www.hrblock.com.au Open in urlscan Pro
13.210.165.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hrblock.com.au/
Effective URL:
https://www.hrblock.com.au/
Submission Tags: tranco_l324
Submission: On November 24 via api (November 24th 2021, 3:53:30 am UTC) from DE — Scanned from DE

Summary HTTP 97 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 21 domains to perform 97 HTTP transactions. The main IP is 13.210.165.235, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is www.hrblock.com.au.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 30th 2021. Valid for: a year.

This is the only time www.hrblock.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 29	13.210.165.235 13.210.165.235	16509 (AMAZON-02) (AMAZON-02)
11	52.95.132.98 52.95.132.98	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 11	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2 2	2620:119:50e8... 2620:119:50e8:101::9002:f05	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.196.51.175 18.196.51.175	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.45 143.204.98.45	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
1	54.76.144.107 54.76.144.107	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.50 143.204.98.50	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.57 143.204.98.57	16509 (AMAZON-02) (AMAZON-02)
1	34.255.166.68 34.255.166.68	16509 (AMAZON-02) (AMAZON-02)
97	30

29 13.210.165.235 (Sydney, Australia) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com

hrblock.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hrblock.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.95.132.98 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

pubweb-kentico.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.74.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

8274087.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9035576.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e8:101::9002:f05 (San Francisco, United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.51.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-51-175.eu-central-1.compute.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.144.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-144-107.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-50.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-57.fra50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.166.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	hrblock.com.au 2 redirects hrblock.com.au www.hrblock.com.au	262 KB
12	doubleclick.net 4 redirects 8274087.fls.doubleclick.net stats.g.doubleclick.net 9035576.fls.doubleclick.net	5 KB
11	amazonaws.com pubweb-kentico.s3.ap-southeast-2.amazonaws.com	171 KB
7	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	29 KB
5	yimg.com s.yimg.com	13 KB
5	google.com www.google.com adservice.google.com	2 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	64 KB
4	yahoo.com sp.analytics.yahoo.com	953 B
4	facebook.com www.facebook.com	562 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	adnxs.com 2 redirects secure.adnxs.com	3 KB
3	facebook.net connect.facebook.net	200 KB
3	bing.com bat.bing.com	11 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	googletagmanager.com www.googletagmanager.com	186 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	2 KB
2	google.de 1 redirects www.google.de adservice.google.de	1 KB
1	mediaiqdigital.com pixel.mediaiqdigital.com	500 B
1	reddit.com alb.reddit.com	125 B
1	redditstatic.com www.redditstatic.com	8 KB
1	licdn.com snap.licdn.com	2 KB
97	21

	Domain	Requested by
27	www.hrblock.com.au	www.hrblock.com.au
11	pubweb-kentico.s3.ap-southeast-2.amazonaws.com	www.hrblock.com.au
7	8274087.fls.doubleclick.net	2 redirects www.googletagmanager.com www.hrblock.com.au adservice.google.com
5	s.yimg.com	8274087.fls.doubleclick.net s.yimg.com
4	script.crazyegg.com	www.hrblock.com.au script.crazyegg.com
4	9035576.fls.doubleclick.net	2 redirects 8274087.fls.doubleclick.net
4	adservice.google.com	8274087.fls.doubleclick.net 9035576.fls.doubleclick.net
4	sp.analytics.yahoo.com	8274087.fls.doubleclick.net
4	www.facebook.com	www.hrblock.com.au
3	secure.adnxs.com	2 redirects 8274087.fls.doubleclick.net
3	connect.facebook.net	www.hrblock.com.au connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.hrblock.com.au
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.hrblock.com.au www.googletagmanager.com
2	dev.visualwebsiteoptimizer.com	www.hrblock.com.au
2	px.ads.linkedin.com	2 redirects
2	hrblock.com.au	2 redirects
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.hrblock.com.au
1	adservice.google.de	1 redirects
1	pixel.mediaiqdigital.com	8274087.fls.doubleclick.net
1	www.google.de	www.hrblock.com.au
1	www.google.com	www.hrblock.com.au
1	alb.reddit.com	www.hrblock.com.au
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	www.hrblock.com.au
1	www.linkedin.com	1 redirects
1	www.redditstatic.com	www.hrblock.com.au
1	snap.licdn.com	www.googletagmanager.com
97	34

This site contains links to these domains. Also see Links.

Domain
moneyhub.hrblock.com.au
onlinetax.hrblock.com.au
taxadviser.hrblock.com.au
www.facebook.com
www.youtube.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.hrblock.com.au Entrust Certification Authority - L1K	`2021-04-30` - `2022-05-16`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-02` - `2021-12-01`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://www.hrblock.com.au/
Frame ID: 2BF0A37AA42F339FE5FC413D30997DCF
Requests: 81 HTTP requests in this frame

Frame: https://8274087.fls.doubleclick.net/activityi;dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F
Frame ID: C5F6A0AFB8149F0044B5436D0B65FC1C
Requests: 1 HTTP requests in this frame

Frame: https://8274087.fls.doubleclick.net/activityi;dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F
Frame ID: C0F706AD315C264AFD1810306A8F99A5
Requests: 9 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F
Frame ID: 6968287AE5FB23F31EF5C56CE2DF6238
Requests: 1 HTTP requests in this frame

Frame: https://9035576.fls.doubleclick.net/activityi;dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787
Frame ID: DB6A83C9BF379849F90A0D1CF297C682
Requests: 2 HTTP requests in this frame

Frame: https://8274087.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F
Frame ID: 445705FD7A8B0E8D5D970F8653A56C7D
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: 70A733BE999F6B1580C5112027904F05
Requests: 1 HTTP requests in this frame

