service-cas.hrblockonline.ca Open in urlscan Pro
20.99.133.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://2021.hrblockonline.ca/
Effective URL:
https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthoriz...
Submission: On June 24 via api (June 24th 2024, 8:05:43 am UTC) from US — Scanned from CA

Summary HTTP 136 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 23 domains to perform 136 HTTP transactions. The main IP is 20.99.133.72, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is service-cas.hrblockonline.ca.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 2nd 2023. Valid for: a year.

This is the only time service-cas.hrblockonline.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	20.99.133.72 20.99.133.72	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.17.245.203 104.17.245.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.162.3.56 3.162.3.56	16509 (AMAZON-02) (AMAZON-02)
10	142.251.174.97 142.251.174.97	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
3	209.85.144.104 209.85.144.104	15169 (GOOGLE) (GOOGLE)
3	34.196.224.217 34.196.224.217	14618 (AMAZON-AES) (AMAZON-AES)
1	173.194.68.94 173.194.68.94	15169 (GOOGLE) (GOOGLE)
4	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
2	54.230.48.245 54.230.48.245	16509 (AMAZON-02) (AMAZON-02)
7	23.55.205.47 23.55.205.47	16625 (AKAMAI-AS) (AKAMAI-AS)
6	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	209.85.201.94 209.85.201.94	15169 (GOOGLE) (GOOGLE)
2 4	172.217.222.148 172.217.222.148	15169 (GOOGLE) (GOOGLE)
2	173.194.204.148 173.194.204.148	15169 (GOOGLE) (GOOGLE)
2	172.217.197.156 172.217.197.156	15169 (GOOGLE) (GOOGLE)
8	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	173.194.66.95 173.194.66.95	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.85.144.94 209.85.144.94	15169 (GOOGLE) (GOOGLE)
2	157.240.244.1 157.240.244.1	32934 (FACEBOOK) (FACEBOOK)
5	23.212.250.9 23.212.250.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.220.128.152 23.220.128.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2	23.220.129.51 23.220.129.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	157.240.244.35 157.240.244.35	32934 (FACEBOOK) (FACEBOOK)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
1	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
136	29

44 20.99.133.72 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

2021.hrblockonline.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
service-cas.hrblockonline.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.245.203 (None, )

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.3.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-56.yul62.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.174.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.85.144.104 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.196.224.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-224-217.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.48.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-48-245.yul62.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.55.205.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-205-47.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.85.201.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.222.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: qi-in-f148.1e100.net

10488595.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.204.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.197.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.144.94 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.244.1 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-mty2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.212.250.9 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-250-9.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.128.152 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-128-152.deploy.static.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.220.129.51 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-129-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	hrblockonline.ca 1 redirects 2021.hrblockonline.ca service-cas.hrblockonline.ca	5 MB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	359 KB
9	teads.tv p.teads.tv — Cisco Umbrella Rank: 6003 cm.teads.tv — Cisco Umbrella Rank: 5170 t.teads.tv — Cisco Umbrella Rank: 3433 Failed	9 KB
8	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 938 tr6.snapchat.com — Cisco Umbrella Rank: 1283	1 KB
8	doubleclick.net stats.g.doubleclick.net Failed 10488595.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 164 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	3 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787 Failed	140 KB
5	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2978 heapanalytics.com — Cisco Umbrella Rank: 2420	45 KB
4	google.com www.google.com — Cisco Umbrella Rank: 5 analytics.google.com — Cisco Umbrella Rank: 174 Failed	1 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 8928	191 B
3	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1200	13 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2076 Failed alb.reddit.com — Cisco Umbrella Rank: 1406 Failed	724 B
2	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 805 Failed a8214761424.cdn.optimizely.com Failed logx.optimizely.com — Cisco Umbrella Rank: 1655	67 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204 Failed	71 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1274	21 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	219 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 4429	16 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1008	33 KB
0	licdn.com Failed snap.licdn.com Failed
0	cra-arc.gc.ca Failed apps2.ams-sga.cra-arc.gc.ca Failed
136	23

	Domain	Requested by
30	service-cas.hrblockonline.ca	1 redirects 2021.hrblockonline.ca service-cas.hrblockonline.ca
14	2021.hrblockonline.ca	2021.hrblockonline.ca
10	www.googletagmanager.com	2021.hrblockonline.ca service-cas.hrblockonline.ca www.googletagmanager.com
6	tr.snapchat.com	2021.hrblockonline.ca sc-static.net service-cas.hrblockonline.ca
6	bat.bing.com	2021.hrblockonline.ca bat.bing.com service-cas.hrblockonline.ca
5	cm.teads.tv	2021.hrblockonline.ca p.teads.tv service-cas.hrblockonline.ca
5	analytics.tiktok.com	2021.hrblockonline.ca analytics.tiktok.com
4	10488595.fls.doubleclick.net	2 redirects 2021.hrblockonline.ca www.googletagmanager.com
3	www.google.ca	service-cas.hrblockonline.ca
3	www.redditstatic.com	2021.hrblockonline.ca www.googletagmanager.com www.redditstatic.com
3	heapanalytics.com	2021.hrblockonline.ca service-cas.hrblockonline.ca
3	www.google.com	2021.hrblockonline.ca service-cas.hrblockonline.ca
2	www.facebook.com	service-cas.hrblockonline.ca
2	t.teads.tv	2021.hrblockonline.ca p.teads.tv service-cas.hrblockonline.ca
2	tr6.snapchat.com	sc-static.net
2	googleads.g.doubleclick.net	2021.hrblockonline.ca www.googletagmanager.com
2	ad.doubleclick.net	service-cas.hrblockonline.ca
2	connect.facebook.net	2021.hrblockonline.ca connect.facebook.net
2	p.teads.tv	2021.hrblockonline.ca www.googletagmanager.com
2	sc-static.net	2021.hrblockonline.ca www.googletagmanager.com
2	cdn.heapanalytics.com	2021.hrblockonline.ca service-cas.hrblockonline.ca
1	logx.optimizely.com	analytics.tiktok.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	service-cas.hrblockonline.ca
1	fonts.googleapis.com	service-cas.hrblockonline.ca
1	alb.reddit.com	service-cas.hrblockonline.ca
1	pixel-config.reddit.com	2021.hrblockonline.ca www.redditstatic.com
1	analytics.google.com	2021.hrblockonline.ca www.googletagmanager.com
1	cdn.optimizely.com	2021.hrblockonline.ca www.googletagmanager.com
1	www.gstatic.com	2021.hrblockonline.ca
1	d.impactradius-event.com	2021.hrblockonline.ca
1	unpkg.com	2021.hrblockonline.ca
0	a8214761424.cdn.optimizely.com Failed	cdn.optimizely.com
0	stats.g.doubleclick.net Failed	www.googletagmanager.com
0	snap.licdn.com Failed	2021.hrblockonline.ca
0	apps2.ams-sga.cra-arc.gc.ca Failed	2021.hrblockonline.ca
136	36

This site contains links to these domains. Also see Links.

Domain
myblock.hrblockonline.ca
2021.hrblockonline.ca

Subject Issuer	Validity	Valid
*.hrblockonline.ca Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
unpkg.com GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-08` - `2025-01-06`	a year	crt.sh
www.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.google.ca WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-02` - `2024-07-01`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
logx.optimizely.com WR3	`2024-05-23` - `2024-08-21`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Frame ID: 2DDF5AEF994D12B6B82B7C0C098BE763
Requests: 129 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T
Frame ID: 76CDDF472C17DA3B4D8E973823056734
Requests: 1 HTTP requests in this frame

Frame: https://10488595.fls.doubleclick.net/activityi;dc_pre=CN25q_Xj84YDFQzA_QUdPlEAtQ;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F
Frame ID: A6501318A32F47D883B3FBEB0625E2C2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=9249d0a3-083c-43d7-a9ba-6fd9dec814fd&u_scsid=a720274c-5eee-403e-b882-c49ecb72fb94&u_sclid=9522960c-1230-4526-9964-7c02c8d9e1b9
Frame ID: 4FE6F4CECEE7E52BB43CAA58B1D3D04F
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T
Frame ID: 69A82CA7B34C51E895908FE3A9D1BB49
Requests: 1 HTTP requests in this frame

Frame: https://10488595.fls.doubleclick.net/activityi;dc_pre=CLjDnPbj84YDFYXg_QUdM8cGrQ;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient
Frame ID: 37CDCBF5BF449AFA55AFFEC8E552ED72
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=9249d0a3-083c-43d7-a9ba-6fd9dec814fd&u_scsid=06769bde-e7bb-4ece-bf21-f873cc9a5775&u_sclid=afe4fe39-33e7-424e-bf4c-1cc558557006
Frame ID: 50F98D8DA3BFB611E78C8A70BBF17CFC
Requests: 1 HTTP requests in this frame

Frame: https://a8214761424.cdn.optimizely.com/client_storage/a8214761424.html
Frame ID: 78CBDFD9085EF15AD49139E87F82FA6A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In - H&R Block Canada

Page URL History Show full URLs

https://2021.hrblockonline.ca/ Page URL
https://service-cas.hrblockonline.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=DIY21&scope=open... HTTP 302
https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

136
Requests

87 %
HTTPS

0 %
IPv6

23
Domains

36
Subdomains

29
IPs

4
Countries

5956 kB
Transfer

24529 kB
Size

35
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://myblock.hrblockonline.ca/forgot-username?lang=en&clientId=diy21&hrbSource=self&googleDeviceId=
Title: username

Search URL Search Domain Scan URL

URL: https://myblock.hrblockonline.ca/forgot-password?lang=en&clientId=diy21&hrbSource=self&googleDeviceId=
Title: password

Search URL Search Domain Scan URL

URL: https://2021.hrblockonline.ca/#/provide-your-email?lang=en&hrbSource=self&googleDeviceId=
Title: I want to create an account

Search URL Search Domain Scan URL

URL: https://myblock.hrblockonline.ca/dashboard?lang=en&clientId=diy21&hrbSource=self&googleDeviceId=
Title: See all available years

