blob:; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *; frame-src * blob:;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Aug 2021 00:03:41 GMT
content-length: 0
x-cdn: Imperva
x-iinfo: 5-159058521-159058522 NNNN CT(90 182 0) RT(1630281821070 0) q(0 0 3 0) r(4 4) U11

GET
H2 200 getresourcemanager Show response
support.ceridian.com/_resources/ 26 KB
9 KB 393ms
391ms Script
text/javascript 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://support.ceridian.com/_resources/getresourcemanager?lang=en-US

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

88e26a38539fee76da159d0e888bb54a68a703c69a5b1d0438dc4edd3d0e78cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob:; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; frame-src * blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /_resources/getresourcemanager?lang=en-US
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob:; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *; frame-src * blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 5-159059385-159059387 NNNN CT(89 183 0) RT(1630281828469 0) q(0 0 3 0) r(4 4)
x-ms-portal-app: site-bd08b29f-ebac-4329-a01f-25b0e2a31776-USe2
content-length: 8806
last-modified: Mon, 30 Aug 2021 00:03:20 GMT
x-frame-options: SAMEORIGIN
date: Mon, 30 Aug 2021 00:03:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
x-ms-request-id: 72445063-da13-4f0d-b454-ae1812190715
access-control-expose-headers: ceridian
cache-control: max-age=0
set-cookie: ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5;Path=/;HttpOnly;Secure;Domain=support.ceridian.com ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5;Path=/;HttpOnly;SameSite=None;Secure;Domain=support.ceridian.com visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; expires=Mon, 29 Aug 2022 08:51:07 GMT; HttpOnly; path=/; Domain=.ceridian.com; Secure; SameSite=None nlbi_2262494=b9WECazHRi559Dybxf3yAQAAAAC21dZ298TGvG64uEuCVPVl; path=/; Domain=.ceridian.com; Secure; SameSite=None incap_ses_533_2262494=adIOO3jT8SF6aHvdI5llB2QgLGEAAAAA7pJnF4AUFPkNZ0FIQbItRQ==; path=/; Domain=.ceridian.com; Secure; SameSite=None

GET
H2 200 bootstrap.min.css
support.ceridian.com/ 237 KB
39 KB 700ms
698ms Stylesheet
text/css 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://support.ceridian.com/bootstrap.min.css
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 09cb675c63dfe78d3186507424525eba57a07685cabd8a34fabae295888fa1b7

Request headers

:path: /bootstrap.min.css
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2019 01:46:35 GMT
x-cdn: Imperva
etag: hez/cllS+WUnirT3G8HsYRUVXAjOa06D79nYiHR5cRI=
content-type: text/css
x-iinfo: 5-159059386-159059388 NVNN CT(87 178 0) RT(1630281828469 0) q(0 0 3 2) r(7 7)
cache-control: max-age=0
set-cookie: Dynamics365PortalAnalytics=WZjjmd956pQZrEll7aCF53Rq2-U085VGSRqwXWh4O4d2p3rjwBooJstwBwVFW71KdUrbpEZltw9FtFXdSHxFfJmJ8cLotP6kVv7n3cL78Co1Rqszhd-FLbdNuqxAGJ5dlaCTdeNBZByns9rcXtXNow2; expires=Sun, 28-Nov-2021 00:03:48 GMT; path=/; secure; HttpOnly; SameSite=None ARRAffinity=708583241ae3b3bf282414f815ee435f1045a235e4144440ad23f7fe14250271;Path=/;HttpOnly;Secure;Domain=support.ceridian.com ARRAffinitySameSite=708583241ae3b3bf282414f815ee435f1045a235e4144440ad23f7fe14250271;Path=/;HttpOnly;SameSite=None;Secure;Domain=support.ceridian.com visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; expires=Mon, 29 Aug 2022 08:51:07 GMT; HttpOnly; path=/; Domain=.ceridian.com; Secure; SameSite=None nlbi_2262494=A6nEQgquzhjGYbOHxf3yAQAAAAAV0HlBg3EnM8Fl02CFH3Er; path=/; Domain=.ceridian.com; Secure; SameSite=None incap_ses_533_2262494=05lRNufaI1x6aHvdI5llB2UgLGEAAAAAgXnurNi1sAsWKOgdeq9weQ==; path=/; Domain=.ceridian.com; Secure; SameSite=None
content-length: 38786

GET
H2 200 glyphicons-font-awesome-migrate.min.css
support.ceridian.com/css/ 13 KB
4 KB 12ms
10ms Stylesheet
text/css 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://support.ceridian.com/css/glyphicons-font-awesome-migrate.min.css

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6ecb3da4b4b5adae0b627fafbf31366a07c33c047452ee750822e34b14dd1fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /css/glyphicons-font-awesome-migrate.min.css
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:48 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 10:28:40 GMT
x-cdn: Imperva
etag: "0bc215e5167d71:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-iinfo: 5-159059389-0 0CNN RT(1630281828472 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=0
set-cookie: visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; expires=Mon, 29 Aug 2022 08:51:07 GMT; HttpOnly; path=/; Domain=.ceridian.com; Secure; SameSite=None incap_ses_533_2262494=NWECSEzcEjV6aHvdI5llB2QgLGEAAAAA+Xe8LsHa7x5K2H/IL25NSA==; path=/; Domain=.ceridian.com; Secure; SameSite=None
content-length: 3865

GET
H2 200 preform.bundle-9f174c0c52.css
content.powerapps.com/resource/powerappsportal/dist/ 76 KB
13 KB 65ms
10ms Stylesheet
text/css 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-9f174c0c52.css

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

97ab74a6617725050b2fe38870d648d3548705c53a906e8d06ca19dc75edf0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0XJEqYQAAAAB1tXlwvk2SQqGLeu20aR0ITE9OMjFFREdFMTUxNAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=384.9,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 13164
timing-allow-origin: *
x-ms-islandgateway: ga0000003
server: Kestrel
date: Mon, 30 Aug 2021 00:03:48 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0ZCAsYQAAAABq0x00NJxRTIUgN8RW0aTRRlJBRURHRTEwMTIAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 3d2bae14-6318-47bc-be7f-f896e5da9b01
x-ms-service-request-id: 283e33d1-b0d1-4454-b1de-a9b66ced4d80
x-ms-static-content: al000000E

GET
H2 200 jquery.dataTables.css
support.ceridian.com/ 16 KB
4 KB 403ms
401ms Stylesheet
text/css 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://support.ceridian.com/jquery.dataTables.css
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b2ca3fd0081e9ae0c7b20bcf838cd4f510b0021891c63d80a8b97621526b078d

Request headers

:path: /jquery.dataTables.css
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:48 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2019 01:46:21 GMT
x-cdn: Imperva
etag: sso/0AgemuDHsgvPg4zU9RCwAhiRxj2AqLl2IVJrB40=
content-type: text/css
x-iinfo: 5-159059390-159059391 NVNN CT(91 183 0) RT(1630281828472 0) q(0 0 3 1) r(4 4)
cache-control: max-age=0
set-cookie: Dynamics365PortalAnalytics=fUeb7nFv-mG2uOPmU2DMBpAIAeHB_EYCGCQdi5b4pajGb2gSO36fn3qmKE1fUR2w1M2OMX91oSBjPoDS0hLRJHM464gswwEG3H9HyXbtCHxoigJKa6EGZ8CtYssoQkWUevGqMc_X7TZzGyFvKw91IQ2; expires=Sun, 28-Nov-2021 00:03:48 GMT; path=/; secure; HttpOnly; SameSite=None ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5;Path=/;HttpOnly;Secure;Domain=support.ceridian.com ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5;Path=/;HttpOnly;SameSite=None;Secure;Domain=support.ceridian.com visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; expires=Mon, 29 Aug 2022 08:51:07 GMT; HttpOnly; path=/; Domain=.ceridian.com; Secure; SameSite=None nlbi_2262494=FcBxbn+nUAaN7R+xxf3yAQAAAACGLiyitQ9A1wETFzclDJku; path=/; Domain=.ceridian.com; Secure; SameSite=None incap_ses_533_2262494=Ux9OM7XKWAB6aHvdI5llB2QgLGEAAAAALoJvD5TO4dDx3vbYLdbQgg==; path=/; Domain=.ceridian.com; Secure; SameSite=None
content-length: 2994

GET
H2 200 theme.css
support.ceridian.com/ 104 KB
14 KB 403ms
402ms Stylesheet
text/css 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://support.ceridian.com/theme.css
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 0d2ede9e1853324419a534887a7cf63ec5ce02445fb2e3ffbff825cecab13282