Frame: https://9035576.fls.doubleclick.net/activityi;dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158
Frame ID: D9EC0B0ABCE0CE19D58091D4F4E286D8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tax Return & Tax Accountants in Australia | H&R Block Australia

Page URL History Show full URLs

http://hrblock.com.au/ HTTP 301
https://hrblock.com.au/ HTTP 301
https://www.hrblock.com.au/ Page URL

Page Statistics

97
Requests

97 %
HTTPS

50 %
IPv6

21
Domains

34
Subdomains

30
IPs

5
Countries

976 kB
Transfer

2773 kB
Size

37
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://moneyhub.hrblock.com.au/auth/login/login
Title: MoneyHub

Search URL Search Domain Scan URL

URL: https://onlinetax.hrblock.com.au/online-tax-return/?type=login
Title: Online Tax Express

Search URL Search Domain Scan URL

URL: https://taxadviser.hrblock.com.au/
Title: Online Tax Adviser

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hrblockau
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0uvYIvnWhyPJp7I1I7gmcg
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hrblockau
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/h&r-block-australia
Title: Linkedin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hrblock.com.au/ HTTP 301
https://hrblock.com.au/ HTTP 301
https://www.hrblock.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://8274087.fls.doubleclick.net/activityi;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F HTTP 302
https://8274087.fls.doubleclick.net/activityi;dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F

Request Chain 33

https://8274087.fls.doubleclick.net/activityi;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F HTTP 302
https://8274087.fls.doubleclick.net/activityi;dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=75686&time=1637726003981&url=https%3A%2F%2Fwww.hrblock.com.au%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D75686%26time%3D1637726003981%26url%3Dhttps%253A%252F%252Fwww.hrblock.com.au%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=75686&time=1637726003981&url=https%3A%2F%2Fwww.hrblock.com.au%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=75686&time=1637726003981&url=https%3A%2F%2Fwww.hrblock.com.au%2F&liSync=true&e_ipv6=AQKMesrhVDPQHgAAAX1QE6WzIoaGNsWJRCE-gZrKcPYtgLdG7z4CrYRKuI4031ibnLqzVl4I

Request Chain 51

https://secure.adnxs.com/px?id=1053400&seg=15617268&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3Dhttps%3A%2F%2Fwww.hrblock.com.au%2F%26pixel_id%3D1053400%26uid%3D%24%7BUID%7D&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1053400%26seg%3D15617268%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu1%253Dhttps%253A%252F%252Fwww.hrblock.com.au%252F%2526pixel_id%253D1053400%2526uid%253D%2524%257BUID%257D%26t%3D2 HTTP 302
https://pixel.mediaiqdigital.com/pixel?u1=https://www.hrblock.com.au/&pixel_id=1053400&uid=6105425640857435946

Request Chain 55

https://9035576.fls.doubleclick.net/activityi;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787 HTTP 302
https://9035576.fls.doubleclick.net/activityi;dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787

Request Chain 60

https://adservice.google.de/ddm/fls/i/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F HTTP 302
https://8274087.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F

Request Chain 88

https://9035576.fls.doubleclick.net/activityi;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158 HTTP 302
https://9035576.fls.doubleclick.net/activityi;dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158

97 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hrblock.com.au/
Redirect Chain

http://hrblock.com.au/
https://hrblock.com.au/
https://www.hrblock.com.au/

161 KB
29 KB

702ms
588ms

Document
text/html

13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6e680123f341ed25b6ee4d7e7fb0d3a01227fdc7a7d7c9787328f60ef1b7c1fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-type: text/html; charset=utf-8
content-length: 28519
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Redirect headers

date: Wed, 24 Nov 2021 03:53:22 GMT
content-type: text/html; charset=UTF-8
content-length: 150
location: https://www.hrblock.com.au/
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 main.css
www.hrblock.com.au/Content/css/ 106 KB
16 KB 506ms
506ms Stylesheet
text/css 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/css/main.css?v=637729121800000000
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df92bb96d3bcc21da645a2f8513394fdf1837630d5a3e20d412f14b566416ff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
etag: "01ae891cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 15487

GET
H2 200 ConversionLogger.js Show response
www.hrblock.com.au/Kentico.Resource/ABTest/KenticoABTestLogger/en-AU/ 343 B
967 B 507ms
506ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Kentico.Resource/ABTest/KenticoABTestLogger/en-AU/ConversionLogger.js?abtest=Home_en-AU_1
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 023953cdec40199818d363a5ac5ac891a22ed80444f56baf41a4888babbcf522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private
content-length: 357

GET
H2 200 Logger.js Show response
www.hrblock.com.au/Kentico.Resource/Activities/KenticoActivityLogger/ 618 B
1 KB 539ms
537ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Kentico.Resource/Activities/KenticoActivityLogger/Logger.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 147a84418490f7a72d4e1baa8acf5abc67fe1576b24aedd27cb8cb636f81cf39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private
content-length: 492

GET
H/1.1 200
OK phone-icon.svg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/media/general/ 2 KB
2 KB 1405ms
281ms Image
image/svg+xml 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/media/general/phone-icon.svg?ext=.svg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d87bd6bdc8b0cc14308c915f9b651e5abefb6642a2b24f113f006b6bcae68ba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:25 GMT
Last-Modified: Mon, 12 Jul 2021 07:25:54 GMT
Server: AmazonS3
x-amz-request-id: RJMZ07DQVTBT9WFP
ETag: "ff63d9fa2b64fea4631a79b55756f21d"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1721
x-amz-id-2: QE9jujc3jDuH+TomJ/RCExeKNP+LBqJ5rdtlSvlu8dZZIOdgeVg3gjnhyqu9LY64iThuUQ5vG88=