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://2021.hrblockonline.ca/ Page URL
https://service-cas.hrblockonline.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=DIY21&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://2021.hrblockonline.ca/%23/callback&state=NkYOSG95Hh4enA9yXsf1ChVx7Q4jByLJ&nonce=DtFQH0P9HsHNZK6I&googleDeviceId=&locale=en HTTP 302
https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/cra.js HTTP 302
https://apps2.ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/cra.js

Request Chain 39

https://10488595.fls.doubleclick.net/activityi;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F HTTP 302
https://10488595.fls.doubleclick.net/activityi;dc_pre=CN25q_Xj84YDFQzA_QUdPlEAtQ;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F

Request Chain 110

https://10488595.fls.doubleclick.net/activityi;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient HTTP 302
https://10488595.fls.doubleclick.net/activityi;dc_pre=CLjDnPbj84YDFYXg_QUdM8cGrQ;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
2021.hrblockonline.ca/ 2 KB
966 B 281ms
95ms Document
text/html 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

446648569798c1658baab6f2cbc2d32d1e6c6f4cd81703ff8412048205ead82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 733
content-type: text/html
date: Mon, 24 Jun 2024 08:05:28 GMT
etag: "2dd-617dcbf0fed80"
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
strict-transport-security: max-age=3153600; includeSubDomains
vary: Accept-Encoding

GET
H2 200 optimizely.browser.umd.min.js Show response
unpkg.com/@optimizely/optimizely-sdk@3.0.1/dist/ 84 KB
33 KB 115ms
43ms Script
application/javascript 104.17.245.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@optimizely/optimizely-sdk@3.0.1/dist/optimizely.browser.umd.min.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.245.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7db45d5fa6ef1dec7a3b2c130149cb24f5dfa71931fd4cb6e0098cafa00cafc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10068622
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HQRJ8MP4HE7YPQ0E672NT4NZ-yyz
server: cloudflare
etag: "151c1-aeKKMubcYfC42wbASbWcSyNaTLM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 898b36841f89ac7c-YYZ

GET
H2 200 common.bundle.css
2021.hrblockonline.ca/ 6 MB
313 KB 92ms
90ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/common.bundle.css

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

240f8e3b479fa713729a3cd288807fa8dbe6b8e4f4d96d2b4a03861fa6b0d18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "4e18d-617dcbf0fed80"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 319885

GET
H2 200 bundle.css
2021.hrblockonline.ca/ 2 B
262 B 92ms
90ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/bundle.css

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "21-617dcbf0fed80"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 33

GET
H2 200 newrelic.45fa6fb5.js Show response
2021.hrblockonline.ca/js/ 27 KB
10 KB 265ms
263ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

42d304e989993e7006513cfd263ab40607f025bcad8367f2d8d09108dcc28cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 14 May 2024 05:04:04 GMT
server: Apache/2.4.52 (Unix)
etag: "6ac7-61862ee4d56ad-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9607

GET
H2 200 heap.4425c8ec.js Show response
2021.hrblockonline.ca/js/ 734 B
690 B 264ms
263ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/js/heap.4425c8ec.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

93bc415ce79ebb9fc35e1c85fa2c348118ef967470bcbcadcca775aaf2c474c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 14 May 2024 05:04:04 GMT
server: Apache/2.4.52 (Unix)
etag: "2de-61862ee4d56ad-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 445

GET
H2 200 script_env.0d98dfca.js Show response
2021.hrblockonline.ca/js/ 644 B
602 B 94ms
93ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/js/script_env.0d98dfca.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

c1e279bee114c2272eb9f8ff3308da07e074126423a9ebacd6323f29f6638532

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 14 May 2024 05:05:41 GMT
server: Apache/2.4.52 (Unix)
etag: "284-61862f41dac93-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 357

GET
H2 200 vendors.dccc6df2.chunk.js Show response
2021.hrblockonline.ca/js/ 2 MB
514 KB 92ms
91ms Script
text/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/js/vendors.dccc6df2.chunk.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

9984757dffed620a7ba3681c6edeab581d158848c65112dca4094f2ae6bdb4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "8048c-617dcbf0fed80"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 525452

GET
H2 200 common.9b2e776a.chunk.js Show response
2021.hrblockonline.ca/js/ 144 B
398 B 92ms
92ms Script
text/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/js/common.9b2e776a.chunk.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

95ca1871162b789cd3847ecb496beb5dd599319a579f060337fa62cbb1a30dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "a3-617dcbf0fed80"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 163

GET
H2 200 index.3e793e44.js Show response
2021.hrblockonline.ca/js/ 10 MB
2 MB 93ms
92ms Script
text/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/js/index.3e793e44.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

39c631d4f22cfa0c1fc2ecc1e1951ee45bd519a32ab0eae6d04f5ad3980fca20

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:28 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "1bc602-617dcbf0fed80"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1820162

GET
H2 200 heap-3605585590.js
cdn.heapanalytics.com/js/ 151 KB
44 KB 150ms
67ms Script
application/javascript 3.162.3.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3605585590.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-56.yul62.r.cloudfront.net

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:08 GMT
content-encoding: br
via: 1.1 302bce0287d24df9c94be17a5fd67262.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: YUL62-P2
age: 21
x-powered-by: Express
etag: W/"25a75-hTpZvu0IZzNbxBcj8bPnAp89cVY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CoGjvSNarUpDKZyxYmojG8Yg64LSw2xqU8cMz-YT_jZlfLWhqzF-0Q==

GET
H2 200 Noto_Sans_400.woff
2021.hrblockonline.ca/assets/ 19 KB
19 KB 91ms
91ms Font
font/woff 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/assets/Noto_Sans_400.woff

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/common.bundle.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/common.bundle.css
Origin: https://2021.hrblockonline.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "4b10-617dcbf0fed80-gzip"
vary: Accept-Encoding
content-type: font/woff
accept-ranges: bytes
content-length: 19155

GET

cra.js
apps2.ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/
Redirect Chain

https://ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/cra.js
https://apps2.ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/cra.js

0
0

GET
H2 200 gtm.js
www.googletagmanager.com/ 353 KB
107 KB 219ms
82ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109003
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jun 2024 08:05:29 GMT

GET
H2 200 ns.html
www.googletagmanager.com/ Frame 76CD 0
0 203ms
70ms Document
text/html 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://2021.hrblockonline.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 332
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 08:05:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 A1327526-4c1f-4d69-8e68-900d5e31e37e1.js
d.impactradius-event.com/ 38 KB
16 KB 104ms
33ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A1327526-4c1f-4d69-8e68-900d5e31e37e1.js
Requested by: Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:04:56 GMT
content-encoding: gzip
age: 33
x-guploader-uploadid: ACJd0Nph2CM6S8N1w2AdZ4ipU8RcIsTZ6vPZlbWOrMxeZrpq4Muy3I3CuY-1Jj4Y8gtZgGM43p6N8pMcrw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15518
last-modified: Fri, 22 Mar 2024 16:18:31 GMT
server: UploadServer
etag: "24b8ed00a62d0e26f83b5c60560cd71a"
vary: Accept-Encoding
x-goog-generation: 1711124311463999
x-goog-hash: crc32c=UQ/IdQ==, md5=JLjtAKYtDib4O1xgVgzXGg==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 15518
accept-ranges: bytes
expires: Mon, 24 Jun 2024 08:09:56 GMT

GET
H2 200 api.js
www.google.com/recaptcha/ 1 KB
1 KB 212ms
75ms Script
text/javascript 209.85.144.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit&hl=en

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.104 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f104.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 24 Jun 2024 08:05:29 GMT

HEAD
H2 200 jwks
service-cas.hrblockonline.ca/cas/oidc/ 0
382 B 276ms
94ms XHR
application/json 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/oidc/jwks

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:29 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://2021.hrblockonline.ca
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 418
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 hrb-logo-120px.png
2021.hrblockonline.ca/assets/ 34 KB
34 KB 91ms
91ms Image
image/png 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2021.hrblockonline.ca/assets/hrb-logo-120px.png

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
strict-transport-security: max-age=3153600; includeSubDomains
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "87f4-617dcbf0fed80"
content-type: image/png
accept-ranges: bytes
content-length: 34804

GET
H2 200 loading_final_Mobile.gif
2021.hrblockonline.ca/assets/ 37 KB
38 KB 91ms
90ms Image
image/gif 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2021.hrblockonline.ca/assets/loading_final_Mobile.gif

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
strict-transport-security: max-age=3153600; includeSubDomains
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "95bb-617dcbf0fed80"
content-type: image/gif
accept-ranges: bytes
content-length: 38331

GET
H2 200 loading_final_Normal.gif
2021.hrblockonline.ca/assets/ 90 KB
90 KB 92ms
92ms Image
image/gif 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2021.hrblockonline.ca/assets/loading_final_Normal.gif

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
strict-transport-security: max-age=3153600; includeSubDomains
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "1676e-617dcbf0fed80"
content-type: image/gif
accept-ranges: bytes
content-length: 92014

GET
H2 200 fontawesome-webfont.woff2
2021.hrblockonline.ca/assets/ 75 KB
76 KB 91ms
91ms Font
font/woff2 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://2021.hrblockonline.ca/assets/fontawesome-webfont.woff2

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/common.bundle.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Unix) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/common.bundle.css
Origin: https://2021.hrblockonline.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
strict-transport-security: max-age=3153600; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 May 2024 12:58:46 GMT
server: Apache/2.4.52 (Unix)
etag: "12d68-617dcbf0fed80-gzip"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 159ms
52ms Image
image/gif 34.196.224.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3605585590&u=8719715935898286&v=2463923766819713&s=2918170362085285&b=web&tv=4.0&z=0&g=%23%2Fportal-landing-page&h=%2F&d=2021.hrblockonline.ca&t=H%26R%20Block%20Canada%202021&ts=1719216329772&ubv=126.0.6478.114&upv=10.0.0&sch=1200&scw=1600&st=1719216329778

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.224.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-224-217.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 517 KB
205 KB 200ms
65ms Script
text/javascript 173.194.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Origin: https://2021.hrblockonline.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 20:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209238
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jun 2025 20:50:12 GMT

GET
H2

200

Primary Request login Show response
service-cas.hrblockonline.ca/cas/
Redirect Chain

https://service-cas.hrblockonline.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=DIY21&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://2021.hrblockonline.ca/%23/callba...
https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021....