Request headers

:path: /theme.css
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:48 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2019 01:46:06 GMT
x-cdn: Imperva
etag: gBkOfKpiFBdcXA2KPH4bmyUl3bekdQdsvzcCZNlJ4f4=
content-type: text/css
x-iinfo: 5-159059392-159059393 NVNN CT(89 183 0) RT(1630281828474 0) q(0 0 3 0) r(4 4)
cache-control: max-age=0
set-cookie: Dynamics365PortalAnalytics=Ets-pY3RkoCzOYc_QVFIEVyl-nEpQZ0zp-1owBdQdWRjTnIfVdfo3y6btTpDRIUtBBdpByW229-aHURrHiMCJBq1TK04GzaZqghKbAmA444yxG1HItPa12DNmQbyj8zhisjZMhVHCsO8Riq0XIoGyw2; expires=Sun, 28-Nov-2021 00:03:48 GMT; path=/; secure; HttpOnly; SameSite=None ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5;Path=/;HttpOnly;Secure;Domain=support.ceridian.com ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5;Path=/;HttpOnly;SameSite=None;Secure;Domain=support.ceridian.com visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; expires=Mon, 29 Aug 2022 08:51:07 GMT; HttpOnly; path=/; Domain=.ceridian.com; Secure; SameSite=None nlbi_2262494=NF/uMuKrgH16kNSLxf3yAQAAAACQTRwN2weTEbTQ2fGNy9sJ; path=/; Domain=.ceridian.com; Secure; SameSite=None incap_ses_533_2262494=gaTPc4LGHRN6aHvdI5llB2QgLGEAAAAAZRUVQvSZSKIy0HLeGuJzzQ==; path=/; Domain=.ceridian.com; Secure; SameSite=None
content-length: 12957

GET
H2 200 styles.css
support.ceridian.com/ 11 KB
4 KB 416ms
414ms Stylesheet
text/css 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://support.ceridian.com/styles.css
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6463dd382e8b4871aca3f048841f991fa3364bb1c451ea6905d4077cb7336731

Request headers

:path: /styles.css
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:48 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2019 01:46:07 GMT
x-cdn: Imperva
etag: ZGPdOC6LSHGso/BIhB+ZH6M2S7HEUeppBdQHfLczZzE=
content-type: text/css
x-iinfo: 5-159059394-159059395 NVNN CT(89 184 0) RT(1630281828475 0) q(0 0 3 0) r(4 4)
cache-control: max-age=0
set-cookie: Dynamics365PortalAnalytics=R2S_MOjlgid_IzF2yUNqXnXoIFK0jieS1RGcXdmoGWEKObkDQtOs7dmKE23apuUL6o6QWruHt4gL40b4VK1xTKgakJgJTjE6APEOZS8ypGZ73ZBGB81RACjO-Qge6b8Rj5BlvpaaTEkKa3qb-efQdg2; expires=Sun, 28-Nov-2021 00:03:48 GMT; path=/; secure; HttpOnly; SameSite=None ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5;Path=/;HttpOnly;Secure;Domain=support.ceridian.com ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5;Path=/;HttpOnly;SameSite=None;Secure;Domain=support.ceridian.com visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; expires=Mon, 29 Aug 2022 08:51:07 GMT; HttpOnly; path=/; Domain=.ceridian.com; Secure; SameSite=None nlbi_2262494=yNUrIbiqUyLX4cymxf3yAQAAAADuEuAZA+uPzQoZpWS+3FJE; path=/; Domain=.ceridian.com; Secure; SameSite=None incap_ses_533_2262494=cleoJIGqThN6aHvdI5llB2QgLGEAAAAA+oj49xTI4/E2h37hKKLNZw==; path=/; Domain=.ceridian.com; Secure; SameSite=None
content-length: 3344

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/f4e1f26c-f1a1-479b-ae19-fd87c83e4a48-test/ 4 KB
2 KB 59ms
43ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/f4e1f26c-f1a1-479b-ae19-fd87c83e4a48-test/OtAutoBlock.js

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

935a942b34c92661c401003f711e0e1c05add9add3ea553932627e8e8a64cfe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Aug 2021 00:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: dNpMZGK4GRBY64ZZ63Ls0A==
content-length: 1517
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jul 2020 01:35:20 GMT
server: cloudflare
etag: 0x8D81D5F0458CFC8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 642f0d36-d01e-0054-2732-9d326c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
cf-ray: 6869c214aca74e74-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 31ms
15ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Aug 2021 00:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 1919578
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6869c214aca94e74-FRA

GET
H2 200 ceridian_wordmark_header.svg
support.ceridian.com/ 2 KB
1 KB 116ms
114ms Image
image/svg+xml 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.ceridian.com/ceridian_wordmark_header.svg
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b1fc9fa8ef48b2f2e72762b7c913ff9b15605810c76228558f0fda258dd6f774

Request headers

:path: /ceridian_wordmark_header.svg
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; nlbi_2262494=b9WECazHRi559Dybxf3yAQAAAAC21dZ298TGvG64uEuCVPVl; incap_ses_533_2262494=adIOO3jT8SF6aHvdI5llB2QgLGEAAAAA7pJnF4AUFPkNZ0FIQbItRQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:48 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2019 01:46:30 GMT
x-cdn: Imperva
etag: sfyfqO9IsvLnJ2K3yRP/mxVgWBDHYihVjw/aJY3W93Q=
content-type: image/svg+xml
x-iinfo: 5-159059435-159059393 PVNN RT(1630281828869 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
set-cookie: Dynamics365PortalAnalytics=h51feHr8X9ph7ChqsEag0x18cFIZGqEoAwzrzcL9mtjl4wBIfWdVyzDfveVTQeS51dP8Lz11huRomK1eIcXL3vDbWv2RdiHMlLyXW3Y6nzH2ixVuIEESSZaHY5HjFtW8eTwgwgLGRbay-lurlYMf-Q2; expires=Sun, 28-Nov-2021 00:03:49 GMT; path=/; secure; HttpOnly; SameSite=None
content-length: 950

GET
H2 200 C-RGB-01.svg
support.ceridian.com/ 903 B
934 B 148ms
146ms Image
image/svg+xml 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.ceridian.com/C-RGB-01.svg
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ca5d7d5646e089660bcccf3fa1ed6b753196117a6c65667abce22eeab605aca8

Request headers

:path: /C-RGB-01.svg
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; nlbi_2262494=b9WECazHRi559Dybxf3yAQAAAAC21dZ298TGvG64uEuCVPVl; incap_ses_533_2262494=adIOO3jT8SF6aHvdI5llB2QgLGEAAAAA7pJnF4AUFPkNZ0FIQbItRQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2019 01:46:28 GMT
x-cdn: Imperva
etag: yl19VkbgiWYLzM8/oe1rdTGWEXpsZWZ6vOIu6rYFrKg=
content-type: image/svg+xml
x-iinfo: 5-159059436-159059391 PVNN RT(1630281828871 0) q(0 0 0 -1) r(2 2)
cache-control: max-age=0
set-cookie: Dynamics365PortalAnalytics=u7uAsWb2KsSNrDChipoq_JVpSv7QnOPQmcVginDDrnHLyuegPpfwW2G7_OUwXFkLvyCXVlD7kgm8SOG3f7O3uww-l6SxGR0ToCsRhzn_BIDd1cTgEO-yh-psc9TF0UKgv95og0yOTO529aVXLU3Djg2; expires=Sun, 28-Nov-2021 00:03:49 GMT; path=/; secure; HttpOnly; SameSite=None
content-length: 560

GET
H2 200 preform.bundle-36a6d69022.js Show response
content.powerapps.com/resource/powerappsportal/dist/ 489 KB
118 KB 11ms
9ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-36a6d69022.js

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d6b623dcb585a9a79054377dc252adef2952e955ed824f301690f88b007837b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0svcqYQAAAACHbdSJlra8S6Kl0Lec12BkTE9OMjFFREdFMDIyMgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=604.2,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 120098
timing-allow-origin: *
x-ms-islandgateway: al0000002
server: Kestrel
date: Mon, 30 Aug 2021 00:03:48 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0ZCAsYQAAAABWH3e6nDN+QJ3NPUZwWeE0RlJBRURHRTEwMTIAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 17b485e1-99ec-4188-ace3-0d7e4822b967
x-ms-service-request-id: cfa75bd6-b7f2-4513-81fc-3b0996f17711
x-ms-static-content: al0000000

GET
H2 200 pcf.bundle-5e0c2e994b.js Show response
content.powerapps.com/resource/powerappsportal/dist/ 615 KB
122 KB 23ms
20ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerappsportal/dist/pcf.bundle-5e0c2e994b.js

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9c65def9574ad5dfde52919f0dd48b89fe283ec2928c51ebd980826f903ef388

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0PigrYQAAAAAZXnPJqZNGR7NJS46DCtHUTE9OMjFFREdFMTUwNwAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=250.3,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 124075
timing-allow-origin: *
x-ms-islandgateway: ga0000005
server: Kestrel
date: Mon, 30 Aug 2021 00:03:48 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0ZCAsYQAAAADawkt2en1rRI5ojeB5m6dkRlJBRURHRTEwMTIAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 59d786d8-fb24-447b-b162-e79aec8354d3
x-ms-service-request-id: ba2acea1-2288-4885-aa94-4824e5e521c8
x-ms-static-content: al000000A