GET
H2 200 HRB-logo-dark.svg
www.hrblock.com.au/Content/images/ 6 KB
3 KB 538ms
537ms Image
image/svg+xml 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrblock.com.au/Content/images/HRB-logo-dark.svg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f2ed7bdab0d0e923f3d726da01d8fcbf0157308ee3dd8f9079502ae555979555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
etag: "01ae891cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2589

GET
H/1.1 200
OK 83c0a7ec-7211-4d68-8f82-bc3b83fc497b.svg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/83/ 14 KB
15 KB 1419ms
284ms Image
image/svg+xml 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/83/83c0a7ec-7211-4d68-8f82-bc3b83fc497b.svg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d12a174ff5db3a4b4c9712caa50b90e4e4d42251289d0e1b70d64755df51b3ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:25 GMT
Last-Modified: Thu, 02 Sep 2021 21:59:42 GMT
Server: AmazonS3
x-amz-request-id: RJMSWQXEPCYESW0Y
ETag: "581c39d6993b4c446415c6fcc72876ab"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 14622
x-amz-id-2: 1eYcn7aWI6gy/8CqMeKSTmP/pwT4/6cF8g5BSO9zchZDiNJ4W1XS7terp+m6HebgA2W07UYcV7E=

GET
H/1.1 200
OK 97e12de3-995b-4a1d-a870-ab4f4ee8f104.png
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/97/ 110 KB
110 KB 1422ms
285ms Image
image/png 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/97/97e12de3-995b-4a1d-a870-ab4f4ee8f104.png
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: afbff3a0c6a8895a8ccf6a9aacd07cce64913f70b3764b68abcd72cbb986549a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:25 GMT
Last-Modified: Thu, 02 Sep 2021 21:59:22 GMT
Server: AmazonS3
x-amz-request-id: RJMS128JKAANE1RM
ETag: "155daf02dbee8e47eed884b6341e3da9"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 112495
x-amz-id-2: KIV7RGFyVR6E6xtwxg0z7H2O7bc7t5eSaCXYkQqL07a3zD7DEiLWUL5ZGufZInC1xOH691jsVGo=

GET
H/1.1 200
OK 9ee589f8-676e-4674-b4c7-6991e0095175.png
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/9e/ 4 KB
5 KB 1687ms
281ms Image
image/png 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/9e/9ee589f8-676e-4674-b4c7-6991e0095175.png
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 492dcc0b5b34b8c530cb7f5339f96beb46487075e9ff8d2d822f43d4ca158aee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:26 GMT
Last-Modified: Fri, 08 Oct 2021 01:18:23 GMT
Server: AmazonS3
x-amz-request-id: BZ5SRXKD79B0RRQ1
ETag: "762a36c68e7fbb388f265da454837689"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4446
x-amz-id-2: wQDl8tGKkKpufnsT8RBwl7o36bXU7FhkBC1hh1Hbk0JsRcw9HmXhxtLfDlWx4C3gpxc3Jx7R2ng=

GET
H2 200 icon-phone-appointment.png
www.hrblock.com.au/content/images/ 1 KB
2 KB 448ms
448ms Image
image/png 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrblock.com.au/content/images/icon-phone-appointment.png
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 243dfee3015be651f59f0fe2b90701a6e10246852bf5ba3bddb8bb799ccffa0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
last-modified: Thu, 18 Nov 2021 22:49:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01ae891cedcd71:0"
content-type: image/png
accept-ranges: bytes
content-length: 1373

GET
H2 200 icon-online.png
www.hrblock.com.au/content/images/ 1 KB
2 KB 449ms
448ms Image
image/png 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrblock.com.au/content/images/icon-online.png
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 04f9b1f9cd499b583331d057f3e2027fe68dbe52b3822fd5f20213ae86ce1e69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
last-modified: Thu, 18 Nov 2021 22:49:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01ae891cedcd71:0"
content-type: image/png
accept-ranges: bytes
content-length: 1228

GET
H2 200 icon-expert.png
www.hrblock.com.au/content/images/ 856 B
1 KB 449ms
448ms Image
image/png 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrblock.com.au/content/images/icon-expert.png
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0e5018c397cfe937122ae036d65144b49ee7093fa450244d928de561efa9da87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
last-modified: Thu, 18 Nov 2021 22:49:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01ae891cedcd71:0"
content-type: image/png
accept-ranges: bytes
content-length: 856

GET
H2 200 manifest.js Show response
www.hrblock.com.au/Content/js/ 5 KB
3 KB 273ms
273ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/manifest.js?v=637729121880000000
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 229af0c0522862aac781f3524028add60bf6881aea85a607c47e057f826f6ae0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
etag: "0ceac96cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2181

GET
H2 200 vendor.jquery.js Show response
www.hrblock.com.au/Content/js/main/ 88 KB
31 KB 277ms
277ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/vendor.jquery.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: daf8907d504c5ec2d578c4c2d0155954849a8d3696d095376d23a0849ef30572

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
etag: "0ceac96cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 31161

GET
H2 200 vendor.vue.js Show response
www.hrblock.com.au/Content/js/main/ 92 KB
34 KB 283ms
281ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/vendor.vue.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6330f060e3085daa00743ee917ad931d901abc8be237b6bd9a13806a0b9eccf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
etag: "0ceac96cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 34083

GET
H2 200 main.js Show response
www.hrblock.com.au/Content/js/ 19 KB
6 KB 538ms
536ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main.js?v=637729121860000000
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee65240e5b01d64edeeb72365a5500c42262d114beafa9be8194d35fc5a02f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
etag: "0a17b95cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5827

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 384 KB
90 KB 69ms
41ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZ2VZX