11 KB
11 KB

1121ms
1118ms

Document
text/html

20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/vendors.dccc6df2.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

a52fdfc2272d2546054130c02357496510807708be39252b6a6dfcb9b59e2188

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://2021.hrblockonline.ca/#/portal-landing-page
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en
content-type: text/html;charset=UTF-8
date: Mon, 24 Jun 2024 08:05:31 GMT
expires: 0
pragma: no-cache
server: Apereo CAS
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Mon, 24 Jun 2024 08:05:30 GMT
expires: 0
location: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
pragma: no-cache
server: Apereo CAS
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 js
www.googletagmanager.com/gtag/ 273 KB
96 KB 77ms
76ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7HPQ8HPXND&l=dataLayer&cx=c

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jun 2024 08:05:30 GMT

GET
H2 200 destination
www.googletagmanager.com/gtag/ 226 KB
82 KB 119ms
119ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1032405859&l=dataLayer&cx=c

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83799
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jun 2024 08:05:30 GMT

GET
H2 200 destination
www.googletagmanager.com/gtag/ 204 KB
74 KB 94ms
93ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10488595&l=dataLayer&cx=c

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76087
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jun 2024 08:05:30 GMT

GET
H2 200 pixel.js
www.redditstatic.com/ads/ 42 KB
13 KB 99ms
31ms Script
application/javascript 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 scevent.min.js
sc-static.net/ 47 KB
21 KB 167ms
80ms Script
application/javascript 54.230.48.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-245.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: gzip
via: 1.1 47373525d370c4b58e8b2be88c66f646.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 20523
x-amz-cf-id: FudT9QAITmeWNLptkJgEslk16mD4LmbyaR6WkL8pbjDv4OTJ6qonHg==

GET
H/1.1 200
OK teads-fellow.js
p.teads.tv/ 18 KB
6 KB 200ms
71ms Script
application/javascript 23.55.205.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-205-47.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 08:05:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:45:19 GMT
Server: AmazonS3
x-amz-request-id: YBWH3MB4BQF8Q9KN
ETag: "7571f2b08378e73bce1d28a5908d2cd5"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=467
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5930
x-amz-id-2: AmiL1mMPtHRD6mKz6VGFF1lXqvldXaq1oTjnmkIDbhcXZHv4etgZ2EBG9B+YCYxLyp2uvs8rRX1SqaK/2AHpkg==

GET
H2 200 bat.js
bat.bing.com/ 45 KB
13 KB 490ms
71ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 24 Jun 2024 08:05:29 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2AB296441B9749D094288CC4102C772C Ref B: YTO01EDGE0515 Ref C: 2024-06-24T08:05:30Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET fbevents.js
connect.facebook.net/en_US/ 0
0

GET events.js
analytics.tiktok.com/i18n/pixel/ 0
0

GET insight.min.js
snap.licdn.com/li.lms-analytics/ 0
0

GET 23484640733.js
cdn.optimizely.com/js/ 0
0

POST collect
analytics.google.com/g/ 0
0

POST collect
stats.g.doubleclick.net/g/ 0
0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 145ms
75ms Image
image/gif 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7HPQ8HPXND&cid=537344387.1719216330&gtm=45je46j0v870954087z876212757za200zb76212757&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1246834027

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 56ms
53ms Image
image/gif 34.196.224.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3605585590&u=8719715935898286&v=2463923766819713&s=2918170362085285&b=web&tv=4.0&sp=ts&sp=1719216329772&sp=d&sp=2021.hrblockonline.ca&sp=h&sp=%2F&sp=g&sp=%23%2Fportal-landing-page&pp=d&pp=2021.hrblockonline.ca&pp=h&pp=%2F&pp=g&pp=%23%2Fportal-landing-page&pp=t&pp=H%26R%20Block%20Canada%202021&pp=ts&pp=1719216329772&id0=4856795833519907&k0=Load%20Time&k0=2037&t0=Page%20Load&ts0=1719216330191&ubv0=126.0.6478.114&upv0=10.0.0&st=1719216330191

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.224.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-224-217.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2

200

activityi;dc_pre=CN25q_Xj84YDFQzA_QUdPlEAtQ;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0....
10488595.fls.doubleclick.net/ Frame A650
Redirect Chain

https://10488595.fls.doubleclick.net/activityi;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8...
https://10488595.fls.doubleclick.net/activityi;dc_pre=CN25q_Xj84YDFQzA_QUdPlEAtQ;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x8...

0
0

440ms
440ms

Document
text/html

172.217.222.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10488595.fls.doubleclick.net/activityi;dc_pre=CN25q_Xj84YDFQzA_QUdPlEAtQ;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F?

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://2021.hrblockonline.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 397
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 08:05:30 GMT
expires: Mon, 24 Jun 2024 08:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 08:05:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10488595.fls.doubleclick.net/activityi;dc_pre=CN25q_Xj84YDFQzA_QUdPlEAtQ;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromiu...
ad.doubleclick.net/ 0
24 B 507ms
436ms Image
image/png 173.194.204.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10488595;type=retar0;cat=fl-re00;ord=8576701854433;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=912031288;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"14665742784178414742"}],"aggregatable_trigger_data":[{"filters":[{"14":["10769964"]}],"key_piece":"0x8ebcf594e4f301b1","source_keys":["12","13","14","15","16","17","18","19","20","21","16269836","16269837","16269838","16269839","16271796","16271797","16271798","16271799","628672124","628672125","628672126","628672127","628755648","628755649","628755650","628755651","628831428","628831429","628831430","628831431","628849276","628849277","628849278","628849279","628881248","628881249","628881250","628881251","628911392","628911393","628911394","628911395","634954628","634954629","634954630","634954631","634964472","634964473","634964474","634964475"]},{"key_piece":"0xedcce3186d56a4be","not_filters":{"14":["10769964"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16269836","16269837","16269838","16269839","16271796","16271797","16271798","16271799","628672124","628672125","628672126","628672127","628755648","628755649","628755650","628755651","628831428","628831429","628831430","628831431","628849276","628849277","628849278","628849279","628881248","628881249","628881250","628881251","628911392","628911393","628911394","628911395","634954628","634954629","634954630","634954631","634964472","634964473","634964474","634964475"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16269836":65,"16269837":65,"16269838":65,"16269839":6356,"16271796":43,"16271797":43,"16271798":43,"16271799":4237,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628672124":32,"628672125":32,"628672126":32,"628672127":3177,"628755648":32,"628755649":32,"628755650":32,"628755651":3177,"628831428":34,"628831429":34,"628831430":34,"628831431":3345,"628849276":36,"628849277":36,"628849278":36,"628849279":3530,"628881248":32,"628881249":32,"628881250":32,"628881251":3177,"628911392":32,"628911393":32,"628911394":32,"628911395":3177,"634954628":93,"634954629":93,"634954630":93,"634954631":9081,"634964472":34,"634964473":34,"634964474":34,"634964475":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5058892466085489533","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14665742784178414742","filters":[{"14":["10769964"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"14665742784178414742","filters":[{"14":["10769964"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"14665742784178414742","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"14665742784178414742","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10488595"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET config
pixel-config.reddit.com/pixels/a2_dzwbj2z1udnq/ 0
0

GET a2_dzwbj2z1udnq_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 0
0

GET rp.gif
alb.reddit.com/ 0
0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/ 3 KB
1 KB 211ms
75ms Script
text/javascript 172.217.197.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/?random=1719216330259&cv=11&fst=1719216330259&bg=ffffff&guid=ON&async=1&gtm=45be46j0z876212757za201zb76212757&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F2021.hrblockonline.ca%2F&hn=www.googleadservices.com&frm=0&tiba=H%26R%20Block%20Canada%202021&npa=0&pscdl=noapi&auid=1220745524.1719216330&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1418
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9249d0a3-083c-43d7-a9ba-6fd9dec814fd.js
tr.snapchat.com/config/ca/ 184 B
467 B 202ms
133ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/ca/9249d0a3-083c-43d7-a9ba-6fd9dec814fd.js?v=3.19.2-2406181858

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Origin: https://2021.hrblockonline.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://2021.hrblockonline.ca
x-envoy-upstream-service-time: 43
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184

GET i
tr.snapchat.com/cm/ Frame 4FE6 0
0

GET p
tr.snapchat.com/ 0
0

GET
H/1.1 200
OK advertiser
cm.teads.tv/v2/ 139 B
585 B 435ms
64ms Fetch
application/json 23.55.205.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2F2021.hrblockonline.ca%2F%23%2Fportal-landing-page&buyer_pixel_id=11112
Requested by: Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-205-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 24 Jun 2024 08:05:30 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://2021.hrblockonline.ca
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 139
Expires: Mon, 24 Jun 2024 08:05:30 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1032405859/ 42 B
64 B 73ms
73ms Image
image/gif 209.85.144.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1032405859/?random=1719216330259&cv=11&fst=1719216000000&bg=ffffff&guid=ON&async=1&gtm=45be46j0z876212757za201zb76212757&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F2021.hrblockonline.ca%2F&hn=www.googleadservices.com&frm=0&tiba=H%26R%20Block%20Canada%202021&npa=0&pscdl=noapi&auid=1220745524.1719216330&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLeitL6rfri-FmKzn60P_UU0HJr0Adyg&random=770520436&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.104 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f104.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1032405859/ 42 B
64 B 72ms
72ms Image
image/gif 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1032405859/?random=1719216330259&cv=11&fst=1719216000000&bg=ffffff&guid=ON&async=1&gtm=45be46j0z876212757za201zb76212757&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F2021.hrblockonline.ca%2F&hn=www.googleadservices.com&frm=0&tiba=H%26R%20Block%20Canada%202021&npa=0&pscdl=noapi&auid=1220745524.1719216330&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLeitL6rfri-FmKzn60P_UU0HJr0Adyg&random=770520436&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5257317.js
bat.bing.com/p/action/ 0
118 B 70ms
69ms Script
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5257317.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/js/newrelic.45fa6fb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 24 Jun 2024 08:05:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E8541D3F430486083485CCCCEF9AFC9 Ref B: YTO01EDGE0515 Ref C: 2024-06-24T08:05:30Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 129ms
129ms Image
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5257317&Ver=2&mid=efbddce4-f1fc-424b-9991-a9176bc25f35&sid=86413570320011ef9c3d631cbb188527&vid=86416a60320011ef9097b9cdc299b6b2&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=H%26R%20Block%20Canada%202021&p=https%3A%2F%2F2021.hrblockonline.ca%2F%23%2Fportal-landing-page&r=&lt=1782&evt=pageLoad&sv=1&rn=920815