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153298467-4

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

938b687dd94b5165bca954ed00ab0521edf743a1d3c721ac9323b6bc401c196d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41246
x-xss-protection: 0
expires: Mon, 30 Aug 2021 00:03:48 GMT

GET
H2 200 usFlag.png
support.ceridian.com/ 2 KB
2 KB 113ms
113ms Image
image/png 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.ceridian.com/usFlag.png
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2846056404afcf773e5d4f0530c526f26e46a0b9fb5f451626d706e178324f4e

Request headers

:path: /usFlag.png
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; Dynamics365PortalAnalytics=Ets-pY3RkoCzOYc_QVFIEVyl-nEpQZ0zp-1owBdQdWRjTnIfVdfo3y6btTpDRIUtBBdpByW229-aHURrHiMCJBq1TK04GzaZqghKbAmA444yxG1HItPa12DNmQbyj8zhisjZMhVHCsO8Riq0XIoGyw2; nlbi_2262494=NF/uMuKrgH16kNSLxf3yAQAAAACQTRwN2weTEbTQ2fGNy9sJ; incap_ses_533_2262494=gaTPc4LGHRN6aHvdI5llB2QgLGEAAAAAZRUVQvSZSKIy0HLeGuJzzQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:48 GMT
last-modified: Wed, 29 May 2019 01:46:04 GMT
x-cdn: Imperva
etag: KEYFZASvz3c+XU8FMMUm8m5GoLn7X0UWJtcG4XgyT04=
content-type: image/png
x-iinfo: 5-159059437-159059387 PVNN RT(1630281828872 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 2114

GET
H2 200 caFlag.png
support.ceridian.com/ 3 KB
3 KB 143ms
143ms Image
image/png 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.ceridian.com/caFlag.png
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 111b98206342054967a14d4feb8d75f0fabde27ffbc999ef88497d8744d9903b

Request headers

:path: /caFlag.png
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; Dynamics365PortalAnalytics=Ets-pY3RkoCzOYc_QVFIEVyl-nEpQZ0zp-1owBdQdWRjTnIfVdfo3y6btTpDRIUtBBdpByW229-aHURrHiMCJBq1TK04GzaZqghKbAmA444yxG1HItPa12DNmQbyj8zhisjZMhVHCsO8Riq0XIoGyw2; nlbi_2262494=NF/uMuKrgH16kNSLxf3yAQAAAACQTRwN2weTEbTQ2fGNy9sJ; incap_ses_533_2262494=gaTPc4LGHRN6aHvdI5llB2QgLGEAAAAAZRUVQvSZSKIy0HLeGuJzzQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:49 GMT
last-modified: Wed, 29 May 2019 01:46:31 GMT
x-cdn: Imperva
etag: ERuYIGNCBUlnoU1P64118Pq94n/7yZnviEl9h0TZkDs=
content-type: image/png
x-iinfo: 5-159059439-159058522 PVNN RT(1630281828873 0) q(0 0 0 -1) r(2 2)
cache-control: max-age=0
content-length: 2952

GET
H2 200 European-Union-Flag-icon.png
support.ceridian.com/ 6 KB
6 KB 135ms
134ms Image
image/png 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.ceridian.com/European-Union-Flag-icon.png
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 65bf241d343076ef51b6679c6cca2ae8c488877d9fba9ce359216e23e9144768

Request headers

:path: /European-Union-Flag-icon.png
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; Dynamics365PortalAnalytics=R2S_MOjlgid_IzF2yUNqXnXoIFK0jieS1RGcXdmoGWEKObkDQtOs7dmKE23apuUL6o6QWruHt4gL40b4VK1xTKgakJgJTjE6APEOZS8ypGZ73ZBGB81RACjO-Qge6b8Rj5BlvpaaTEkKa3qb-efQdg2; nlbi_2262494=yNUrIbiqUyLX4cymxf3yAQAAAADuEuAZA+uPzQoZpWS+3FJE; incap_ses_533_2262494=cleoJIGqThN6aHvdI5llB2QgLGEAAAAA+oj49xTI4/E2h37hKKLNZw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:49 GMT
last-modified: Wed, 29 May 2019 01:46:25 GMT
x-cdn: Imperva
etag: Zb8kHTQwdu9RtmecbMoq6MSIh32fupzjWSFuI+kUR2g=
content-type: image/png
x-iinfo: 5-159059441-159059395 PVNN RT(1630281828886 0) q(0 0 0 -1) r(2 2)
cache-control: max-age=0
content-length: 5981

GET
H2 200 ausFlag.png
support.ceridian.com/ 5 KB
6 KB 114ms
113ms Image
image/png 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.ceridian.com/ausFlag.png
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 0f5f9837ea118e1c1071390042db6a04791bf61efe33e1d2eaec4989fcd4f373

Request headers

:path: /ausFlag.png
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; nlbi_2262494=yNUrIbiqUyLX4cymxf3yAQAAAADuEuAZA+uPzQoZpWS+3FJE; incap_ses_533_2262494=cleoJIGqThN6aHvdI5llB2QgLGEAAAAA+oj49xTI4/E2h37hKKLNZw==; Dynamics365PortalAnalytics=h51feHr8X9ph7ChqsEag0x18cFIZGqEoAwzrzcL9mtjl4wBIfWdVyzDfveVTQeS51dP8Lz11huRomK1eIcXL3vDbWv2RdiHMlLyXW3Y6nzH2ixVuIEESSZaHY5HjFtW8eTwgwgLGRbay-lurlYMf-Q2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:49 GMT
last-modified: Wed, 29 May 2019 01:46:36 GMT
x-cdn: Imperva
etag: D1+YN+oRjhwQcTkAQttqBHkb9h7+M+HS6uxJifzU83M=
content-type: image/png
x-iinfo: 5-159059453-159059387 PVNN RT(1630281828986 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 5488

GET
H2 200 muFlag.png
support.ceridian.com/ 699 B
844 B 114ms
114ms Image
image/png 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.ceridian.com/muFlag.png
Requested by: Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.60.65.3 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 17724c267b1b4f28eda8558701a79afd31224bfdcbbb561585295685df9bfe88

Request headers

:path: /muFlag.png
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; nlbi_2262494=yNUrIbiqUyLX4cymxf3yAQAAAADuEuAZA+uPzQoZpWS+3FJE; incap_ses_533_2262494=cleoJIGqThN6aHvdI5llB2QgLGEAAAAA+oj49xTI4/E2h37hKKLNZw==; Dynamics365PortalAnalytics=h51feHr8X9ph7ChqsEag0x18cFIZGqEoAwzrzcL9mtjl4wBIfWdVyzDfveVTQeS51dP8Lz11huRomK1eIcXL3vDbWv2RdiHMlLyXW3Y6nzH2ixVuIEESSZaHY5HjFtW8eTwgwgLGRbay-lurlYMf-Q2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:49 GMT
last-modified: Wed, 29 May 2019 01:46:16 GMT
x-cdn: Imperva
etag: F3JMJnsbTyjtqFWHAaea/TEiS/3Lu1YVhSlWhd+b/og=
content-type: image/png
x-iinfo: 5-159059454-159059393 PVNN RT(1630281828988 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 699

GET
H2 200 postpreform.bundle-0147112061.js Show response
content.powerapps.com/resource/powerappsportal/dist/ 191 KB
50 KB 26ms
24ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerappsportal/dist/postpreform.bundle-0147112061.js

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ba415ae27af81803423e832d4e61085c77822d7dbef7446fcc8c7fecf4abad53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 03m0qYQAAAABKiBz5I2bLSa3hUzMPJyslTE9OMjFFREdFMTUwOAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=156.3,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 50541
timing-allow-origin: *
x-ms-islandgateway: al0000006
server: Kestrel
date: Mon, 30 Aug 2021 00:03:48 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0ZCAsYQAAAAAU0eiMGcTSTLBcG6ZdCbeJRlJBRURHRTEwMTIAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: e0c89a31-01a2-49b8-b874-bb3ecd71c9ec
x-ms-service-request-id: 63c9e47e-f2b7-4c6f-a601-ccb803164568
x-ms-static-content: al000000A

GET
H2 200 app.bundle-5bf6960c7a.js Show response
content.powerapps.com/resource/powerappsportal/dist/ 251 KB
38 KB 28ms
26ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerappsportal/dist/app.bundle-5bf6960c7a.js

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ca1390a3465fc31cd39e2fdc64bdc45f248a8c1a24bef23ea733f2eb3d20ec9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0XJEqYQAAAAB9C67FTmTdT50QNnk/hNXdTE9OMjFFREdFMDIxMgAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=423.6,x-ms-igw-req-overhead;dur=0.1
vary: Accept-Encoding
content-length: 38088
timing-allow-origin: *
x-ms-islandgateway: ga0000001
server: Kestrel
date: Mon, 30 Aug 2021 00:03:48 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0ZCAsYQAAAAA18/j4E5+TSJ45pJ4zU9blRlJBRURHRTEwMTIAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 865612f9-77f7-4270-b87f-5673f3ebf96b
x-ms-service-request-id: 681e989a-8344-41ff-bd1d-6fbb48c65065
x-ms-static-content: al0000008