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02453e7fac6d249409708e2e4e14610f31f747b213cd7028a7ef899978ee29d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91868
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 03:53:23 GMT

GET
H2 200 success-tick.svg
www.hrblock.com.au/Content/images/ 336 B
836 B 448ms
447ms Image
image/svg+xml 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrblock.com.au/Content/images/success-tick.svg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/css/main.css?v=637729121800000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b674aeafe1e44eb77f48979b4758a2e0df2c6ec2b3d85501c3be50ae95e03f86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/Content/css/main.css?v=637729121800000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
last-modified: Thu, 18 Nov 2021 22:49:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01ae891cedcd71:0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 336

GET
H2 200 testimonial-icon.png
www.hrblock.com.au/Content/images/ 361 B
860 B 272ms
271ms Image
image/png 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hrblock.com.au/Content/images/testimonial-icon.png
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/css/main.css?v=637729121800000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8ab35986c5b55a79634469b76a4e6e1af9c7464f02427e05b219c8c08f4c6e60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/Content/css/main.css?v=637729121800000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
last-modified: Thu, 18 Nov 2021 22:49:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01ae891cedcd71:0"
content-type: image/png
accept-ranges: bytes
content-length: 361

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 roboto-v27-latin-700.woff2
www.hrblock.com.au/Content/fonts/roboto/ 15 KB
16 KB 516ms
515ms Font
application/font-woff2 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/fonts/roboto/roboto-v27-latin-700.woff2
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer: https://www.hrblock.com.au/
Origin: https://www.hrblock.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
last-modified: Thu, 18 Nov 2021 22:50:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0eafaa4cedcd71:0"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 15828

GET
H2 200 roboto-v27-latin-regular.woff2
www.hrblock.com.au/Content/fonts/roboto/ 15 KB
16 KB 517ms
516ms Font
application/font-woff2 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/fonts/roboto/roboto-v27-latin-regular.woff2
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer: https://www.hrblock.com.au/
Origin: https://www.hrblock.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
last-modified: Thu, 18 Nov 2021 22:50:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0eafaa4cedcd71:0"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 15688

GET
H2 200 roboto-v27-latin-500.woff2
www.hrblock.com.au/Content/fonts/roboto/ 16 KB
16 KB 517ms
516ms Font
application/font-woff2 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/fonts/roboto/roboto-v27-latin-500.woff2
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

Referer: https://www.hrblock.com.au/
Origin: https://www.hrblock.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
last-modified: Thu, 18 Nov 2021 22:50:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0eafaa4cedcd71:0"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 15920

GET
H2 200 roboto-v27-latin-900.woff2
www.hrblock.com.au/Content/fonts/roboto/ 15 KB
16 KB 516ms
516ms Font
application/font-woff2 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/fonts/roboto/roboto-v27-latin-900.woff2
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Request headers

Referer: https://www.hrblock.com.au/
Origin: https://www.hrblock.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
last-modified: Thu, 18 Nov 2021 22:50:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0eafaa4cedcd71:0"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 15724

POST
H2 200 Log Show response
www.hrblock.com.au/Kentico.ABTest/PageVisitConversionLogger/ 0
510 B 440ms
440ms XHR
text/plain 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Kentico.ABTest/PageVisitConversionLogger/Log
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Kentico.Resource/ABTest/KenticoABTestLogger/en-AU/ConversionLogger.js?abtest=Home_en-AU_1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hrblock.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain
access-control-allow-origin: https://www.hrblock.com.au
cache-control: private
content-length: 0

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W63SFTMYDD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2VZX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a44917314e54d737b384d5661030e4d278da03c7894d4c88e3b27954a36e0891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61816
x-xss-protection: 0
expires: Wed, 24 Nov 2021 03:53:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2VZX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3136
date: Wed, 24 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 24 Nov 2021 05:01:07 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 66ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2VZX
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 03:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 02FC6A4F36C04F2DB1FDCD730F73E083 Ref B: FRAEDGE1411 Ref C: 2021-11-24T03:53:23Z
etag: "80dc6f5342d8d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10442

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 65ms
17ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2VZX
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=40349
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H3

200

activityi;dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F Show response
8274087.fls.doubleclick.net/ Frame C5F6
Redirect Chain

https://8274087.fls.doubleclick.net/activityi;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?
https://8274087.fls.doubleclick.net/activityi;dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2F...

487 B
411 B

74ms
56ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8274087.fls.doubleclick.net/activityi;dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2VZX

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

37071ae6f3a076f2567b431e5a1f312be6cbc0cd5ec927c97098ece841401544

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8274087.fls.doubleclick.net/activityi;dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fw... Show response
8274087.fls.doubleclick.net/ Frame C0F7
Redirect Chain

https://8274087.fls.doubleclick.net/activityi;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2...
https://8274087.fls.doubleclick.net/activityi;dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock....

3 KB
1 KB

44ms
44ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8274087.fls.doubleclick.net/activityi;dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2VZX

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

e9a1b90797796f27197c6dfee01449dc408274f6052efb53a4db05e35384a391

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
expires: Wed, 24 Nov 2021 03:53:24 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1238
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8274087.fls.doubleclick.net/activityi;dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 31ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 7ik1RE7jQQuxBo604LXjka59c4uiPZPhnozUAMdukMgC7XUcHxI2qXR75pwqR50C6gwHMtPKODr9z0YsZWQumQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 24 Nov 2021 03:53:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 79ms
20ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8274087

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ2VZX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99e04fd95743146a969380f2155eb998e9f3914b4246bd463bc56287ee5ba136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35970
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 03:53:23 GMT