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jun 2024 08:05:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3202A1A6E511414596EE1302FA6F18D3 Ref B: YTO01EDGE0515 Ref C: 2024-06-24T08:05:30Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
202 B 153ms
82ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET track
t.teads.tv/ 0
0

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
529 B 427ms
60ms Image
text/plain 23.55.205.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=pageView&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=11112&referer=https%3A%2F%2F2021.hrblockonline.ca%2F%23%2Fportal-landing-page&user_session_id=46345b63-883a-4f11-8792-3e2bde110651
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-205-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1719216331","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Mon, 24 Jun 2024 08:05:31 GMT
Observe-Browsing-Topics: ?1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Mon, 24 Jun 2024 08:05:31 GMT

POST
H3 200 p
tr.snapchat.com/ 0
17 B 129ms
92ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://2021.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://2021.hrblockonline.ca
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST collect
analytics.google.com/g/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

GET
H2 200 normalize.css
service-cas.hrblockonline.ca/cas/webjars/normalize.css/8.0.1/ 6 KB
6 KB 280ms
267ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/webjars/normalize.css/8.0.1/normalize.css

Requested by

Host: service-cas.hrblockonline.ca
URL: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 6138
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap-grid.min.css
service-cas.hrblockonline.ca/cas/webjars/bootstrap/4.5.0/css/ 50 KB
50 KB 344ms
331ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/webjars/bootstrap/4.5.0/css/bootstrap-grid.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

e216f49acdbe944b8034d0323ac03cb1562adb6d3cbc767bebe81ea56e1da603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 50995
x-xss-protection: 1; mode=block

GET
H2 200 material-components-web.css
service-cas.hrblockonline.ca/cas/webjars/material-components-web/4.0.0/dist/ 318 KB
318 KB 110ms
97ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/webjars/material-components-web/4.0.0/dist/material-components-web.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1ff8d34ed8c7d30550864936a761d7ce500712956d63becbe7484401d188cad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 325274
x-xss-protection: 1; mode=block

GET
H2 200 materialdesignicons.css
service-cas.hrblockonline.ca/cas/webjars/mdi__font/5.0.45/css/ 274 KB
275 KB 280ms
268ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/webjars/mdi__font/5.0.45/css/materialdesignicons.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

2670ab6235d643c1b8c31504677a38226fcc526e89222081efe80b723a3a83b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 280565
x-xss-protection: 1; mode=block

GET
H2 200 cas.css
service-cas.hrblockonline.ca/cas/css/ 241 KB
241 KB 342ms
330ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/cas.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

bb3e2f5e170c8e53299996b1edca81852e950160e71e1cf8969acdad9208a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 246356
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 469ms
75ms Stylesheet
text/css 173.194.66.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f95.1e100.net

Software

ESF /

Resource Hash

5d6d9663331261c3447fef941fc4576216a8e4a7cb976983186d980efe22b540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jun 2024 08:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 08:04:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jun 2024 08:05:31 GMT

GET
H2 200 hrb-card-widget.css
service-cas.hrblockonline.ca/cas/css/ 1 KB
2 KB 280ms
269ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/hrb-card-widget.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

112ebd1f3f6a42c2574d558d8d8c8455679acd20e7a4cdc686b8dbf8a1217cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 1393
x-xss-protection: 1; mode=block

GET
H2 200 hrb-cas.css
service-cas.hrblockonline.ca/cas/css/ 552 B
847 B 107ms
96ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/hrb-cas.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

72f095d70b0d69330ac73c3cb4108e9f3afa9bb6828a928d550b1812dbc88ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 552
x-xss-protection: 1; mode=block

GET
H2 200 hrb-checkbox.css
service-cas.hrblockonline.ca/cas/css/ 923 B
1 KB 278ms
267ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/hrb-checkbox.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

70ace91f3a0f1c8388daed852a861462cdf17215deb8c2218bf5ffc5111b970e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 923
x-xss-protection: 1; mode=block

GET
H2 200 hrb-errors.css
service-cas.hrblockonline.ca/cas/css/ 1 KB
1 KB 419ms
409ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/hrb-errors.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

7fe7903ce2632538c46cc0b5fdcadbbb8c2ee7434930e5cd851593c5624dd88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 1074
x-xss-protection: 1; mode=block

GET
H2 200 hrb-field.css
service-cas.hrblockonline.ca/cas/css/ 108 B
403 B 278ms
268ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/hrb-field.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

ab9fdb993022e9fa0c2e50488d716186aecc5526ee20bbe3f24d0adbd77a1996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 hrb-login.css
service-cas.hrblockonline.ca/cas/css/ 658 B
953 B 335ms
326ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/hrb-login.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

ff1a2c5955c65e646f54259039e3e7bb7b9c82ca165bba641a5de4272739fc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 658
x-xss-protection: 1; mode=block

GET
H2 200 hrb-navbar.css
service-cas.hrblockonline.ca/cas/css/ 922 B
1 KB 337ms
329ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/hrb-navbar.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

f09141f2f7dea719c73385e5862f7183a90d35bff7d7e3a96ee97f8d97222563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 922
x-xss-protection: 1; mode=block

GET
H2 200 hrb-2fa.css
service-cas.hrblockonline.ca/cas/css/ 326 B
621 B 334ms
325ms Stylesheet
text/css 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/css/hrb-2fa.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

94e930950d5878f513802a3a816e57048fff5bedb5143c7cb5fedabc0e5c8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 326
x-xss-protection: 1; mode=block

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 79ms
40ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 318991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdxyBY5rIhtyn%2FuheaSA1wdllwtj6OZaOiftQ%2B2Jxww%2FjamRfd5B0dYERqSCPh%2BBgQhIE2ikzF1CDUTb4u40wxvMl0DTADggaAJKyoBPNsfm92g5ol3ythGfjRvDomnEXBZAh2ZE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 898b3696cef9ac21-YYZ
expires: Sat, 14 Jun 2025 08:05:31 GMT

GET
H2 200 es5-shim.js Show response
service-cas.hrblockonline.ca/cas/webjars/es5-shim/4.5.9/ 83 KB
83 KB 420ms
413ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/webjars/es5-shim/4.5.9/es5-shim.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

baa149cfca28ea70ccc424d5e526768f8177d7c2153ad2b6c0dd76693b66794a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 84557
x-xss-protection: 1; mode=block

GET
H2 200 css-vars-ponyfill.min.js Show response
service-cas.hrblockonline.ca/cas/webjars/css-vars-ponyfill/2.3.1/dist/ 22 KB
22 KB 421ms
414ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/webjars/css-vars-ponyfill/2.3.1/dist/css-vars-ponyfill.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 22494
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
service-cas.hrblockonline.ca/cas/webjars/jquery/3.5.1/ 87 KB
88 KB 421ms
416ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/webjars/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 89476
x-xss-protection: 1; mode=block

GET
H2 200 material-components-web.js Show response
service-cas.hrblockonline.ca/cas/webjars/material-components-web/4.0.0/dist/ 929 KB
930 KB 421ms
415ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/webjars/material-components-web/4.0.0/dist/material-components-web.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

eb2d589aec5c4ca7d4589d2a4ff620648dced60870bfedbe15d104fa2abe15c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 951419
x-xss-protection: 1; mode=block

GET
H2 200 cas.js Show response
service-cas.hrblockonline.ca/cas/js/ 3 KB
3 KB 416ms
411ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/js/cas.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

58b863a4c10da17158c40c29f542890d3b51542fd3d9172a74ef75c53a030258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 2981
x-xss-protection: 1; mode=block

GET
H2 200 language-switcher.js Show response
service-cas.hrblockonline.ca/cas/js/ 862 B
1 KB 416ms
411ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/js/language-switcher.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

e14bda4aa379c1a777ca28e1038247e8650ebea9f5a3a58e85a566722cc53079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 862
x-xss-protection: 1; mode=block

GET
H2 200 hrb-login.js Show response
service-cas.hrblockonline.ca/cas/js/ 5 KB
5 KB 331ms
327ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/js/hrb-login.js?v=3378

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

5badf1cacc03613709c99237432c1fba689c5ed3a2189a95e57523917c840697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 5191
x-xss-protection: 1; mode=block

GET
H2 200 hrb-gtm.js Show response
service-cas.hrblockonline.ca/cas/js/ 1 KB
1 KB 415ms
410ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/js/hrb-gtm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1ebb5f23935ba97d6452d8dd3a5b1c0de72fa09c76ea1be7a6b106f189844d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 1178
x-xss-protection: 1; mode=block

GET
H2 200 js.cookie.min.js Show response
service-cas.hrblockonline.ca/cas/js/ 2 KB
2 KB 333ms
329ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/js/js.cookie.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 1685
x-xss-protection: 1; mode=block

GET
H2 200 heap.js Show response
service-cas.hrblockonline.ca/cas/js/ 621 B
926 B 418ms
415ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/js/heap.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

bc5aa56daca3e7d743828c64d97907d99fd6640053b5c0c6f408e3d0f46bca03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 621
x-xss-protection: 1; mode=block

GET
H2 200 heap-init.js Show response
service-cas.hrblockonline.ca/cas/js/ 149 B
454 B 331ms
328ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/js/heap-init.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