GET
H2 200 default-1033.bundle-eda4e638fd.js Show response
content.powerapps.com/resource/powerappsportal/dist/ 361 B
502 B 22ms
20ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.powerapps.com/resource/powerappsportal/dist/default-1033.bundle-eda4e638fd.js

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5423f185195f046d0f3893f674e072be43e47c6124dd6ccbe214e896b1944d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0v6QqYQAAAAD+4ifzmtTGSaNraAebs91PTE9OMjFFREdFMDIwOAAyMTBmZTdkMC05YWIxLTQ0ZTAtYmFmNS1iMWFhYmUxMWJhMWU=
x-servicefabric: NoRetry
x-cache: TCP_HIT
server-timing: x-ms-igw-upstream-headers;dur=350.7,x-ms-igw-req-overhead;dur=0.2
vary: Accept-Encoding
content-length: 174
timing-allow-origin: *
x-ms-islandgateway: al0000002
server: Kestrel
date: Mon, 30 Aug 2021 00:03:48 GMT
x-ms-activity-vector: 00.00.01.00
x-azure-ref: 0ZCAsYQAAAADctNcrVEHlSb+Jba1/UXIJRlJBRURHRTEwMTIAMjEwZmU3ZDAtOWFiMS00NGUwLWJhZjUtYjFhYWJlMTFiYTFl
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ms-correlation-id: 7aada22e-f105-49af-afe0-bc98cfb54e3f
x-ms-service-request-id: 556cb704-b9de-476c-b955-3a6f51753c84
x-ms-static-content: al0000000

GET
H2 200 _Incapsula_Resource Show response
support.ceridian.com/ 139 KB
20 KB 13ms
12ms Script
application/javascript 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://support.ceridian.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1558157935

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ec58890a0ffa7087223aab35950e96e7dd02465ccfbd55d7c0c9860c276a28f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1558157935
pragma: no-cache
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; ARRAffinity=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; ARRAffinitySameSite=55feff4130f755b11738d15099964b55cb57f36eac47b75258699b994f852fa5; nlbi_2262494=yNUrIbiqUyLX4cymxf3yAQAAAADuEuAZA+uPzQoZpWS+3FJE; incap_ses_533_2262494=cleoJIGqThN6aHvdI5llB2QgLGEAAAAA+oj49xTI4/E2h37hKKLNZw==; Dynamics365PortalAnalytics=u7uAsWb2KsSNrDChipoq_JVpSv7QnOPQmcVginDDrnHLyuegPpfwW2G7_OUwXFkLvyCXVlD7kgm8SOG3f7O3uww-l6SxGR0ToCsRhzn_BIDd1cTgEO-yh-psc9TF0UKgv95og0yOTO529aVXLU3Djg2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.ceridian.com
referer: https://support.ceridian.com/en-US/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://support.ceridian.com/en-US/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19884
content-type: application/javascript

GET
H2 200 f4e1f26c-f1a1-479b-ae19-fd87c83e4a48-test.json
cdn.cookielaw.org/consent/f4e1f26c-f1a1-479b-ae19-fd87c83e4a48-test/ 3 KB
2 KB 51ms
38ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/f4e1f26c-f1a1-479b-ae19-fd87c83e4a48-test/f4e1f26c-f1a1-479b-ae19-fd87c83e4a48-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Aug 2021 00:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: DYQ1GNCs1J+nY/TJ9HKSFQ==
content-length: 1260
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jul 2020 01:35:19 GMT
server: cloudflare
etag: 0x8D81D5F03A11CFD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0f7d98ff-101e-00e8-7e32-9d251d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
cf-ray: 6869c2191ce24e25-FRA

GET
H2 200 glyphicons-halflings-regular.woff2
support.ceridian.com/fonts/ 18 KB
18 KB 9ms
9ms Font
application/font-woff2 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://support.ceridian.com/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://support.ceridian.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ASP.NET_SessionId=0vpyfo3pnq0jm5k2ratygjbe; visid_incap_2262494=ftXLFuXyQAm4siCN8iWgoWQgLGEAAAAAQUIPAAAAAAAtbrdavxuz1APRBM4NioOn; Dynamics365PortalAnalytics=WZjjmd956pQZrEll7aCF53Rq2-U085VGSRqwXWh4O4d2p3rjwBooJstwBwVFW71KdUrbpEZltw9FtFXdSHxFfJmJ8cLotP6kVv7n3cL78Co1Rqszhd-FLbdNuqxAGJ5dlaCTdeNBZByns9rcXtXNow2; ARRAffinity=708583241ae3b3bf282414f815ee435f1045a235e4144440ad23f7fe14250271; ARRAffinitySameSite=708583241ae3b3bf282414f815ee435f1045a235e4144440ad23f7fe14250271; nlbi_2262494=A6nEQgquzhjGYbOHxf3yAQAAAAAV0HlBg3EnM8Fl02CFH3Er; incap_ses_533_2262494=05lRNufaI1x6aHvdI5llB2UgLGEAAAAAgXnurNi1sAsWKOgdeq9weQ==
:path: /fonts/glyphicons-halflings-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: support.ceridian.com
referer: https://support.ceridian.com/bootstrap.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://support.ceridian.com
Referer: https://support.ceridian.com/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:49 GMT
last-modified: Tue, 22 Jun 2021 10:28:40 GMT
x-cdn: Imperva
etag: "0bc215e5167d71:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff2
x-iinfo: 5-159059478-0 0CNN RT(1630281829187 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 18028

GET
H/1.1

200
OK

Primary Request

Cookie set authorize Show response
app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/
Redirect Chain

https://support.ceridian.com/signin
https://support.ceridian.com/en-US/signin
https://support.ceridian.com/en-US/Account/Login/ExternalLogin?provider=https%3A%2F%2Fapp101prodazureadb2c01.b2clogin.com%2Ftfp%2F5f332265-251b-4b16-896a-1ba645565716%2Fb2c_1a_crm_signup_signin%2Fv...
https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a42260b9-e8ab-466b-bdf9-0690340d3fc4&redirect_uri=https%3A%...

82 KB
30 KB

1438ms
1379ms

Document
text/html

20.190.160.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a42260b9-e8ab-466b-bdf9-0690340d3fc4&redirect_uri=https%3A%2F%2Fsupport.ceridian.com%2Fsignin-azureb2c&response_type=code%20id_token&scope=openid&state=OpenIdConnect.AuthenticationProperties%3DoC2v84vDJk1QvLQsNeqPXXM8iErq4FDt_sKaKJQosk44KAhiO-myitRctaXeOO14RBYlR3fiNDzVFOaGgwTSOLlDI-Le-RXRFxnb24at1Ip4iwZz8Ja2DWVkE5gTjbzSM4zzN99H9r35Os4EBm7bQ-MjjnGEYjcvpTvZ4QBf48RYnoe48GxJBa4ECNNIOQ-TYr1Xh0uQ2kuFbUBbLRiqf-m-8BTezZTldfLerbCoKQrI8bUgdb6htzEk0TWQp1-TfWtnVWAaNm9InmG1HsTddwZMLz_XW0DtsEBG4K9QM0J7h28mM9boKvpnfoUyctKtdPQpDvFky87Bj6YdSLhjXCEcL4EJMBruai73nosVA4QQfwRCusqlRq4JqG7331UmxRY5o3HkWiMsINqo3voGk4avFT4EXTMUCHk6wnRHV510maXIC3gEMKfFjty_5OW_&response_mode=form_post&nonce=637658786296213439.NTE0OGJkYjktN2I3Ni00YjJkLTg1NDMtYmI0ZjE4OGQ4OTNjNzUwYTY5Y2UtNmExZS00MGNhLTllMzAtYzE5ZjE1NzhhNzYw&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0

Requested by

Host: support.ceridian.com
URL: https://support.ceridian.com/en-US/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a84d8cd6ae03f58b2819b483f90b597da0842a7c2c665d2db105d2c98c85ae51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: app101prodazureadb2c01.b2clogin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://support.ceridian.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://support.ceridian.com/en-US/