GET
H2 200 activityi;register_conversion=1;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F
8274087.fls.doubleclick.net/ 0
0 101ms
51ms Image
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8274087.fls.doubleclick.net/activityi;register_conversion=1;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.c...
8274087.fls.doubleclick.net/ 0
0 101ms
52ms Image
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8274087.fls.doubleclick.net/activityi;register_conversion=1;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1024098716&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hrblock.com.au%2F&ul=en-us&de=UTF-8&dt=Tax%20Return%20%26%20Tax%20Accountants%20in%20Australia%20%7C%20H%26R%20Block%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1888923209&gjid=1437253168&cid=364316232.1637726004&tid=UA-4716073-1&_gid=1698943337.1637726004&_r=1&gtm=2wgba1NZ2VZX&cd5=364316232.1637726004&z=134925575

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrblock.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hrblock.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W63SFTMYDD&gtm=2oeba1&_p=1024098716&sr=1600x1200&ul=en-us&cid=364316232.1637726004&_s=1&dl=https%3A%2F%2Fwww.hrblock.com.au%2F&dt=Tax%20Return%20%26%20Tax%20Accountants%20in%20Australia%20%7C%20H%26R%20Block%20Australia&sid=1637726003&sct=1&seg=0&en=page_view&_fv=1&_ss=1&up.client_id=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W63SFTMYDD&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hrblock.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hrblock.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=75686&time=1637726003981&url=https%3A%2F%2Fwww.hrblock.com.au%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D75686%26time%3D1637726003981%26url%3Dhttps%253A%252F%252Fwww.hrblock.com.au%252F%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=75686&time=1637726003981&url=https%3A%2F%2Fwww.hrblock.com.au%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=75686&time=1637726003981&url=https%3A%2F%2Fwww.hrblock.com.au%2F&liSync=true&e_ipv6=AQKMesrhVDPQHgAAAX1QE6WzIoaGNsWJRCE-gZrKcPYtgLdG7z4CrYRKuI403...

0
155 B

330ms
139ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=75686&time=1637726003981&url=https%3A%2F%2Fwww.hrblock.com.au%2F&liSync=true&e_ipv6=AQKMesrhVDPQHgAAAX1QE6WzIoaGNsWJRCE-gZrKcPYtgLdG7z4CrYRKuI4031ibnLqzVl4I
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: 8O8x3R9fuhZwRUnb1ioAAA==

Redirect headers

date: Wed, 24 Nov 2021 03:53:24 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=75686&time=1637726003981&url=https%3A%2F%2Fwww.hrblock.com.au%2F&liSync=true&e_ipv6=AQKMesrhVDPQHgAAAX1QE6WzIoaGNsWJRCE-gZrKcPYtgLdG7z4CrYRKuI4031ibnLqzVl4I
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: MIl3yh9fuhawyohLVisAAA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4716073-1&cid=364316232.1637726004&jid=1888923209&gjid=1437253168&_gid=1698943337.1637726004&_u=YGBACEAABAAAAC~&z=1852396182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hrblock.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Nov 2021 03:53:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.hrblock.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5739964.js Show response
bat.bing.com/p/action/ 0
134 B 348ms
348ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5739964.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Nov 2021 03:53:24 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A55494A797444B75BF7FFF1405AB637E Ref B: FRAEDGE1411 Ref C: 2021-11-24T03:53:24Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H3 200 1676525339054216 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 63ms
53ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1676525339054216?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a762b44e14eea21bbcf8323fcf8190cad963f834faf71f55ac0be5f8bbe13f05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: L7CzyQUOYVU1TXUp27thQTvl9c8+uAaJt1M4DCeoZzHeKy/nr10tgJvQ8EmVpNh4Z9bevUCfMLYo+Xqwp2uL7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 24 Nov 2021 03:53:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 149ms
121ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1637726004024&id=t2_7r2rqf65&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=3e772398-d6d7-400b-8ea8-7ddf4ce6b33d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 49ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4716073-1&cid=364316232.1637726004&jid=1888923209&_u=YGBACEAABAAAAC~&z=38996851

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 50ms
21ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4716073-1&cid=364316232.1637726004&jid=1888923209&_u=YGBACEAABAAAAC~&z=38996851

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 325040221692730 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 52ms
51ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/325040221692730?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa97994da9e0c73bbdf0af5c650b8d8e3073799fdb18e02a18d481e859374e06

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: gJeTyqZ3ZP2HnhGL6fqzBOnCik6cvT6cYbv6w2ZveICC38lklMPtJIw9OWvwyT90DRmbx2yhdK6QI/Hk3sKHSg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 24 Nov 2021 03:53:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 25ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1676525339054216&ev=PageView&dl=https%3A%2F%2Fwww.hrblock.com.au%2F&rl=&if=false&ts=1637726004112&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1637726004111.1807157213&it=1637726004003&coo=false&exp=p0&rqm=GET

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 24 Nov 2021 03:53:24 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame C0F7 43 B
716 B 103ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10081579

Requested by

Host: 8274087.fls.doubleclick.net
URL: https://8274087.fls.doubleclick.net/activityi;dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=733891772.1637726004;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 24 Nov 2021 03:53:24 GMT

GET
H/1.1

200
OK

pixel
pixel.mediaiqdigital.com/ Frame C0F7
Redirect Chain

https://secure.adnxs.com/px?id=1053400&seg=15617268&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3Dhttps%3A%2F%2Fwww.hrblock.com.au%2F%26pixel_id%3D1053400%26uid%3D%24%7BUID%7D&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1053400%26seg%3D15617268%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu1%253Dhttps%253A%252F%252Fwww.hrblock.com.au%252F%2526pix...
https://pixel.mediaiqdigital.com/pixel?u1=https://www.hrblock.com.au/&pixel_id=1053400&uid=6105425640857435946