5fc21462803f9d1a092c18bd1033a79bf7c103a1b2b1523fa751555fa8ac7dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 149
x-xss-protection: 1; mode=block

GET
H2 200 heap-service.js Show response
service-cas.hrblockonline.ca/cas/js/ 2 KB
2 KB 415ms
412ms Script
application/javascript 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas.hrblockonline.ca/cas/js/heap-service.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

ad68b6241297a314650de9e3173f2f370752f87e0b18daac25ca359f8f907f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 2232
x-xss-protection: 1; mode=block

GET
H2 200 hrb_logo.svg
service-cas.hrblockonline.ca/cas/images/ 3 KB
3 KB 413ms
410ms Image
image/svg+xml 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service-cas.hrblockonline.ca/cas/images/hrb_logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1d663e50db6646c8a64a087ba0b804ddcdee8e8b15ff2a3623cb9014b77ae74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/svg+xml;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 2870
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 hrb_logo.svg
service-cas.hrblockonline.ca/cas/images/ 3 KB
3 KB 96ms
96ms Image
image/svg+xml 20.99.133.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service-cas.hrblockonline.ca/cas/images/hrb_logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.133.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1d663e50db6646c8a64a087ba0b804ddcdee8e8b15ff2a3623cb9014b77ae74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 15:39:32 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/svg+xml;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 2870
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2
fonts.gstatic.com/s/notosans/v36/ 13 KB
14 KB 3250ms
96ms Font
font/woff2 209.85.144.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.94 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f94.1e100.net

Software

sffe /

Resource Hash

4c0aea6139bcfbb5d8295db45717b7dab4b1ea854564068c5cac0c2cefc679fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://service-cas.hrblockonline.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 19:11:16 GMT
x-content-type-options: nosniff
age: 392059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:28:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 19:11:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 353 KB
0 0ms
0ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4a701b07a3a69befd5a31a92d9e46c065d460d86390ff81590272ecb06966990

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jun 2024 08:05:29 GMT

GET
H2 200 ns.html
www.googletagmanager.com/ Frame 69A8 0
0 74ms
72ms Document
text/html 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T

Requested by

Host: service-cas.hrblockonline.ca
URL: https://service-cas.hrblockonline.ca/cas/js/hrb-gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://service-cas.hrblockonline.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 333
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 08:05:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 heap-3605585590.js Show response
cdn.heapanalytics.com/js/ 151 KB
0 1ms
1ms Script
application/javascript 3.162.3.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-3605585590.js
Requested by: Host: service-cas.hrblockonline.ca
URL: https://service-cas.hrblockonline.ca/cas/js/heap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-56.yul62.r.cloudfront.net
Software: nginx / Express
Resource Hash: cea4f9280bb7df35ec994aeef23d2c25010f3814a06830103f13717ea1b3a1e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:08 GMT
content-encoding: br
via: 1.1 302bce0287d24df9c94be17a5fd67262.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: YUL62-P2
age: 21
x-powered-by: Express
etag: W/"25a75-hTpZvu0IZzNbxBcj8bPnAp89cVY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CoGjvSNarUpDKZyxYmojG8Yg64LSw2xqU8cMz-YT_jZlfLWhqzF-0Q==

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 53ms
53ms Image
image/gif 34.196.224.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3605585590&u=8719715935898286&v=2774540148068648&s=2918170362085285&b=web&tv=4.0&z=2&h=%2Fcas%2Flogin&q=%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&d=service-cas.hrblockonline.ca&t=Sign%20In%20-%20H%26R%20Block%20Canada&r=https%3A%2F%2F2021.hrblockonline.ca%2F&ts=1719216331846&sp=ts&sp=1719216329772&sp=d&sp=2021.hrblockonline.ca&sp=h&sp=%2F&sp=g&sp=%23%2Fportal-landing-page&ubv=126.0.6478.114&upv=10.0.0&sch=1200&scw=1600&st=1719216331846

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.224.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-224-217.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
0 0ms
0ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7HPQ8HPXND&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

1f777d6f1fc9e27d09f62bf28c7e6f40e5af49f707d2f6042100162aee5d305e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jun 2024 08:05:30 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
0 1ms
1ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1032405859&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4142b9fba9f2f436f19129062207aa1a6ff040bfb74e3bccac538d751a9e92bf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83799
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jun 2024 08:05:30 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
0 2ms
2ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10488595&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4b8d4ebe18e545558d9516a1ee27349603222b3456c387ce9136144efdfa4bbb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jun 2024 08:05:30 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
0 2ms
2ms Script
application/javascript 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 scevent.min.js Show response
sc-static.net/ 47 KB
0 3ms
3ms Script
application/javascript 54.230.48.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-245.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: 49b343928b1ecfd853bbabd42279e84443b766a99c97888e3cd1441944381023

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:30 GMT
content-encoding: gzip
via: 1.1 47373525d370c4b58e8b2be88c66f646.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 20523
x-amz-cf-id: FudT9QAITmeWNLptkJgEslk16mD4LmbyaR6WkL8pbjDv4OTJ6qonHg==

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 18 KB
0 4ms
4ms Script
application/javascript 23.55.205.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-205-47.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 08:05:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:45:19 GMT
Server: AmazonS3
x-amz-request-id: YBWH3MB4BQF8Q9KN
ETag: "7571f2b08378e73bce1d28a5908d2cd5"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=467
Accept-Ranges: bytes
Content-Length: 5930
x-amz-id-2: AmiL1mMPtHRD6mKz6VGFF1lXqvldXaq1oTjnmkIDbhcXZHv4etgZ2EBG9B+YCYxLyp2uvs8rRX1SqaK/2AHpkg==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
0 4ms
4ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2AB296441B9749D094288CC4102C772C Ref B: YTO01EDGE0515 Ref C: 2024-06-24T08:05:30Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 246ms
81ms Script
application/x-javascript 157.240.244.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-mty2.fbcdn.net

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jun 2024 08:05:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=48, rtx=0, c=12, mss=1380, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: TyMjf+aLBcKswd7r2Z69qmCgviy7Is5WfO5gaVhFK47P9D+3zXFrrXBp9vmrNfkvIp7IGLUr2FY3tGnmDCpIrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 5472ms
101ms Script
application/javascript 23.212.250.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFSENKBC77U92D2F3RU0&lib=ttq
Requested by: Host: 2021.hrblockonline.ca
URL: https://2021.hrblockonline.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2c86ebc6f7311dda39d387febb2bd7b5e964ff98db93029476d67658a8be4a29

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 39f3652c
date: Mon, 24 Jun 2024 08:05:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24062408053787388A795887094E2F1B-49611896258EDBEC-00
x-cache: TCP_MISS from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=7
content-length: 1509
pragma: no-cache
server: nginx
x-tt-logid: 2024062408053787388A795887094E2F1B
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.106.9
x-tt-trace-host: 0133e32083078a02b63042477aa5216896746baa83634f5541cc8ce8cc58af91fd73e4d04823a57830e70edca89109bb862656eb4102bfeac228a6c7a84becb1d6c71703f85ba7f317f060688c586cd772db14a3edafba812b62f73fd1a279628a
expires: Mon, 24 Jun 2024 08:05:37 GMT

GET insight.min.js
snap.licdn.com/li.lms-analytics/ 0
0

GET
H2 200 23484640733.js Show response
cdn.optimizely.com/js/ 217 KB
66 KB 7339ms
181ms Script
text/javascript 23.220.128.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/23484640733.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-152.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

b0c0a95d751f6d1ad6fe4f97ea87ecaa7bc2fb3e476588b3f82df149a5463464

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: bBf3c0WKhajLkeT.vIbjp9AzeOmst5Si
content-encoding: gzip
date: Mon, 24 Jun 2024 08:05:39 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: W9V5E405A9YAPN4P
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 62
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=104, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="35";dur=0,cdnip;desc="23.220.128.152";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1719216338975_400219913_382262340_10325_2074_35_78_146";dur=1
content-length: 67062
x-amz-id-2: q3AKuJUQaKCt1QvBy36czuukX8BnTqC0I+RdYR3LyVD28S1C4MRN0NzpSWSA1hPhFh2LldIxycw=
last-modified: Mon, 20 May 2024 09:08:20 GMT
server: AmazonS3
etag: "33341108765f765d7c07e2175f38b3c9"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/a2_dzwbj2z1udnq/ 3 B
87 B 34ms
33ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/a2_dzwbj2z1udnq/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:31 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 a2_dzwbj2z1udnq_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 5608ms
69ms XHR
application/json 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_dzwbj2z1udnq_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:37 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 1124ms
33ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1719216331922&id=a2_dzwbj2z1udnq&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e31e9ce6-448b-430e-a211-cf0bd1f85937&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: service-cas.hrblockonline.ca
URL: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:33 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 204 5257317.js Show response
bat.bing.com/p/action/ 0
0 0ms
0ms Script
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5257317.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:29 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E8541D3F430486083485CCCCEF9AFC9 Ref B: YTO01EDGE0515 Ref C: 2024-06-24T08:05:30Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
121 B 71ms
70ms Image
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5257317&Ver=2&mid=89058c86-fd93-4d74-8f77-22986569bd5c&sid=86413570320011ef9c3d631cbb188527&vid=86416a60320011ef9097b9cdc299b6b2&vids=0&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Sign%20In%20-%20H%26R%20Block%20Canada&p=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&r=https%3A%2F%2F2021.hrblockonline.ca%2F&lt=1812&evt=pageLoad&sv=1&rn=389050

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jun 2024 08:05:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6412D9397C3441158E624B38140A16B8 Ref B: YTO01EDGE0515 Ref C: 2024-06-24T08:05:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CLjDnPbj84YDFYXg_QUdM8cGrQ;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0....
10488595.fls.doubleclick.net/ Frame 37CD
Redirect Chain

https://10488595.fls.doubleclick.net/activityi;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8...
https://10488595.fls.doubleclick.net/activityi;dc_pre=CLjDnPbj84YDFYXg_QUdM8cGrQ;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x8...

