urlscan.io logo urlscan.io
SecurityTrails logo

hrblock.mcxplatform.com.au Open in urlscan Pro
207.189.168.138  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://feedback.hrblock.com.au/
Effective URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Submission: On August 09 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 207.189.168.138, located in Sydney, Australia and belongs to UNITAS, US. The main domain is hrblock.mcxplatform.com.au.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 30th 2023. Valid for: a year.
This is the only time hrblock.mcxplatform.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 19 207.189.168.138 1828 (UNITAS)
1 104.17.243.73 ()
18 2
Domain Requested by
13 hrblock.mcxplatform.com.au hrblock.mcxplatform.com.au
3 static.mcxplatform.com.au hrblock.mcxplatform.com.au
3 feedback.hrblock.com.au 2 redirects
1 hello.myfonts.net static.mcxplatform.com.au
18 4

This site contains no links.

Subject Issuer Validity Valid
feedback.hrblock.com.au
Entrust Certification Authority - L1K		 2023-04-12 -
2024-04-15		 a year crt.sh
mcxplatform.com.au
Entrust Certification Authority - L1K		 2023-06-30 -
2024-07-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-10 -
2024-05-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hrblock.mcxplatform.com.au/common/Login.aspx
Frame ID: 7EFA148E78903F1C06E0A1E8EAD2614C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://feedback.hrblock.com.au/ HTTP 302
    https://feedback.hrblock.com.au/ Page URL
  2. https://feedback.hrblock.com.au/cgi-bin/qsurveyadmin.cgi HTTP 302
    https://hrblock.mcxplatform.com.au/common/Login.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

440 kB
Transfer

1012 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://feedback.hrblock.com.au/ HTTP 302
    https://feedback.hrblock.com.au/ Page URL
  2. https://feedback.hrblock.com.au/cgi-bin/qsurveyadmin.cgi HTTP 302
    https://hrblock.mcxplatform.com.au/common/Login.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://feedback.hrblock.com.au/ HTTP 302
  • https://feedback.hrblock.com.au/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
feedback.hrblock.com.au/
Redirect Chain
  • http://feedback.hrblock.com.au/
  • https://feedback.hrblock.com.au/
149 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feedback.hrblock.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
149
Content-Type
text/html
Date
Wed, 09 Aug 2023 07:42:44 GMT
ETag
"05f782dec90d11:0"
Last-Modified
Thu, 07 Apr 2016 16:40:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Alleg-Server
pau-w03
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://feedback.hrblock.com.au/
Server
BigIP
Primary Request Login.aspx
hrblock.mcxplatform.com.au/common/
Redirect Chain
  • https://feedback.hrblock.com.au/cgi-bin/qsurveyadmin.cgi
  • https://hrblock.mcxplatform.com.au/common/Login.aspx
15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
9ee65cc0028c2fded3458474b838e5e5c045153a4f611977289e709f165b08a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://feedback.hrblock.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Cache-Control
private
Content-Length
14904
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 07:42:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Alleg-Server
pau-w08
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-frame-options
sameorigin