2 B
500 B

42ms
8ms

Image
application/json

18.196.51.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.mediaiqdigital.com/pixel?u1=https://www.hrblock.com.au/&pixel_id=1053400&uid=6105425640857435946

Requested by

Protocol

HTTP/1.1

Server

18.196.51.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-51-175.eu-central-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:24 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Origin,x-requested-with,origin,Content-Type,accept,X-PINGARUNER
Content-Length: 2

Redirect headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 03:53:24 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 35f1cc50-938d-46a7-af3f-7f4fb4581766
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.mediaiqdigital.com/pixel?u1=https://www.hrblock.com.au/&pixel_id=1053400&uid=6105425640857435946
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=*;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F
adservice.google.com/ddm/fls/z/ Frame C0F7 42 B
118 B 98ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CL3r1uWMsPQCFZvlEQgdHRgBFQ;src=8274087;type=1;cat=hrblo00;ord=1503962705694;gtm=2wgba1;auiddc=*;u1=https%3A%2F%2Fwww.hrblock.com.au%2F;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F Show response
adservice.google.com/ddm/fls/i/ Frame 6968 486 B
856 B 96ms
43ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F

Requested by

Host: 8274087.fls.doubleclick.net
URL: https://8274087.fls.doubleclick.net/activityi;dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af102ea3030d94b10fe2f99957cf52589f0e13ac450fa24a9dd642dfc44b149d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame C0F7 15 KB
6 KB 79ms
23ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 9YF6RSSCY20CK85Q
x-amz-id-2: VKe9P5ItRCyznUhyGYD4jiqCS1p7di/TFO10A38O90vHm1tidW8/Xw5trhCyGvT3596oPxTBSv0=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H3

200

activityi;dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787 Show response
9035576.fls.doubleclick.net/ Frame DB6A
Redirect Chain

https://9035576.fls.doubleclick.net/activityi;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787?
https://9035576.fls.doubleclick.net/activityi;dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=543567795194...

402 B
352 B

25ms
25ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9035576.fls.doubleclick.net/activityi;dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

88a5194aac12c68920bb1f8f0ac04ed4de602b20e21d07ed69534089f0d82142

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
expires: Wed, 24 Nov 2021 03:53:24 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 329
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9035576.fls.doubleclick.net/activityi;dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325040221692730&ev=PageView&dl=https%3A%2F%2Fwww.hrblock.com.au%2F&rl=&if=false&ts=1637726004182&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1637726004111.1807157213&it=1637726004003&coo=false&exp=p0&rqm=GET

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 24 Nov 2021 03:53:24 GMT

GET
H2 200 dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787
adservice.google.com/ddm/fls/z/ Frame DB6A 42 B
107 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787

Requested by

Host: 9035576.fls.doubleclick.net
URL: https://9035576.fls.doubleclick.net/activityi;dc_pre=CKWR3uWMsPQCFcbQEQgdqgcGtg;src=9035576;type=invmedia;cat=hrblo003;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5435677951948.787?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9035576.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10056705.json Show response
s.yimg.com/wi/config/ Frame C0F7 2 B
448 B 67ms
23ms XHR
application/json 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056705.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:51:45 GMT
x-content-type-options: nosniff
age: 99
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 0Q61Y7WT1EARYMKB
x-amz-id-2: +ocj+EIIMR6NiqOHpt3jmtYM0I1/Mhvm2iMpVWQUa9a2HYQGy5B/Tckwrg6H9qEG3barR/pgFMM=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 10081579.json Show response
s.yimg.com/wi/config/ Frame C0F7 46 B
427 B 67ms
23ms XHR
application/octet-stream 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10081579.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

3505d2a126ff1424119f8c16843ad302aa64d3b9553903fbfb1820591be96931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:14:23 GMT
x-content-type-options: nosniff
age: 59942
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: MTMG0YNM5KD984C2
x-amz-id-2: uWXL9CiuvzI483VkBVKh9jCQRJcUg6jkGeqjkKW/01Q0Isd8y0fZLyi9StGX/jXg7duV57g3Ur8=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 19 Jan 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 14 Dec 2020 03:22:15 GMT
server: ATS
etag: "2ab8ef90685da0e1cbfe4bfffecb8795"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: 58SvBRiH1Xg655m9bhIkqyS8IHc9SMSg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H3

200

dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F Show response
8274087.fls.doubleclick.net/ddm/fls/r/ Frame 4457
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrbl...
https://8274087.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2F...

2 KB
1 KB

19ms
19ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8274087.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

13df0afb4be5e2849966ff42799b62b0be629d96c1f892709c88f8617562ec2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
expires: Wed, 24 Nov 2021 03:53:24 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1043
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://8274087.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 global.js Show response
www.hrblock.com.au/Content/js/main/ 50 KB
18 KB 272ms
272ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/global.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/js/manifest.js?v=637729121880000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d054a00bc94f58764388649a639fc636d2805f17f02217ff7f66c7b79168f82b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
etag: "0a17b95cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 17621

GET
H2 200 card-tag-height-trimmer.js Show response
www.hrblock.com.au/Content/js/main/ 15 KB
7 KB 272ms
272ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/card-tag-height-trimmer.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/js/manifest.js?v=637729121880000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 22483d7ffeed7edf7d458821b74297980da8dc66f0c51294ccc5eb30d0cb53c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
etag: "0a17b95cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6343

GET
H2 200 locations-autocomplete.js Show response
www.hrblock.com.au/Content/js/main/ 25 KB
10 KB 273ms
272ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/locations-autocomplete.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/js/manifest.js?v=637729121880000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 04bbf3119e8bda63dd1b94472bc283965ffdec2f4ab7ee99451c59154622b7ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
etag: "0a17b95cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9740