0
0

127ms
126ms

Document
text/html

172.217.222.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10488595.fls.doubleclick.net/activityi;dc_pre=CLjDnPbj84YDFYXg_QUdM8cGrQ;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10488595&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://service-cas.hrblockonline.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 541
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 08:05:32 GMT
expires: Mon, 24 Jun 2024 08:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 08:05:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10488595.fls.doubleclick.net/activityi;dc_pre=CLjDnPbj84YDFYXg_QUdM8cGrQ;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromiu...
ad.doubleclick.net/ 0
23 B 122ms
122ms Image
image/png 173.194.204.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10488595;type=retar0;cat=fl-re00;ord=245879788558;npa=0;auiddc=1220745524.1719216330;ps=1;pcor=1872714463;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0z876212757za201zb76212757;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:32 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"1539949769797489965"}],"aggregatable_trigger_data":[{"filters":[{"14":["10769964"]}],"key_piece":"0x8ebcf594e4f301b1","source_keys":["12","13","14","15","16","17","18","19","20","21","16269836","16269837","16269838","16269839","16271796","16271797","16271798","16271799","628672124","628672125","628672126","628672127","628755648","628755649","628755650","628755651","628831428","628831429","628831430","628831431","628849276","628849277","628849278","628849279","628881248","628881249","628881250","628881251","628911392","628911393","628911394","628911395","634954628","634954629","634954630","634954631","634964472","634964473","634964474","634964475"]},{"key_piece":"0xedcce3186d56a4be","not_filters":{"14":["10769964"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16269836","16269837","16269838","16269839","16271796","16271797","16271798","16271799","628672124","628672125","628672126","628672127","628755648","628755649","628755650","628755651","628831428","628831429","628831430","628831431","628849276","628849277","628849278","628849279","628881248","628881249","628881250","628881251","628911392","628911393","628911394","628911395","634954628","634954629","634954630","634954631","634964472","634964473","634964474","634964475"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16269836":65,"16269837":65,"16269838":65,"16269839":6356,"16271796":43,"16271797":43,"16271798":43,"16271799":4237,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628672124":32,"628672125":32,"628672126":32,"628672127":3177,"628755648":32,"628755649":32,"628755650":32,"628755651":3177,"628831428":34,"628831429":34,"628831430":34,"628831431":3345,"628849276":36,"628849277":36,"628849278":36,"628849279":3530,"628881248":32,"628881249":32,"628881250":32,"628881251":3177,"628911392":32,"628911393":32,"628911394":32,"628911395":3177,"634954628":93,"634954629":93,"634954630":93,"634954631":9081,"634964472":34,"634964473":34,"634964474":34,"634964475":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"10925354946496776066","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"1539949769797489965","filters":[{"14":["10769964"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"1539949769797489965","filters":[{"14":["10769964"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"1539949769797489965","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"1539949769797489965","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10488595"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/ 4 KB
2 KB 76ms
76ms Script
text/javascript 172.217.197.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/?random=1719216331954&cv=11&fst=1719216331954&bg=ffffff&guid=ON&async=1&gtm=45be46j0z876212757za201zb76212757&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&ref=https%3A%2F%2F2021.hrblockonline.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20-%20H%26R%20Block%20Canada&npa=0&pscdl=noapi&auid=1220745524.1719216330&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1032405859&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f156.1e100.net

Software

cafe /

Resource Hash

2563391d7e70de12c2c70df4d83f029617f44d4f0b93c3eab0af7bf84946789f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1596
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 139 B
592 B 63ms
63ms Fetch
application/json 23.55.205.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&buyer_pixel_id=11112
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-205-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c7850d0ec753dc64428ea8fa73f5abcace5c8530200918fe7bfc0747c7c3396f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 24 Jun 2024 08:05:31 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://service-cas.hrblockonline.ca
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 139
Expires: Mon, 24 Jun 2024 08:05:31 GMT

GET
H2 200 9249d0a3-083c-43d7-a9ba-6fd9dec814fd.js Show response
tr.snapchat.com/config/ca/ 184 B
276 B 124ms
123ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/ca/9249d0a3-083c-43d7-a9ba-6fd9dec814fd.js?v=3.19.2-2406181858

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

28d8625978d2a7346011c157a338b1f4e12cb846b5ddffc55bc48af79373bb58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Origin: https://service-cas.hrblockonline.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://service-cas.hrblockonline.ca
x-envoy-upstream-service-time: 40
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184

GET
H2 200 i
tr.snapchat.com/cm/ Frame 50F9 0
0 85ms
85ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=9249d0a3-083c-43d7-a9ba-6fd9dec814fd&u_scsid=06769bde-e7bb-4ece-bf21-f873cc9a5775&u_sclid=afe4fe39-33e7-424e-bf4c-1cc558557006

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://service-cas.hrblockonline.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Mon, 24 Jun 2024 08:05:32 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
309 B 86ms
85ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=9249d0a3-083c-43d7-a9ba-6fd9dec814fd&ev=PAGE_VIEW&intg=gtm&pids=9249d0a3-083c-43d7-a9ba-6fd9dec814fd&u_c1=fe585bc1-207b-4065-9a7f-21b070a2f4eb&u_sclid=afe4fe39-33e7-424e-bf4c-1cc558557006&u_scsid=06769bde-e7bb-4ece-bf21-f873cc9a5775&bg=false&bt=1d53c387&d_a=x86&d_bvs=%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.114%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.114%22%7D%5D&d_os=10.0.0&d_ot=Win32&df=true&huah=true&m_dcl=1811&m_fcps=1823&m_pi=1811&m_pl=0&m_pv=2&m_rd=1966&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&rf=https%3A%2F%2F2021.hrblockonline.ca%2F&trackId=4e5673d6-0c01-4483-af57-52e32c5c1f64&ts=1719216331970&v=3.19.2-2406181858

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 track
t.teads.tv/ 23 B
0 7045ms
91ms Fetch
image/gif 23.220.129.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=11112&referer=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&user_session_id=46345b63-883a-4f11-8792-3e2bde110651
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.129.51 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-129-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:05:39 GMT
observe-browsing-topics: ?1
content-type: image/gif
access-control-allow-origin: https://service-cas.hrblockonline.ca
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
134 B 7054ms
100ms Image
image/gif 23.220.129.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=11112&referer=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&user_session_id=46345b63-883a-4f11-8792-3e2bde110651
Requested by: Host: service-cas.hrblockonline.ca
URL: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.129.51 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-129-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 24 Jun 2024 08:05:39 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
529 B 61ms
60ms Image
text/plain 23.55.205.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=pageView&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=11112&referer=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&user_session_id=46345b63-883a-4f11-8792-3e2bde110651
Requested by: Host: service-cas.hrblockonline.ca
URL: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-205-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1719216332","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Mon, 24 Jun 2024 08:05:32 GMT
Observe-Browsing-Topics: ?1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Mon, 24 Jun 2024 08:05:32 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1032405859/ 42 B
64 B 72ms
72ms Image
image/gif 209.85.144.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1032405859/?random=1719216331954&cv=11&fst=1719216000000&bg=ffffff&guid=ON&async=1&gtm=45be46j0z876212757za201zb76212757&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&ref=https%3A%2F%2F2021.hrblockonline.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20-%20H%26R%20Block%20Canada&npa=0&pscdl=noapi&auid=1220745524.1719216330&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLvu2gnMnTtab9UowwR37cBb28GFJrvXW36svskuGie7dKB2CX&random=4096269257&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.104 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1032405859/ 42 B
64 B 74ms
74ms Image
image/gif 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1032405859/?random=1719216331954&cv=11&fst=1719216000000&bg=ffffff&guid=ON&async=1&gtm=45be46j0z876212757za201zb76212757&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&ref=https%3A%2F%2F2021.hrblockonline.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20-%20H%26R%20Block%20Canada&npa=0&pscdl=noapi&auid=1220745524.1719216330&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLvu2gnMnTtab9UowwR37cBb28GFJrvXW36svskuGie7dKB2CX&random=4096269257&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p
tr6.snapchat.com/ 0
14 B 88ms
86ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Jun 2024 08:05:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 573975276708792 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 204ms
202ms Script
application/x-javascript 157.240.244.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/573975276708792?v=2.9.158&r=stable&domain=service-cas.hrblockonline.ca&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-mty2.fbcdn.net

Software

Resource Hash

4893712368df4577194dfd0ccfdcfa9993b94f208998e0b23d97d6ae27da54bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jun 2024 08:05:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=62, mss=1380, tbw=63520, tp=-1, tpl=-1, uplat=121, ullat=0
pragma: public
x-fb-debug: jA58+Km2KvDn7pG/ZRhPDjeAPN7lrN2paN3FDz9NzWBS8s8LbZXL6eqzfBRm8WKe/fJVA1sa0HOPY2+e3n1xgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 p
tr.snapchat.com/ 0
107 B 95ms
95ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Jun 2024 08:05:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://service-cas.hrblockonline.ca
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 233ms
76ms Image
text/plain 157.240.244.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=573975276708792&ev=PageView&dl=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&rl=https%3A%2F%2F2021.hrblockonline.ca%2F&if=false&ts=1719216332466&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719216332465.423115651447013270&ler=other&cdl=API_unavailable&it=1719216332243&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-mty2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1380, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jun 2024 08:05:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 381ms
225ms Image
image/png 157.240.244.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=573975276708792&ev=PageView&dl=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&rl=https%3A%2F%2F2021.hrblockonline.ca%2F&if=false&ts=1719216332466&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719216332465.423115651447013270&ler=other&cdl=API_unavailable&it=1719216332243&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-mty2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xedc77fec64e14b9a","source_keys":["1","2"]},{"key_piece":"0x3db66db9ad0e88a5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 24 Jun 2024 08:05:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383977922667855178", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=12, mss=1380, tbw=3108, tp=-1, tpl=-1, uplat=146, ullat=0
pragma: no-cache
x-fb-debug: Er5tX72/MupTWRkTl5V+yT+tVZ7BuUGaIjxhvhVUzKueWMXlfldnlGGz/SPIDy5cffjGX7PttD8VD1/KErA2Pw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383977922667855178"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383977922667855178"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 56ms
55ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7HPQ8HPXND&gtm=45je46j0v870954087z876212757za200zb76212757&_p=1719216331827&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=537344387.1719216330&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719216330&sct=1&seg=1&dl=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&dr=https%3A%2F%2F2021.hrblockonline.ca%2F&dt=Sign%20In%20-%20H%26R%20Block%20Canada&en=page_view&_et=2&tfd=6940&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7HPQ8HPXND&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:05:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://service-cas.hrblockonline.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTU0NDc1MDUxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 339 KB
97 KB 63ms
63ms Script
application/javascript 23.212.250.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFSENKBC77U92D2F3RU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 39f36592
date: Mon, 24 Jun 2024 08:05:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024062015141908878BE8A8E5E189805A
x-tt-trace-id: 00-24062015141908878BE8A8E5E189805A-3744E538D886D7C4-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d35f15c478b151bd9b39d04d7438067f0e37a280d342bdb2e23f48cbada7082409e36697199cda46a2484d8e32cdbc10d4ba0d847a952107e0616ce7068213ea9538d662d9e16b00b5298a848192db7c6c200c95307cb9f19ac24d6346fb5924
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 98794