Response headers

Cache-Control: no-store, must-revalidate, no-cache
Allow: OPTIONS,TRACE,GET,HEAD,POST
Content-Length: 27546
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
x-ms-gateway-requestid: d0f13903-4c08-4ff1-ab8b-740f29c09a88
X-UA-Compatible: IE=edge
X-Request-ID: 88509cda-efea-46c4-b3ba-c0042c115f3d
X-Build: 1.0.2240.0
Set-Cookie: x-ms-cpim-csrf=UDdPa0NNckhObW1KMFRxeEM5S2pSZGVKS2JoamhzNHB3M1BPdWFXNmdmank5MVNOK3pBRHhmWFVNbzBFeHQ1YlgrOXFSR2dPZEczZTZkOTFqTUVwcUE9PTsyMDIxLTA4LTMwVDAwOjAzOjUxLjA3NjI1NDZaO0dsbUJ3aTNXaGsxc1lCbHVPcG9XVEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; domain=app101prodazureadb2c01.b2clogin.com; path=/; SameSite=None; secure; HttpOnly x-ms-cpim-cache|2pxqiorvxeazusaelbffpq_0=m1.4HZ+OIOmN5SgILFO.eTjBCvGUgypHHOyBTdg4Tw==.0.rol5j+RdHuxA8ndOg42Adlo3+hoL0A5L3FmlkKC2O5n8nXMco2ZBQ53bjJOwoz+2u6JMabfvOyNd1nhZzDhvm3kvtBO+GvrmTOVod06Zm7AS4AlBJ3g0VgKUpt4SzHLJylOVb74MDfCiobONfhjZRBk6+Mplz0GPSkg3aA8TJql8lR7Gm4LUb4a6MUzDPMfEZI/vyZCZYQPurUGAK6IN126AtOVt2ZgaMNH7zVOu8C+xfIjg1uFDMsYiuVPqTXnGNrtNKS9bf+FTkeNmW+On6Sgr1UCHGHNPqsZ+bWcbTMGCQEzYUZzgNGHQVvoQKU3NRkLJHWBn5usyMOEjaFIta0WwaPSAZVTr9fkTAWUgrgSrmEbID/XtOy7TGLWw5X6hfYkgGD01ezQzwn0bVFjQwx7Oi6mh4vvsPva2UwIDhqFw160GG8qxwLb2j6vnvgqK5Oolc+bxO3StKt3gL/Bj/peU1erabyMsZkcV7u0CPY2b1wHbp/Muklcg9IK5YvGGgjy8mzl6CQ8fkauMRCEhrwUxlZi8rMk/Fke1IpthEAr4qI9qd1tH4apgLFxkFiT75HEEgkMnYgxNMwPqR8RQmg8lhAV2GjqHL0IbghV8kUtoZPe0xrr2p461WEYa4V86m48W0VcEv0T9prybjKNANA649BCRhhr1H0ZLn+ll1uZoqZDDHpAgtiqH0lSUMcR2hXp+lLu2aKdpgw3xX0mlq8qit3zcIjxpVsw7xqDn6gc1WvLpoR+FzNJBb/gqlrYbDuC/mUuPFCUcUkZD4LezrAgchbH3qr+AzlNt5CIn35OmcGkMWLWMenPYg32nQgw8l3OHZtDZbtXaE8V7mkyF14WY8HQmsTnPZBGykph0iKrBu6k9si03JK+PSVlIwxmuBmiuHmGCAImzYpuZjZW/pyC0SYlJ5JvAbNZvred48BBSDhzhkoC5BlHI4V5w5QWRpnRQ7hbf6em/WBYMYlsGCOxCGVCuRCqc0qb34R0yoh8Nzsx1RgGEXhc7t4udkYPYtocL1R+K8mt7lwKV0D47D3Di2MAEEEAp/AJnxkGrbsP1M4fiEQFU6LYk7lACtRlTxmQTCSbOpjleda6eDNH5akD8ejikdcw0yKp4iuw9lmS5R5PAdtoTl9y8pxkkhZ/GL3mST8xEHqYCnSLbIIeZ4LzlnlNq5l37xIpznc5OUGrUMPYj+v4blfail7S4bZxAs5jgQ4MrUes7XqpCOQ/uJ/pcv3DqcyKTwQNnIRw3fkrc5UQiYdmB73SM+jyas14wPwrTjxKfVHlvv+mOrp5Jnf7naaN0xEuLCftTTvIicyJj1yFh; domain=app101prodazureadb2c01.b2clogin.com; path=/; SameSite=None; secure; HttpOnly x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6Ijg4NTA5Y2RhLWVmZWEtNDZjNC1iM2JhLWMwMDQyYzExNWYzZCIsIlQiOiJhcHAxMDFwcm9kYXp1cmVhZGIyYzAxLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMWFfY3JtX3NpZ251cF9zaWduaW4iLCJDIjoiYTQyMjYwYjktZThhYi00NjZiLWJkZjktMDY5MDM0MGQzZmM0IiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6Ijg4NTA5Y2RhLWVmZWEtNDZjNC1iM2JhLWMwMDQyYzExNWYzZCJ9; domain=app101prodazureadb2c01.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Mon, 30 Aug 2021 00:03:50 GMT

Redirect headers

cache-control: public, no-store, max-age=0
content-type: text/html
expires: Mon, 30 Aug 2021 00:03:49 GMT
last-modified: Mon, 30 Aug 2021 00:03:49 GMT
location: https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a42260b9-e8ab-466b-bdf9-0690340d3fc4&redirect_uri=https%3A%2F%2Fsupport.ceridian.com%2Fsignin-azureb2c&response_type=code%20id_token&scope=openid&state=OpenIdConnect.AuthenticationProperties%3DoC2v84vDJk1QvLQsNeqPXXM8iErq4FDt_sKaKJQosk44KAhiO-myitRctaXeOO14RBYlR3fiNDzVFOaGgwTSOLlDI-Le-RXRFxnb24at1Ip4iwZz8Ja2DWVkE5gTjbzSM4zzN99H9r35Os4EBm7bQ-MjjnGEYjcvpTvZ4QBf48RYnoe48GxJBa4ECNNIOQ-TYr1Xh0uQ2kuFbUBbLRiqf-m-8BTezZTldfLerbCoKQrI8bUgdb6htzEk0TWQp1-TfWtnVWAaNm9InmG1HsTddwZMLz_XW0DtsEBG4K9QM0J7h28mM9boKvpnfoUyctKtdPQpDvFky87Bj6YdSLhjXCEcL4EJMBruai73nosVA4QQfwRCusqlRq4JqG7331UmxRY5o3HkWiMsINqo3voGk4avFT4EXTMUCHk6wnRHV510maXIC3gEMKfFjty_5OW_&response_mode=form_post&nonce=637658786296213439.NTE0OGJkYjktN2I3Ni00YjJkLTg1NDMtYmI0ZjE4OGQ4OTNjNzUwYTY5Y2UtNmExZS00MGNhLTllMzAtYzE5ZjE1NzhhNzYw&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0
vary: *
set-cookie: OpenIdConnect.nonce.SP9SoSzWGgj8LnjwBoXsx91NRqLTkxzWQMmKEFv4JjM%3D=a2xiTUxyVVNBQXpwSDdOUzVEMmdZd0Zhams5bXIwN01XQS1yUTY0a0NqUTFmVEdCX1Jub3Q5OE1PVDM5WmJ1NTNBeXFyRF9Bc21aeExxREVpOTA4NXF6d2YxNjVjWVFNMkNmVU9RRmlvRW00SUdNdkFJMlE4dDJtV2Nha2ZwTW5Wc2twUjNRNFJEYWVwX1dHZXo1aDhRZ3NtRjlMNnRIUk51dThmNzRhVzc1RjVfVk5zVGhHSVBjT2NSaVVTZ01QU1ZNUV9LNDVGLWN3NHhaVDhJYjltSHdrVEdielNaa200dVRyYlV0dWV2WQ%3D%3D; expires=Mon, 30-Aug-2021 00:18:49 GMT; path=/; secure; HttpOnly; SameSite=None
x-ms-request-id: a9999e6f-aaa6-44dd-a4f6-f6e4b579d2e6
x-ms-portal-app: site-bd08b29f-ebac-4329-a01f-25b0e2a31776-USe2
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers: ceridian
content-security-policy: default-src * blob:; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *; frame-src * blob:;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Aug 2021 00:03:49 GMT
content-length: 0
x-cdn: Imperva
x-iinfo: 5-159059509-159059388 PNNN RT(1630281829470 0) q(0 0 0 -1) r(1 1) U11

GET
H2 200 location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
373 B 33ms
16ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 00:03:49 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6869c21999d72c22-FRA

GET
H3-29 200 analytics.js
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153298467-4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1890
date: Sun, 29 Aug 2021 23:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 30 Aug 2021 01:32:19 GMT

POST
H3-29 200 collect
www.google-analytics.com/j/ 2 B
31 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1234279650&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.ceridian.com%2Fen-US%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1337721627&gjid=946976380&cid=1022312089.1630281829&tid=UA-153298467-4&_gid=73465673.1630281829&_r=1&gtm=2ou8p0&tc=x&z=531626356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 00:03:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.ceridian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.2.0/ 325 KB
73 KB 12ms
12ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Aug 2021 00:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lTz3ZVqTbRC0XOtXa5KYcg==
age: 13835222
vary: Accept-Encoding
content-length: 74003
x-ms-lease-status: unlocked
last-modified: Fri, 26 Jun 2020 17:33:18 GMT
server: cloudflare
etag: 0x8D819F70401AE6F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9a85d63a-f01e-012a-055d-1febf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6869c219b9b54e74-FRA
expires: Tue, 07 Sep 2021 00:03:49 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-153298467-4&cid=1022312089.1630281829&jid=1337721627&gjid=946976380&_gid=73465673.1630281829&_u=YEBAAUAAAAAAAC~&z=810755471