GET
H2 200 use-my-location.js Show response
www.hrblock.com.au/Content/js/main/ 15 KB
7 KB 274ms
273ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/use-my-location.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/js/manifest.js?v=637729121880000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 87f3b06b820848c8a03d0219c274a23a663c0ec90e618602ce8dad456bcca618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
etag: "0ceac96cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6223

GET
H2 200 modal-btn.js Show response
www.hrblock.com.au/Content/js/main/ 12 KB
5 KB 273ms
273ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/modal-btn.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/js/manifest.js?v=637729121880000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2ff2ca6f013c2a886e4e5447d759efe19581bceb9ec748ec715d587c34cc5ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
etag: "0ceac96cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4946

GET
H2 200 custom-dropdown.js Show response
www.hrblock.com.au/Content/js/main/ 12 KB
5 KB 274ms
271ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/custom-dropdown.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/js/manifest.js?v=637729121880000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4910b35395c8696881672b17beccfe91db905dab539fab483925cf7e078ebf93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
etag: "0a17b95cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4908

GET
H2 200 testimonial-carousel.js Show response
www.hrblock.com.au/Content/js/main/ 55 KB
16 KB 276ms
275ms Script
application/javascript 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Content/js/main/testimonial-carousel.js
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Content/js/manifest.js?v=637729121880000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5fd387fdef350a7635c24c582687e174e29cead08ab6b55fe58ced7f8716bd48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
etag: "0ceac96cedcd71:0"
last-modified: Thu, 18 Nov 2021 22:49:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 15361

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 29ms
12ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=410428&u=https%3A%2F%2Fwww.hrblock.com.au%2F&r=0.3678154553272519
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 640144f29c18c82a63ce86f46ca987c5678732597ac035924b9bbc26ac6fc26e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 03:53:23 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 hotjar-900965.js Show response
static.hotjar.com/c/ 5 KB
2 KB 76ms
45ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-900965.js?sv=6

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

28508083285e4b87239f6e5167d41e2c9119cd14e021fdf56e75abbb0f0f7b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/3e920bcdc8db1fa11eadb07cac85a475
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: mw75GAd4GEutq0x0Ay_3JY1wB3UG7-fmZR7tL2oPMfK5KFyf5id7TQ==
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)

GET
H2 204 0
bat.bing.com/action/ 0
150 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5739964&tm=gtm002&Ver=2&mid=75a84611-7006-4c95-b53f-0c8f439e5d0a&sid=12b9fb304cda11ecbe8613afe839da66&vid=12ba0b804cda11ecbecf210e310e725a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Tax%20Return%20%26%20Tax%20Accountants%20in%20Australia%20%7C%20H%26R%20Block%20Australia&p=https%3A%2F%2Fwww.hrblock.com.au%2F&r=&lt=3151&evt=pageLoad&msclkid=N&sv=1&rn=789467
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47AB731F092D47EF88ED3D7BCCC3512D Ref B: FRAEDGE1411 Ref C: 2021-11-24T03:53:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3577.js Show response
script.crazyegg.com/pages/scripts/0027/ 5 KB
2 KB 63ms
30ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0027/3577.js?454923
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8e8b41f358768487bc551384a56a350fb5f091022219c48bc258e3074d18f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 53479
cf-polished: origSize=4899
cf-ray: 6b2fb0a70b566937-FRA
ce-version: 11.1.358
last-modified: Tue, 23 Nov 2021 13:02:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

POST
H2 200 Log Show response
www.hrblock.com.au/Kentico.Activities/KenticoActivityLogger/ 0
576 B 279ms
278ms XHR
text/plain 13.210.165.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com.au/Kentico.Activities/KenticoActivityLogger/Log
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/Kentico.Resource/Activities/KenticoActivityLogger/Logger.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.165.235 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-165-235.ap-southeast-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hrblock.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/plain
access-control-allow-origin: https://www.hrblock.com.au
cache-control: private
content-length: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame C0F7 43 B
79 B 38ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2024%20Nov%202021%2003%3A53%3A24%20GMT&n=0&.yp=10081579&f=https%3A%2F%2F8274087.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL3r1uWMsPQCFZvlEQgdHRgBFQ%3Bsrc%3D8274087%3Btype%3D1%3Bcat%3Dhrblo00%3Bord%3D1503962705694%3Bgtm%3D2wgba1%3Bauiddc%3D733891772.1637726004%3Bu1%3Dhttps%253A%252F%252Fwww.hrblock.com.au%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.hrblock.com.au%252F%3F&e=https%3A%2F%2Fwww.hrblock.com.au%2F&enc=UTF-8&yv=1.10.2&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 24 Nov 2021 03:53:24 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame C0F7 43 B
79 B 38ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10056705&f=https%3A%2F%2F8274087.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL3r1uWMsPQCFZvlEQgdHRgBFQ%3Bsrc%3D8274087%3Btype%3D1%3Bcat%3Dhrblo00%3Bord%3D1503962705694%3Bgtm%3D2wgba1%3Bauiddc%3D733891772.1637726004%3Bu1%3Dhttps%253A%252F%252Fwww.hrblock.com.au%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.hrblock.com.au%252F%3F&e=https%3A%2F%2Fwww.hrblock.com.au%2F&enc=UTF-8&yv=1.10.2&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 24 Nov 2021 03:53:24 GMT

GET
H/1.1 200
OK c76d5d4c-8ac2-490f-b99a-9d90dfe64db4.jpg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/c7/ 5 KB
5 KB 1101ms
285ms Image
image/jpeg 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/c7/c76d5d4c-8ac2-490f-b99a-9d90dfe64db4.jpg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff9fad2df99db8294c09e3ed5a2bd079c8d7d1eb5ff2883179c9e9c8486c3814