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 64ms
64ms Script
application/javascript 23.212.250.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 39f36634
date: Mon, 24 Jun 2024 08:05:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405231407264BFE357AF1C25747C86C
x-tt-trace-id: 00-2405231407264BFE357AF1C25747C86C-41219593AD259424-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01aac443b79ae7a679dddac2774377a1af7f5ce9e1d68079f902e87718b16f60bc32d9d1b4602d7e7e2fb0e0ba7e1b32059e01d4f2f890112395263258fc329a89b4382e21f7239613f80475224fd9086ff94ce842218fb1d29512134b26825ebd
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 39605

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
705 B 298ms
298ms Ping
text/plain 23.212.250.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 39f36649
date: Mon, 24 Jun 2024 08:05:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406240805371CD3FCB671A4384B995F-4ACBB6A904CD3613-00
x-cache: TCP_MISS from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=226, cdn-cache; desc=MISS, edge; dur=8, origin; dur=229
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406240805371CD3FCB671A4384B995F
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 229,23.220.106.9
x-tt-trace-host: 0133e32083078a02b63042477aa5216896746baa83634f5541cc8ce8cc58af91fd966e1a77462d29be6f4057ca3d4a1852250f88b7106205e301f907843d867d154f2b591f23686561f5336b3b6a2efb3b35c787a251a677748c8726313070b9b5
access-control-allow-headers: Authorization,*
expires: Mon, 24 Jun 2024 08:05:37 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
699 B 98ms
97ms Ping
text/plain 23.212.250.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 39f36726
date: Mon, 24 Jun 2024 08:05:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240624080537A8D7A685079D64459D46-39EEEC5D0D818159-00
x-cache: TCP_MISS from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=8, origin; dur=24
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240624080537A8D7A685079D64459D46
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.220.106.9
x-tt-trace-host: 0133e32083078a02b63042477aa5216896746baa83634f5541cc8ce8cc58af91fda099bf507384196fd9895c7b0f79c6cd8b1649876faa09686b907fb70e4201c01d363d0b62b404c14e53c141c7c93f59565a366093ad4b561221fc1741d944f4
access-control-allow-headers: Authorization,*
expires: Mon, 24 Jun 2024 08:05:37 GMT

GET a8214761424.html
a8214761424.cdn.optimizely.com/client_storage/ Frame 78CB 0
0

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
395 B 139ms
68ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Jun 2024 08:05:40 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://service-cas.hrblockonline.ca
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 0320eecf-1693-491d-b658-470158713714

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
535 B 70ms
69ms Image
text/plain 23.55.205.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=timeSpent10&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=11112&referer=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient&user_session_id=46345b63-883a-4f11-8792-3e2bde110651
Requested by: Host: service-cas.hrblockonline.ca
URL: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-205-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://service-cas.hrblockonline.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"7","priority":"0","deduplication_key":"3438432682","filters":[{"trigger_data_label":["timespent10"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Mon, 24 Jun 2024 08:05:41 GMT
Observe-Browsing-Topics: ?1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Mon, 24 Jun 2024 08:05:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apps2.ams-sga.cra-arc.gc.ca
URL: https://apps2.ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/cra.js

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFSENKBC77U92D2F3RU0&lib=ttq

Domain: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Domain: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/23484640733.js

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-7HPQ8HPXND&gtm=45je46j0v870954087z876212757za200zb76212757&_p=1719216329707&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=537344387.1719216330&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719216330&sct=1&seg=0&dl=https%3A%2F%2F2021.hrblockonline.ca%2F&dt=H%26R%20Block%20Canada%202021&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2219&_z=fetch

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7HPQ8HPXND&cid=537344387.1719216330&gtm=45je46j0v870954087z876212757za200zb76212757&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0

Domain: pixel-config.reddit.com
URL: https://pixel-config.reddit.com/pixels/a2_dzwbj2z1udnq/config

Domain: www.redditstatic.com
URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_dzwbj2z1udnq_telemetry

Domain: alb.reddit.com
URL: https://alb.reddit.com/rp.gif?ts=1719216330240&id=a2_dzwbj2z1udnq&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e31e9ce6-448b-430e-a211-cf0bd1f85937&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=9249d0a3-083c-43d7-a9ba-6fd9dec814fd&u_scsid=a720274c-5eee-403e-b882-c49ecb72fb94&u_sclid=9522960c-1230-4526-9964-7c02c8d9e1b9

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/p?pid=9249d0a3-083c-43d7-a9ba-6fd9dec814fd&ev=PAGE_VIEW&intg=gtm&pids=9249d0a3-083c-43d7-a9ba-6fd9dec814fd&u_c1=fe585bc1-207b-4065-9a7f-21b070a2f4eb&u_sclid=9522960c-1230-4526-9964-7c02c8d9e1b9&u_scsid=a720274c-5eee-403e-b882-c49ecb72fb94&bg=false&bt=1d53c387&d_a=x86&d_bvs=%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.114%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.114%22%7D%5D&d_os=10.0.0&d_ot=Win32&df=true&huah=true&m_dcl=1782&m_fcps=1795&m_pi=1579&m_pl=0&m_pv=2&m_rd=2372&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2F2021.hrblockonline.ca%2F%23%2Fportal-landing-page&trackId=a4a3a2d2-af2d-4f2e-9221-2bedc8c42b06&ts=1719216330339&v=3.19.2-2406181858

Domain: t.teads.tv
URL: https://t.teads.tv/track?action=browser-topics&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=11112&referer=https%3A%2F%2F2021.hrblockonline.ca%2F%23%2Fportal-landing-page&user_session_id=46345b63-883a-4f11-8792-3e2bde110651

Domain: t.teads.tv
URL: https://t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=11112&referer=https%3A%2F%2F2021.hrblockonline.ca%2F%23%2Fportal-landing-page&user_session_id=46345b63-883a-4f11-8792-3e2bde110651

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-7HPQ8HPXND&gtm=45je46j0v870954087za200zb76212757&_p=1719216329707&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=537344387.1719216330&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1719216330&sct=1&seg=0&dl=https%3A%2F%2F2021.hrblockonline.ca%2F&dt=H%26R%20Block%20Canada%202021&en=user_engagement&_et=1079&tfd=3303&_z=fetch

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=5257317&Ver=2&mid=efbddce4-f1fc-424b-9991-a9176bc25f35&sid=86413570320011ef9c3d631cbb188527&vid=86416a60320011ef9097b9cdc299b6b2&vids=1&msclkid=N&evt=pageHide

Domain: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Domain: a8214761424.cdn.optimizely.com
URL: https://a8214761424.cdn.optimizely.com/client_storage/a8214761424.html