Redirect headers

Content
Content-Length
175
Content-Type
text/html; charset=UTF-8,text/html
Date
Wed, 09 Aug 2023 07:42:44 GMT
Location
https://hrblock.mcxplatform.com.au/common/Login.aspx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Alleg-Server
pau-w06
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
jquery-3.3.1.min.js
hrblock.mcxplatform.com.au/common/scripts/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/common/scripts/jquery-3.3.1.min.js
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
c031f1a6bd51322710062e5384cb15bab2acb1271471fa385f98f0735a50b821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 16:15:22 GMT
ETag
"4dce39646eb6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w08
X-XSS-Protection
1; mode=block
Content-Length
86903
jquery-migrate-1.4.1.min.js
hrblock.mcxplatform.com.au/common/scripts/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/common/scripts/jquery-migrate-1.4.1.min.js
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
ef0968035e387c8b468f4a943a9b5998d159c9e2f1a4994c70aa86bf53a9316d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 16:15:22 GMT
ETag
"d2f439646eb6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w08
X-XSS-Protection
1; mode=block
Content-Length
10057
jquery.loading.min.js
hrblock.mcxplatform.com.au/common/Scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/common/Scripts/jquery.loading.min.js
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
8f1522b9f5b9b667e39871825aaa97dc8b4c30b57b56d15b6cb488fb27d08ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 16:14:41 GMT
ETag
"597f4c4b6eb6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w05
X-XSS-Protection
1; mode=block
Content-Length
6916
myfonts.js
static.mcxplatform.com.au/Shared/ 		250 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mcxplatform.com.au/Shared/myfonts.js
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
6a70a0a7c225c84fb5079f2da72b19318cdaa570692bcdcaf1bcdbda42c532f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 24 Jun 2022 15:18:52 GMT
ETag
"87c01ab6dd87d81:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Alleg-Server
pau-w04
Access-Control-Allow-Headers
Referrer, X-Requested-With, __RequestVerificationToken
X-XSS-Protection
1; mode=block
Content-Length
250
Allegiance.Styles.Universal.css
static.mcxplatform.com.au/Shared/ 		581 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.mcxplatform.com.au/Shared/Allegiance.Styles.Universal.css
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 24 Jun 2022 15:19:07 GMT
ETag
"8bf639bfdd87d81:0"
Content-Type
text/css
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Alleg-Server
pau-w03
Access-Control-Allow-Headers
Referrer, X-Requested-With, __RequestVerificationToken
X-XSS-Protection
1; mode=block
Content-Length
928698
engage8.login.css
static.mcxplatform.com.au/Login/styles/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.mcxplatform.com.au/Login/styles/engage8.login.css
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
3ccf277083adf2f4c765b8a3f1c2f6062f134a85e827aeee592f5aec60b3f2c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 24 Jun 2022 15:18:49 GMT
ETag
"f1f5b5b4dd87d81:0"
Content-Type
text/css
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Alleg-Server
pau-w01
Access-Control-Allow-Headers
Referrer, X-Requested-With, __RequestVerificationToken
X-XSS-Protection
1; mode=block
Content-Length
4245
WebResource.axd
hrblock.mcxplatform.com.au/common/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/common/WebResource.axd?d=zPkbvuEoK_sCkD9TtUU7ZfCgFjtwgBCECmq7y08FNoFJTouIIxD9j7fhvDebp9MLmu3_QwAHBveqF27hcAT53Wr4ppc1&t=637815049746327080
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 09:42:54 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Cache-Control
public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Content-Length
23063
X-XSS-Protection
1; mode=block
X-Alleg-Server
pau-w06
Expires
Mon, 05 Aug 2024 13:52:42 GMT
WebResource.axd
hrblock.mcxplatform.com.au/common/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/common/WebResource.axd?d=j9JgC5sEdCIYuqtUhZS_EzRTkze3VmhOX3YBjlK8aD3BwQQtcfdtoUtScGdVK0VtmjtrToDPctRvRRcwbNeXupvEJ4s1&t=637815049746327080
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 09:42:54 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Cache-Control
public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Content-Length
3005
X-XSS-Protection
1; mode=block
X-Alleg-Server
pau-w08
Expires
Mon, 05 Aug 2024 14:14:03 GMT
loginBannerGenerator.js
hrblock.mcxplatform.com.au/Common/Scripts/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/Common/Scripts/loginBannerGenerator.js
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
1f7dc15166998767f9ec699943b625649884291b14eea0344974005758471a9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 15:18:50 GMT
ETag
"64b5177e66b6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w01
X-XSS-Protection
1; mode=block
Content-Length
4326
jquery-3.3.1.min.js
hrblock.mcxplatform.com.au/Common/Scripts/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/Common/Scripts/jquery-3.3.1.min.js
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
c031f1a6bd51322710062e5384cb15bab2acb1271471fa385f98f0735a50b821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 16:14:40 GMT
ETag
"78eb474b6eb6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w05
X-XSS-Protection
1; mode=block
Content-Length
86903
jquery-migrate-1.4.1.min.js
hrblock.mcxplatform.com.au/Common/Scripts/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hrblock.mcxplatform.com.au/Common/Scripts/jquery-migrate-1.4.1.min.js
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
ef0968035e387c8b468f4a943a9b5998d159c9e2f1a4994c70aa86bf53a9316d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 15:19:06 GMT
ETag
"276b8e8766b6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w04
X-XSS-Protection
1; mode=block
Content-Length
10057
Break_the_Insight_Barrior.png
hrblock.mcxplatform.com.au/Common/Content/images/WhatsNew/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hrblock.mcxplatform.com.au/Common/Content/images/WhatsNew/Break_the_Insight_Barrior.png
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
f5f952f6490400cbf8a3b3de47c01f5aa59ef0e567c72dd1e828f4b8773bdd53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 16:14:39 GMT
ETag
"b0d2974a6eb6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w05
X-XSS-Protection
1; mode=block
Content-Length
48328
Conquer_Data_Mountain.png
hrblock.mcxplatform.com.au/Common/Content/images/WhatsNew/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hrblock.mcxplatform.com.au/Common/Content/images/WhatsNew/Conquer_Data_Mountain.png
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
9d7e64cd0171cfcd98598db665e239e92762682b616e9ca57b6a01789b689295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 16:14:39 GMT
ETag
"c0f9974a6eb6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w05
X-XSS-Protection
1; mode=block
Content-Length
52548
Rev_Up_Your_ROI.png
hrblock.mcxplatform.com.au/Common/Content/images/WhatsNew/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hrblock.mcxplatform.com.au/Common/Content/images/WhatsNew/Rev_Up_Your_ROI.png
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
6ce4540e93aa01908a0c1521928260c4d30fb6b20f1249e75047a668ca90b4aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 16:14:39 GMT
ETag
"e447984a6eb6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w05
X-XSS-Protection
1; mode=block
Content-Length
48484
Value_of_CX.png
hrblock.mcxplatform.com.au/Common/Content/images/WhatsNew/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hrblock.mcxplatform.com.au/Common/Content/images/WhatsNew/Value_of_CX.png
Requested by
Host: hrblock.mcxplatform.com.au
URL: https://hrblock.mcxplatform.com.au/common/Login.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.189.168.138 Sydney, Australia, ASN1828 (UNITAS, US),
Reverse DNS
138-168-189-207.static.unitasglobal.net
Software
/
Resource Hash
d371ed73338c0806625596d09e6cdcff0006178566050f9806ae75211d0b50ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/common/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:42:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 Jul 2023 16:14:39 GMT
ETag
"e447984a6eb6d91:0"
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
https://samplemanagement.mcxplatform.com.au
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
X-Alleg-Server
pau-w05
X-XSS-Protection
1; mode=block
Content-Length
41366
2d41a5
hello.myfonts.net/count/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/2d41a5
Requested by
Host: static.mcxplatform.com.au
URL: https://static.mcxplatform.com.au/Shared/myfonts.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.243.73 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hrblock.mcxplatform.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:42:49 GMT
server
cloudflare
age
1
expect-ct
null
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7f3e5d59cbb632a0-BNE
content-length
0
expires
Thu, 08 Aug 2024 07:42:49 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
hrblock.mcxplatform.com.au/ Name: Alleg_SessionId
Value: 2140242A7D915B8E9186F8567AF34A38F6E750287B88842F33E26A24BE62C841A806CD783C28A941

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block