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 30 Aug 2021 00:03:49 GMT
content-type: text/plain
access-control-allow-origin: https://support.ceridian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json
cdn.cookielaw.org/consent/f4e1f26c-f1a1-479b-ae19-fd87c83e4a48-test/290f1d20-f577-4f40-b6c5-2c3113b0046e/ 27 KB
9 KB 37ms
36ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/f4e1f26c-f1a1-479b-ae19-fd87c83e4a48-test/290f1d20-f577-4f40-b6c5-2c3113b0046e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Aug 2021 00:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: njtvA+fmei5BjyzjClAesQ==
content-length: 9192
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jul 2020 01:35:23 GMT
server: cloudflare
etag: 0x8D81D5F05DB72DA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 66fd9a67-e01e-00f6-1532-9dfff0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
cf-ray: 6869c219ddb44e25-FRA

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 26ms
25ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-153298467-4&cid=1022312089.1630281829&jid=1337721627&_u=YEBAAUAAAAAAAC~&z=1015425385

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 00:03:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-153298467-4&cid=1022312089.1630281829&jid=1337721627&_u=YEBAAUAAAAAAAC~&z=1015425385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 00:03:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFloatingRoundedCorner.json
cdn.cookielaw.org/scripttemplates/6.2.0/assets/ 17 KB
3 KB 12ms
12ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.2.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Aug 2021 00:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xzatpvwX0QNwq1EwUIDqYA==
age: 303844
vary: Accept-Encoding
content-length: 2911
x-ms-lease-status: unlocked
last-modified: Fri, 26 Jun 2020 17:33:09 GMT
server: cloudflare
etag: 0x8D819F6FE9FB6B0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a2cbe3b7-a01e-005b-096f-9adf9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6869c21a2df94e25-FRA
expires: Tue, 07 Sep 2021 00:03:49 GMT

GET
H2 200 otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.2.0/assets/ 100 KB
21 KB 13ms
13ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.2.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.ceridian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Aug 2021 00:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uHciMKc/pvNFERq4hQBWgw==
age: 66294
vary: Accept-Encoding
content-length: 20976
x-ms-lease-status: unlocked
last-modified: Fri, 26 Jun 2020 17:33:09 GMT
server: cloudflare
etag: 0x8D819F6FE54BCDE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a803276d-101e-0102-5698-9c9c49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6869c21a2dfb4e25-FRA
expires: Tue, 07 Sep 2021 00:03:49 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK jquery-bundle-1.10.2.min.js Show response
app101prodazureadb2c01.b2clogin.com/static/bundles/ 100 KB
100 KB 47ms
42ms Script
application/javascript 20.190.160.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app101prodazureadb2c01.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=AM3

Requested by

Host: app101prodazureadb2c01.b2clogin.com
URL: https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a42260b9-e8ab-466b-bdf9-0690340d3fc4&redirect_uri=https%3A%2F%2Fsupport.ceridian.com%2Fsignin-azureb2c&response_type=code%20id_token&scope=openid&state=OpenIdConnect.AuthenticationProperties%3DoC2v84vDJk1QvLQsNeqPXXM8iErq4FDt_sKaKJQosk44KAhiO-myitRctaXeOO14RBYlR3fiNDzVFOaGgwTSOLlDI-Le-RXRFxnb24at1Ip4iwZz8Ja2DWVkE5gTjbzSM4zzN99H9r35Os4EBm7bQ-MjjnGEYjcvpTvZ4QBf48RYnoe48GxJBa4ECNNIOQ-TYr1Xh0uQ2kuFbUBbLRiqf-m-8BTezZTldfLerbCoKQrI8bUgdb6htzEk0TWQp1-TfWtnVWAaNm9InmG1HsTddwZMLz_XW0DtsEBG4K9QM0J7h28mM9boKvpnfoUyctKtdPQpDvFky87Bj6YdSLhjXCEcL4EJMBruai73nosVA4QQfwRCusqlRq4JqG7331UmxRY5o3HkWiMsINqo3voGk4avFT4EXTMUCHk6wnRHV510maXIC3gEMKfFjty_5OW_&response_mode=form_post&nonce=637658786296213439.NTE0OGJkYjktN2I3Ni00YjJkLTg1NDMtYmI0ZjE4OGQ4OTNjNzUwYTY5Y2UtNmExZS00MGNhLTllMzAtYzE5ZjE1NzhhNzYw&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: app101prodazureadb2c01.b2clogin.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a42260b9-e8ab-466b-bdf9-0690340d3fc4&redirect_uri=https%3A%2F%2Fsupport.ceridian.com%2Fsignin-azureb2c&response_type=code%20id_token&scope=openid&state=OpenIdConnect.AuthenticationProperties%3DoC2v84vDJk1QvLQsNeqPXXM8iErq4FDt_sKaKJQosk44KAhiO-myitRctaXeOO14RBYlR3fiNDzVFOaGgwTSOLlDI-Le-RXRFxnb24at1Ip4iwZz8Ja2DWVkE5gTjbzSM4zzN99H9r35Os4EBm7bQ-MjjnGEYjcvpTvZ4QBf48RYnoe48GxJBa4ECNNIOQ-TYr1Xh0uQ2kuFbUBbLRiqf-m-8BTezZTldfLerbCoKQrI8bUgdb6htzEk0TWQp1-TfWtnVWAaNm9InmG1HsTddwZMLz_XW0DtsEBG4K9QM0J7h28mM9boKvpnfoUyctKtdPQpDvFky87Bj6YdSLhjXCEcL4EJMBruai73nosVA4QQfwRCusqlRq4JqG7331UmxRY5o3HkWiMsINqo3voGk4avFT4EXTMUCHk6wnRHV510maXIC3gEMKfFjty_5OW_&response_mode=form_post&nonce=637658786296213439.NTE0OGJkYjktN2I3Ni00YjJkLTg1NDMtYmI0ZjE4OGQ4OTNjNzUwYTY5Y2UtNmExZS00MGNhLTllMzAtYzE5ZjE1NzhhNzYw&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0
Cookie: x-ms-cpim-csrf=UDdPa0NNckhObW1KMFRxeEM5S2pSZGVKS2JoamhzNHB3M1BPdWFXNmdmank5MVNOK3pBRHhmWFVNbzBFeHQ1YlgrOXFSR2dPZEczZTZkOTFqTUVwcUE9PTsyMDIxLTA4LTMwVDAwOjAzOjUxLjA3NjI1NDZaO0dsbUJ3aTNXaGsxc1lCbHVPcG9XVEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==; x-ms-cpim-cache|2pxqiorvxeazusaelbffpq_0=m1.4HZ+OIOmN5SgILFO.eTjBCvGUgypHHOyBTdg4Tw==.0.rol5j+RdHuxA8ndOg42Adlo3+hoL0A5L3FmlkKC2O5n8nXMco2ZBQ53bjJOwoz+2u6JMabfvOyNd1nhZzDhvm3kvtBO+GvrmTOVod06Zm7AS4AlBJ3g0VgKUpt4SzHLJylOVb74MDfCiobONfhjZRBk6+Mplz0GPSkg3aA8TJql8lR7Gm4LUb4a6MUzDPMfEZI/vyZCZYQPurUGAK6IN126AtOVt2ZgaMNH7zVOu8C+xfIjg1uFDMsYiuVPqTXnGNrtNKS9bf+FTkeNmW+On6Sgr1UCHGHNPqsZ+bWcbTMGCQEzYUZzgNGHQVvoQKU3NRkLJHWBn5usyMOEjaFIta0WwaPSAZVTr9fkTAWUgrgSrmEbID/XtOy7TGLWw5X6hfYkgGD01ezQzwn0bVFjQwx7Oi6mh4vvsPva2UwIDhqFw160GG8qxwLb2j6vnvgqK5Oolc+bxO3StKt3gL/Bj/peU1erabyMsZkcV7u0CPY2b1wHbp/Muklcg9IK5YvGGgjy8mzl6CQ8fkauMRCEhrwUxlZi8rMk/Fke1IpthEAr4qI9qd1tH4apgLFxkFiT75HEEgkMnYgxNMwPqR8RQmg8lhAV2GjqHL0IbghV8kUtoZPe0xrr2p461WEYa4V86m48W0VcEv0T9prybjKNANA649BCRhhr1H0ZLn+ll1uZoqZDDHpAgtiqH0lSUMcR2hXp+lLu2aKdpgw3xX0mlq8qit3zcIjxpVsw7xqDn6gc1WvLpoR+FzNJBb/gqlrYbDuC/mUuPFCUcUkZD4LezrAgchbH3qr+AzlNt5CIn35OmcGkMWLWMenPYg32nQgw8l3OHZtDZbtXaE8V7mkyF14WY8HQmsTnPZBGykph0iKrBu6k9si03JK+PSVlIwxmuBmiuHmGCAImzYpuZjZW/pyC0SYlJ5JvAbNZvred48BBSDhzhkoC5BlHI4V5w5QWRpnRQ7hbf6em/WBYMYlsGCOxCGVCuRCqc0qb34R0yoh8Nzsx1RgGEXhc7t4udkYPYtocL1R+K8mt7lwKV0D47D3Di2MAEEEAp/AJnxkGrbsP1M4fiEQFU6LYk7lACtRlTxmQTCSbOpjleda6eDNH5akD8ejikdcw0yKp4iuw9lmS5R5PAdtoTl9y8pxkkhZ/GL3mST8xEHqYCnSLbIIeZ4LzlnlNq5l37xIpznc5OUGrUMPYj+v4blfail7S4bZxAs5jgQ4MrUes7XqpCOQ/uJ/pcv3DqcyKTwQNnIRw3fkrc5UQiYdmB73SM+jyas14wPwrTjxKfVHlvv+mOrp5Jnf7naaN0xEuLCftTTvIicyJj1yFh; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6Ijg4NTA5Y2RhLWVmZWEtNDZjNC1iM2JhLWMwMDQyYzExNWYzZCIsIlQiOiJhcHAxMDFwcm9kYXp1cmVhZGIyYzAxLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMWFfY3JtX3NpZ251cF9zaWduaW4iLCJDIjoiYTQyMjYwYjktZThhYi00NjZiLWJkZjktMDY5MDM0MGQzZmM0IiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6Ijg4NTA5Y2RhLWVmZWEtNDZjNC1iM2JhLWMwMDQyYzExNWYzZCJ9
Connection: keep-alive
Referer: https://app101prodazureadb2c01.b2clogin.com/5f332265-251b-4b16-896a-1ba645565716/b2c_1a_crm_signup_signin/oauth2/v2.0/authorize?client_id=a42260b9-e8ab-466b-bdf9-0690340d3fc4&redirect_uri=https%3A%2F%2Fsupport.ceridian.com%2Fsignin-azureb2c&response_type=code%20id_token&scope=openid&state=OpenIdConnect.AuthenticationProperties%3DoC2v84vDJk1QvLQsNeqPXXM8iErq4FDt_sKaKJQosk44KAhiO-myitRctaXeOO14RBYlR3fiNDzVFOaGgwTSOLlDI-Le-RXRFxnb24at1Ip4iwZz8Ja2DWVkE5gTjbzSM4zzN99H9r35Os4EBm7bQ-MjjnGEYjcvpTvZ4QBf48RYnoe48GxJBa4ECNNIOQ-TYr1Xh0uQ2kuFbUBbLRiqf-m-8BTezZTldfLerbCoKQrI8bUgdb6htzEk0TWQp1-TfWtnVWAaNm9InmG1HsTddwZMLz_XW0DtsEBG4K9QM0J7h28mM9boKvpnfoUyctKtdPQpDvFky87Bj6YdSLhjXCEcL4EJMBruai73nosVA4QQfwRCusqlRq4JqG7331UmxRY5o3HkWiMsINqo3voGk4avFT4EXTMUCHk6wnRHV510maXIC3gEMKfFjty_5OW_&response_mode=form_post&nonce=637658786296213439.NTE0OGJkYjktN2I3Ni00YjJkLTg1NDMtYmI0ZjE4OGQ4OTNjNzUwYTY5Y2UtNmExZS00MGNhLTllMzAtYzE5ZjE1NzhhNzYw&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Aug 2021 03:08:42 GMT
ETag: "019a883a794d71:0"
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Date: Mon, 30 Aug 2021 00:03:50 GMT
Accept-Ranges: bytes
Content-Length: 101973
X-XSS-Protection: 1; mode=block