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 21:35:02	Name: X-AB Value: 6ebb24332aa9400f8a329ba49f8e267c
service-cas.hrblockonline.ca/cas/	1969-12-31 23:59:59	Name: SESSION Value: OTRmN2E3MmMtZDAwMi00NDU5LTliMTItZjc4ZjkzNTYwNjk4
.hrblockonline.ca/	1969-12-31 23:59:59	Name: IR_gbd Value: hrblockonline.ca
.hrblockonline.ca/	1969-12-31 23:59:59	Name: IR_9098 Value: 1719216329847%7C0%7C1719216329847%7C%7C
.hrblockonline.ca/	1970-01-20 21:33:38	Name: _hp2_ses_props.3605585590 Value: %7B%22ts%22%3A1719216329772%2C%22d%22%3A%222021.hrblockonline.ca%22%2C%22h%22%3A%22%2F%22%2C%22g%22%3A%22%23%2Fportal-landing-page%22%7D
.hrblockonline.ca/	1970-01-20 23:43:12	Name: _gcl_au Value: 1.1.1220745524.1719216330
service-cas.hrblockonline.ca/	1969-12-31 23:59:59	Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: en
.service-cas.hrblockonline.ca/	1969-12-31 23:59:59	Name: pac4jCsrfToken Value: 07bdaa76-69d8-419a-af0a-9b25c7c8929a
.hrblockonline.ca/	1970-01-21 07:09:36	Name: _ga Value: GA1.1.537344387.1719216330
.hrblockonline.ca/	1970-01-21 07:03:23	Name: _scid Value: fe585bc1-207b-4065-9a7f-21b070a2f4eb
.doubleclick.net/	1970-01-21 01:52:48	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 06:55:12	Name: MUID Value: 16E72FA5FBF36D510CA23B0DFA596C15
.bat.bing.com/	1970-01-20 21:43:41	Name: MR Value: 0
.doubleclick.net/	1970-01-20 22:16:48	Name: ar_debug Value: 1
.hrblockonline.ca/	1970-01-20 21:33:38	Name: tfpsi Value: 46345b63-883a-4f11-8792-3e2bde110651
.doubleclick.net/	1970-01-21 07:09:36	Name: IDE Value: AHWqTUmI1SrbFJa92zHsSVwMj-YF8iNtJUKyH6SSzM3VjtbfHetCk6nipmMtuM6RvrI
cm.teads.tv/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.bing.com/	1970-01-21 06:55:12	Name: MSPTC Value: PyE1YALmu7cVlKhceb40NlmkuUUGpwMKvzX5tph6jYY
service-cas.hrblockonline.ca/	1969-12-31 23:59:59	Name: hrb.cas.returningUser Value: false
.hrblockonline.ca/	1970-01-21 07:01:33	Name: _hp2_id.3605585590 Value: %7B%22userId%22%3A%228719715935898286%22%2C%22pageviewId%22%3A%222774540148068648%22%2C%22sessionId%22%3A%222918170362085285%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.hrblockonline.ca/	1970-01-20 23:43:12	Name: _rdt_uuid Value: 1719216330238.e31e9ce6-448b-430e-a211-cf0bd1f85937
.hrblockonline.ca/	1970-01-21 07:03:23	Name: _scid_r Value: fe585bc1-207b-4065-9a7f-21b070a2f4eb
.hrblockonline.ca/	1970-01-20 21:35:02	Name: _uetsid Value: 86413570320011ef9c3d631cbb188527
.hrblockonline.ca/	1970-01-21 06:55:12	Name: _uetvid Value: 86416a60320011ef9097b9cdc299b6b2
.hrblockonline.ca/	1970-01-21 07:09:36	Name: _ga_7HPQ8HPXND Value: GS1.1.1719216330.1.1.1719216331.59.0.0
.hrblockonline.ca/	1970-01-20 23:43:12	Name: _fbp Value: fb.1.1719216332465.423115651447013270
.snapchat.com/	1970-01-21 06:55:12	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ0AIQgEwIpIWBbZw3I0dmHxfm9eU3uFD6fpiJafZMvrWGR1QUn0vkifEDpQJO+v/gCrtYQVQAAAAA==
.tapad.com/	1970-01-20 23:00:00	Name: TapAd_TS Value: 1719216333428
.tapad.com/	1970-01-20 23:00:00	Name: TapAd_DID Value: eff26eab-c89a-40ba-b558-a92a0c318eb6
.tapad.com/	1970-01-20 23:00:00	Name: TapAd_3WAY_SYNCS Value:
.hrblockonline.ca/	1970-01-21 07:03:23	Name: _sctr Value: 1%7C1719212400000
.tiktok.com/	1970-01-21 06:55:12	Name: _ttp Value: 2iJl0V3RzoMDaisC6Vo3Y7k48jH
.hrblockonline.ca/	1970-01-21 06:55:12	Name: _tt_enable_cookie Value: 1
.hrblockonline.ca/	1970-01-21 06:55:12	Name: _ttp Value: 3QoGtirKx2wAB_YAMAbV6RY6cny
.hrblockonline.ca/	1970-01-21 01:52:48	Name: optimizelyEndUserId Value: oeu1719216339336r0.4327126886737065

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153600; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10488595.fls.doubleclick.net
2021.hrblockonline.ca
a8214761424.cdn.optimizely.com
ad.doubleclick.net
alb.reddit.com
analytics.google.com
analytics.tiktok.com
apps2.ams-sga.cra-arc.gc.ca
bat.bing.com
cdn.heapanalytics.com
cdn.optimizely.com
cdnjs.cloudflare.com
cm.teads.tv
connect.facebook.net
d.impactradius-event.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heapanalytics.com
logx.optimizely.com
p.teads.tv
pixel-config.reddit.com
sc-static.net
service-cas.hrblockonline.ca
snap.licdn.com
stats.g.doubleclick.net
t.teads.tv
tr.snapchat.com
tr6.snapchat.com
unpkg.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
a8214761424.cdn.optimizely.com
alb.reddit.com
analytics.google.com
analytics.tiktok.com
apps2.ams-sga.cra-arc.gc.ca
bat.bing.com
cdn.optimizely.com
connect.facebook.net
pixel-config.reddit.com
snap.licdn.com
stats.g.doubleclick.net
t.teads.tv
tr.snapchat.com
www.redditstatic.com
104.17.245.203
104.17.25.14
13.107.21.237
142.251.174.97
151.101.129.140
151.101.193.140
157.240.244.1
157.240.244.35
172.217.197.156
172.217.222.148
173.194.204.148
173.194.66.95
173.194.68.94
20.99.133.72
209.85.144.104
209.85.144.94
209.85.201.94
216.239.38.181
23.212.250.9
23.220.128.152
23.220.129.51
23.55.205.47
3.162.3.56
34.196.224.217
34.49.241.189
35.186.249.72
35.190.43.134
54.230.48.245
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
112ebd1f3f6a42c2574d558d8d8c8455679acd20e7a4cdc686b8dbf8a1217cd0
1d663e50db6646c8a64a087ba0b804ddcdee8e8b15ff2a3623cb9014b77ae74a
1ebb5f23935ba97d6452d8dd3a5b1c0de72fa09c76ea1be7a6b106f189844d0b
1f777d6f1fc9e27d09f62bf28c7e6f40e5af49f707d2f6042100162aee5d305e
1ff8d34ed8c7d30550864936a761d7ce500712956d63becbe7484401d188cad4
240f8e3b479fa713729a3cd288807fa8dbe6b8e4f4d96d2b4a03861fa6b0d18c
2563391d7e70de12c2c70df4d83f029617f44d4f0b93c3eab0af7bf84946789f
2670ab6235d643c1b8c31504677a38226fcc526e89222081efe80b723a3a83b3
28d8625978d2a7346011c157a338b1f4e12cb846b5ddffc55bc48af79373bb58
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c86ebc6f7311dda39d387febb2bd7b5e964ff98db93029476d67658a8be4a29
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
39c631d4f22cfa0c1fc2ecc1e1951ee45bd519a32ab0eae6d04f5ad3980fca20
4142b9fba9f2f436f19129062207aa1a6ff040bfb74e3bccac538d751a9e92bf
42d304e989993e7006513cfd263ab40607f025bcad8367f2d8d09108dcc28cdc
446648569798c1658baab6f2cbc2d32d1e6c6f4cd81703ff8412048205ead82d
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2
4893712368df4577194dfd0ccfdcfa9993b94f208998e0b23d97d6ae27da54bc
49b343928b1ecfd853bbabd42279e84443b766a99c97888e3cd1441944381023
4a701b07a3a69befd5a31a92d9e46c065d460d86390ff81590272ecb06966990
4b8d4ebe18e545558d9516a1ee27349603222b3456c387ce9136144efdfa4bbb
4c0aea6139bcfbb5d8295db45717b7dab4b1ea854564068c5cac0c2cefc679fd
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
58b863a4c10da17158c40c29f542890d3b51542fd3d9172a74ef75c53a030258
5badf1cacc03613709c99237432c1fba689c5ed3a2189a95e57523917c840697
5d6d9663331261c3447fef941fc4576216a8e4a7cb976983186d980efe22b540
5fc21462803f9d1a092c18bd1033a79bf7c103a1b2b1523fa751555fa8ac7dfc
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
70ace91f3a0f1c8388daed852a861462cdf17215deb8c2218bf5ffc5111b970e
72f095d70b0d69330ac73c3cb4108e9f3afa9bb6828a928d550b1812dbc88ac6
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7db45d5fa6ef1dec7a3b2c130149cb24f5dfa71931fd4cb6e0098cafa00cafc2
7fe7903ce2632538c46cc0b5fdcadbbb8c2ee7434930e5cd851593c5624dd88a
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
93bc415ce79ebb9fc35e1c85fa2c348118ef967470bcbcadcca775aaf2c474c0
94e930950d5878f513802a3a816e57048fff5bedb5143c7cb5fedabc0e5c8d36
95ca1871162b789cd3847ecb496beb5dd599319a579f060337fa62cbb1a30dfd
9984757dffed620a7ba3681c6edeab581d158848c65112dca4094f2ae6bdb4b5
a52fdfc2272d2546054130c02357496510807708be39252b6a6dfcb9b59e2188
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab9fdb993022e9fa0c2e50488d716186aecc5526ee20bbe3f24d0adbd77a1996
ad68b6241297a314650de9e3173f2f370752f87e0b18daac25ca359f8f907f8e
b0c0a95d751f6d1ad6fe4f97ea87ecaa7bc2fb3e476588b3f82df149a5463464
b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8
b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3
b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7
baa149cfca28ea70ccc424d5e526768f8177d7c2153ad2b6c0dd76693b66794a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb3e2f5e170c8e53299996b1edca81852e950160e71e1cf8969acdad9208a2aa
bc5aa56daca3e7d743828c64d97907d99fd6640053b5c0c6f408e3d0f46bca03
c1e279bee114c2272eb9f8ff3308da07e074126423a9ebacd6323f29f6638532
c7850d0ec753dc64428ea8fa73f5abcace5c8530200918fe7bfc0747c7c3396f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cea4f9280bb7df35ec994aeef23d2c25010f3814a06830103f13717ea1b3a1e0
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
e14bda4aa379c1a777ca28e1038247e8650ebea9f5a3a58e85a566722cc53079
e216f49acdbe944b8034d0323ac03cb1562adb6d3cbc767bebe81ea56e1da603
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2d589aec5c4ca7d4589d2a4ff620648dced60870bfedbe15d104fa2abe15c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09141f2f7dea719c73385e5862f7183a90d35bff7d7e3a96ee97f8d97222563
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff1a2c5955c65e646f54259039e3e7bb7b9c82ca165bba641a5de4272739fc0b

service-cas.hrblockonline.ca Open in urlscan Pro 20.99.133.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

87 %HTTPS

0 %IPv6

23 Domains

36 Subdomains

29 IPs

4 Countries

5956 kBTransfer

24529 kBSize

35 Cookies

4 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

service-cas.hrblockonline.ca Open in urlscan Pro
20.99.133.72 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

87 %
HTTPS

0 %
IPv6

23
Domains

36
Subdomains

29
IPs

4
Countries

5956 kB
Transfer

24529 kB
Size

35
Cookies

136 HTTP transactions
0 data transactions