GET
H2 200 LoginWithJS_v6.html Show response
crmws.ceridian.com/b2csignon/ 9 KB
3 KB 181ms
33ms XHR
text/html 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://crmws.ceridian.com/b2csignon/LoginWithJS_v6.html

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

ECAcc (frc/8F1D) /

Resource Hash

200d044572c76810078ff71ff39f8d554d2960f7a71785b413a623c6491f8e1f

Security Headers

Name	Value
Content-Security-Policy	default-src ; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app101prodazureadb2c01.b2clogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src *; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
content-md5: xOsMqRv6sUFePmvvvhY/wQ==
age: 405994
x-cache: HIT
x-iinfo: 3-79944253-79944254 NNYN CT(3 11 0) RT(1630281831254 0) q(0 0 0 0) r(0 0) U12
etag: "0x8D81DC2130CA3D2"
pragma: no-cache
last-modified: Wed, 01 Jul 2020 13:24:25 GMT
server: ECAcc (frc/8F1D)
x-ms-error-code: ConditionNotMet
date: Mon, 30 Aug 2021 00:03:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=utf-8
access-control-allow-origin: https://app101prodazureadb2c01.b2clogin.com
x-ms-request-id: 1243fb22-801e-009d-1881-993fde000000
access-control-expose-headers: Content-Type
cache-control: no-cache,no-store,max-age=0,must-revalidate
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 style_v3.css
crmws.ceridian.com/b2csignon/ 21 KB
8 KB 24ms
23ms Stylesheet
text/css 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://crmws.ceridian.com/b2csignon/style_v3.css

Requested by

Host: app101prodazureadb2c01.b2clogin.com
URL: https://app101prodazureadb2c01.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=AM3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

ECAcc (frc/8F96) /

Resource Hash

452c741b031686712680fac01163668a12c93b54a7dece3066dc93e2a0b3158f

Security Headers

Name	Value
Content-Security-Policy	default-src ; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app101prodazureadb2c01.b2clogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src *; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
content-md5: 39j7KQ5tUa5xDOdC20vXow==
age: 561720
x-cache: HIT
x-iinfo: 5-159059670-159059667 2NYN RT(1630281831294 0) q(0 0 0 0) r(1 1) U2
etag: "0x8D7BC97A60FCA57"
pragma: no-cache
last-modified: Fri, 28 Feb 2020 21:46:20 GMT
server: ECAcc (frc/8F96)
x-ms-error-code: ConditionNotMet
date: Mon, 30 Aug 2021 00:03:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-ms-request-id: e09f86d7-701e-00a1-1616-988b05000000
cache-control: no-cache,no-store,max-age=0,must-revalidate
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 logo_v1.png
crmws.ceridian.com/b2csignon/ 13 KB
13 KB 25ms
25ms Image
image/png 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crmws.ceridian.com/b2csignon/logo_v1.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

ECAcc (frc/8FEF) /

Resource Hash

47a08e8d519f3a08df61096680ef0989d5fed93df360ef6bf56b2c708c3783eb

Security Headers

Name	Value
Content-Security-Policy	default-src ; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app101prodazureadb2c01.b2clogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src *; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
x-cdn: Imperva
content-md5: dR0eqe6BV0cYbSM4nsRYrw==
age: 577980
x-cache: HIT
x-iinfo: 5-159059671-159059672 2NNN RT(1630281831298 0) q(0 0 1 0) r(1 1) U2
content-length: 12867
etag: "0x8D70C61FF23338F"
pragma: no-cache
last-modified: Fri, 19 Jul 2019 15:58:52 GMT
server: ECAcc (frc/8FEF)
x-ms-error-code: ConditionNotMet
date: Mon, 30 Aug 2021 00:03:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-ms-request-id: 42d3addd-e01e-0068-04f0-971bcf000000
cache-control: no-cache,no-store,max-age=0,must-revalidate
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 sign-in_2018_img.jpg
crmws.ceridian.com/b2csignon/ 72 KB
72 KB 524ms
523ms Image
image/jpeg 45.60.65.3
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crmws.ceridian.com/b2csignon/sign-in_2018_img.jpg

Requested by

Host: crmws.ceridian.com
URL: https://crmws.ceridian.com/b2csignon/style_v3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.60.65.3 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

7d9ce7d7685b9e4a0b0b388533ac25ee735276fd69b50fbb46141e0a04fa5d8a

Security Headers

Name	Value
Content-Security-Policy	default-src ; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://crmws.ceridian.com/b2csignon/style_v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src *; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *
x-content-type-options: nosniff
x-cdn: Imperva
content-md5: Pf6CPz0pZh6LeId6PVB0kg==
x-cache: HIT
x-iinfo: 5-159059676-159059677 NNNN CT(4 10 0) RT(1630281831329 0) q(0 0 0 -1) r(0 5) U2
vary: Origin
content-length: 73687
etag: "0x8D68529521D04C2"
pragma: no-cache
last-modified: Mon, 28 Jan 2019 14:03:03 GMT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: ConditionNotMet
date: Mon, 30 Aug 2021 00:03:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
x-ms-request-id: f411090d-001e-00a5-4032-9d7e87000000
cache-control: no-cache,no-store,max-age=0,must-revalidate
x-ms-version: 2018-03-28
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.app101prodazureadb2c01.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6Ijg4NTA5Y2RhLWVmZWEtNDZjNC1iM2JhLWMwMDQyYzExNWYzZCIsIlQiOiJhcHAxMDFwcm9kYXp1cmVhZGIyYzAxLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMWFfY3JtX3NpZ251cF9zaWduaW4iLCJDIjoiYTQyMjYwYjktZThhYi00NjZiLWJkZjktMDY5MDM0MGQzZmM0IiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6Ijg4NTA5Y2RhLWVmZWEtNDZjNC1iM2JhLWMwMDQyYzExNWYzZCJ9
.app101prodazureadb2c01.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-cache\|2pxqiorvxeazusaelbffpq_0 Value: m1.4HZ+OIOmN5SgILFO.eTjBCvGUgypHHOyBTdg4Tw==.0.rol5j+RdHuxA8ndOg42Adlo3+hoL0A5L3FmlkKC2O5n8nXMco2ZBQ53bjJOwoz+2u6JMabfvOyNd1nhZzDhvm3kvtBO+GvrmTOVod06Zm7AS4AlBJ3g0VgKUpt4SzHLJylOVb74MDfCiobONfhjZRBk6+Mplz0GPSkg3aA8TJql8lR7Gm4LUb4a6MUzDPMfEZI/vyZCZYQPurUGAK6IN126AtOVt2ZgaMNH7zVOu8C+xfIjg1uFDMsYiuVPqTXnGNrtNKS9bf+FTkeNmW+On6Sgr1UCHGHNPqsZ+bWcbTMGCQEzYUZzgNGHQVvoQKU3NRkLJHWBn5usyMOEjaFIta0WwaPSAZVTr9fkTAWUgrgSrmEbID/XtOy7TGLWw5X6hfYkgGD01ezQzwn0bVFjQwx7Oi6mh4vvsPva2UwIDhqFw160GG8qxwLb2j6vnvgqK5Oolc+bxO3StKt3gL/Bj/peU1erabyMsZkcV7u0CPY2b1wHbp/Muklcg9IK5YvGGgjy8mzl6CQ8fkauMRCEhrwUxlZi8rMk/Fke1IpthEAr4qI9qd1tH4apgLFxkFiT75HEEgkMnYgxNMwPqR8RQmg8lhAV2GjqHL0IbghV8kUtoZPe0xrr2p461WEYa4V86m48W0VcEv0T9prybjKNANA649BCRhhr1H0ZLn+ll1uZoqZDDHpAgtiqH0lSUMcR2hXp+lLu2aKdpgw3xX0mlq8qit3zcIjxpVsw7xqDn6gc1WvLpoR+FzNJBb/gqlrYbDuC/mUuPFCUcUkZD4LezrAgchbH3qr+AzlNt5CIn35OmcGkMWLWMenPYg32nQgw8l3OHZtDZbtXaE8V7mkyF14WY8HQmsTnPZBGykph0iKrBu6k9si03JK+PSVlIwxmuBmiuHmGCAImzYpuZjZW/pyC0SYlJ5JvAbNZvred48BBSDhzhkoC5BlHI4V5w5QWRpnRQ7hbf6em/WBYMYlsGCOxCGVCuRCqc0qb34R0yoh8Nzsx1RgGEXhc7t4udkYPYtocL1R+K8mt7lwKV0D47D3Di2MAEEEAp/AJnxkGrbsP1M4fiEQFU6LYk7lACtRlTxmQTCSbOpjleda6eDNH5akD8ejikdcw0yKp4iuw9lmS5R5PAdtoTl9y8pxkkhZ/GL3mST8xEHqYCnSLbIIeZ4LzlnlNq5l37xIpznc5OUGrUMPYj+v4blfail7S4bZxAs5jgQ4MrUes7XqpCOQ/uJ/pcv3DqcyKTwQNnIRw3fkrc5UQiYdmB73SM+jyas14wPwrTjxKfVHlvv+mOrp5Jnf7naaN0xEuLCftTTvIicyJj1yFh
.app101prodazureadb2c01.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-csrf Value: UDdPa0NNckhObW1KMFRxeEM5S2pSZGVKS2JoamhzNHB3M1BPdWFXNmdmank5MVNOK3pBRHhmWFVNbzBFeHQ1YlgrOXFSR2dPZEczZTZkOTFqTUVwcUE9PTsyMDIxLTA4LTMwVDAwOjAzOjUxLjA3NjI1NDZaO0dsbUJ3aTNXaGsxc1lCbHVPcG9XVEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-36a6d69022.js(Line 6) Message: JQMIGRATE: Migrate is installed with logging active, version 3.1.0
console-api	warning	URL: https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-36a6d69022.js(Line 6) Message: JQMIGRATE: jQuery.expr[':'] is deprecated; use jQuery.expr.pseudos
console-api	log	URL: https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-36a6d69022.js(Line 6) Message: console.trace
console-api	warning	URL: https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-36a6d69022.js(Line 6) Message: JQMIGRATE: jQuery.fn.mouseup() event shorthand is deprecated
console-api	log	URL: https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-36a6d69022.js(Line 6) Message: console.trace
console-api	warning	URL: https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-36a6d69022.js(Line 6) Message: JQMIGRATE: jQuery.fn.delegate() is deprecated
console-api	log	URL: https://content.powerapps.com/resource/powerappsportal/dist/preform.bundle-36a6d69022.js(Line 6) Message: console.trace

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * blob:; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; frame-src * blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app101prodazureadb2c01.b2clogin.com
cdn.cookielaw.org
content.powerapps.com
crmws.ceridian.com
geolocation.onetrust.com
stats.g.doubleclick.net
support.ceridian.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
20.190.160.73
2606:4700:10::6814:b844
2606:4700::6810:9440
2620:1ec:46::45
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:828::2003
2a00:1450:400c:c0a::9c
45.60.65.3
09cb675c63dfe78d3186507424525eba57a07685cabd8a34fabae295888fa1b7
0d2ede9e1853324419a534887a7cf63ec5ce02445fb2e3ffbff825cecab13282
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
0f5f9837ea118e1c1071390042db6a04791bf61efe33e1d2eaec4989fcd4f373
111b98206342054967a14d4feb8d75f0fabde27ffbc999ef88497d8744d9903b
17724c267b1b4f28eda8558701a79afd31224bfdcbbb561585295685df9bfe88
1e53e0f20a89ffa62ff68ededf5b6dd63cc6bc6b1f0a6e1a580647e3358d54bd
200d044572c76810078ff71ff39f8d554d2960f7a71785b413a623c6491f8e1f
2846056404afcf773e5d4f0530c526f26e46a0b9fb5f451626d706e178324f4e
452c741b031686712680fac01163668a12c93b54a7dece3066dc93e2a0b3158f
47a08e8d519f3a08df61096680ef0989d5fed93df360ef6bf56b2c708c3783eb
5423f185195f046d0f3893f674e072be43e47c6124dd6ccbe214e896b1944d43
6463dd382e8b4871aca3f048841f991fa3364bb1c451ea6905d4077cb7336731
65bf241d343076ef51b6679c6cca2ae8c488877d9fba9ce359216e23e9144768
6ecb3da4b4b5adae0b627fafbf31366a07c33c047452ee750822e34b14dd1fb2
7d9ce7d7685b9e4a0b0b388533ac25ee735276fd69b50fbb46141e0a04fa5d8a
88e26a38539fee76da159d0e888bb54a68a703c69a5b1d0438dc4edd3d0e78cf
935a942b34c92661c401003f711e0e1c05add9add3ea553932627e8e8a64cfe7
938b687dd94b5165bca954ed00ab0521edf743a1d3c721ac9323b6bc401c196d
97ab74a6617725050b2fe38870d648d3548705c53a906e8d06ca19dc75edf0ab
9c65def9574ad5dfde52919f0dd48b89fe283ec2928c51ebd980826f903ef388
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
a84d8cd6ae03f58b2819b483f90b597da0842a7c2c665d2db105d2c98c85ae51
b1fc9fa8ef48b2f2e72762b7c913ff9b15605810c76228558f0fda258dd6f774
b2ca3fd0081e9ae0c7b20bcf838cd4f510b0021891c63d80a8b97621526b078d
ba415ae27af81803423e832d4e61085c77822d7dbef7446fcc8c7fecf4abad53
ca1390a3465fc31cd39e2fdc64bdc45f248a8c1a24bef23ea733f2eb3d20ec9a
ca5d7d5646e089660bcccf3fa1ed6b753196117a6c65667abce22eeab605aca8
d6b623dcb585a9a79054377dc252adef2952e955ed824f301690f88b007837b4
ec58890a0ffa7087223aab35950e96e7dd02465ccfbd55d7c0c9860c276a28f1

app101prodazureadb2c01.b2clogin.com Open in urlscan Pro 20.190.160.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

80 %IPv6

10 Domains

11 Subdomains

11 IPs

4 Countries

888 kBTransfer

3212 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

app101prodazureadb2c01.b2clogin.com Open in urlscan Pro
20.190.160.73 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

888 kB
Transfer

3212 kB
Size

3
Cookies

42 HTTP transactions
1 data transactions