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:26 GMT
Last-Modified: Wed, 10 Nov 2021 05:39:22 GMT
Server: AmazonS3
x-amz-request-id: BZ5XTS5C36NW2WPN
ETag: "58cbb2879738d3031e84bb61b966a93e"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4790
x-amz-id-2: n4pWlwTc+rFj9wjbiwEgpIfUWBWw5j+hWTwvcMC9G18rroZrdW8z7BPIBldVMKms2UcAQfyCxsM=

GET
H/1.1 200
OK 9ee217cc-f013-46ec-827e-2283c1ff8b1b.jpg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/9e/ 5 KB
6 KB 1120ms
291ms Image
image/jpeg 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/9e/9ee217cc-f013-46ec-827e-2283c1ff8b1b.jpg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 42fe5590ca5a0960e68d4141313c8bf623cbfe0e132ba6664436b5d70ed70810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:26 GMT
Last-Modified: Wed, 10 Nov 2021 05:39:18 GMT
Server: AmazonS3
x-amz-request-id: BZ5JG0467Z5GC3B9
ETag: "e757bf4122b5daa2b6fe6d8553894445"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5616
x-amz-id-2: V+oT+kcJ6b3N8q0MQXKFJqpkQwEDIAkyECu6WIXbzfPorWWYun79ZIYcCbTUzWoJCqKKTkcWslc=

GET
H/1.1 200
OK 5174b58c-63ff-48a6-8572-10de760564c6.jpg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/51/ 2 KB
2 KB 513ms
287ms Image
image/jpeg 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/51/5174b58c-63ff-48a6-8572-10de760564c6.jpg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e727111906516cea6e1767070766370381ddc55f1f40bc2b7c34142d8dc27e51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:25 GMT
Last-Modified: Wed, 10 Nov 2021 05:39:20 GMT
Server: AmazonS3
x-amz-request-id: RJMRSGZA96072F8K
ETag: "22777e00f2274a434163668241dea111"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2088
x-amz-id-2: jWW4a1qF6SwuQ+QkKrIHwRTPBiG0fFriJd6sJ2Yae3p0qvWNQKcFTyvheeZgR8KBCZX66RmT3LM=

GET
H/1.1 200
OK 1fff278e-bf3a-41b0-8e29-240d62f275a9.jpg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/1f/ 5 KB
5 KB 509ms
287ms Image
image/jpeg 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/1f/1fff278e-bf3a-41b0-8e29-240d62f275a9.jpg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: f79108de1655f93d1253f4c52fd219efe7ea8b23cb9cf9dad32b45b11790c80e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:25 GMT
Last-Modified: Wed, 10 Nov 2021 05:39:16 GMT
Server: AmazonS3
x-amz-request-id: RJMSBNPB8JS3GRV5
ETag: "d95d11af6659543a3c1193d29f5662ef"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4697
x-amz-id-2: tWhhP67ByfoJn67qU13aNc9LJpGL4Zfw6RgTJCPxsTfMIqaLdMi91FHjJ3tvCM0bJJMblziJDLc=

GET
H/1.1 200
OK a9b71f5a-aea4-4b34-bad1-19cf4c8eb281.jpg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/a9/ 4 KB
4 KB 519ms
291ms Image
image/jpeg 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/a9/a9b71f5a-aea4-4b34-bad1-19cf4c8eb281.jpg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b95ec61662ba13c4ee5811a6c48b984dba99ec073c6eba8e3f5da07deefba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:25 GMT
Last-Modified: Wed, 10 Nov 2021 05:39:12 GMT
Server: AmazonS3
x-amz-request-id: RJMH5C5KNJSD34KS
ETag: "7dca9658b35c57fce0032387dbee49f2"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3860
x-amz-id-2: JoG9Qm9aym5fOHNwGUuJOtP5or4mwcsMZTY6+Bi3/wFYnjhFBKI7gV+NYZ1ucOv7VqIB7zANHkI=

GET
H/1.1 200
OK 4043e49b-f095-4b18-aca3-9e3b848883fb.jpg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/40/ 4 KB
5 KB 521ms
291ms Image
image/jpeg 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/40/4043e49b-f095-4b18-aca3-9e3b848883fb.jpg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 536c596777cb8ce16df5590e61ef6eb2a01ece09b49283149fe53476df8f763c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:25 GMT
Last-Modified: Wed, 10 Nov 2021 05:39:14 GMT
Server: AmazonS3
x-amz-request-id: RJMK8G744BBKANBM
ETag: "5227678d75db0adb98d73ab0bba0241b"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4519
x-amz-id-2: N0YQghbRa2knP0vqH1oKCmXL6fjArqTQ5ULVbj1hZJ1ajBNu47CqB0iBeuaylJ/WtsYu3bPrJ7k=

GET
H/1.1 200
OK b26bb3b1-f5bc-46e4-a39a-6f0926e7167b.svg
pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/b2/ 12 KB
12 KB 789ms
280ms Image
image/svg+xml 52.95.132.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubweb-kentico.s3.ap-southeast-2.amazonaws.com/hrb/files/b2/b26bb3b1-f5bc-46e4-a39a-6f0926e7167b.svg
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.98 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1f65e4432c35bbfb082db807747d6545926b810d002b304d08f687cc9d234afd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 03:53:25 GMT
Last-Modified: Thu, 02 Sep 2021 22:01:47 GMT
Server: AmazonS3
x-amz-request-id: RJMR38YH1AZ4E5C1
ETag: "81e8beceea67c7a3473d76dc6526e153"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 12413
x-amz-id-2: y/4rlsl58TWZuoPZ0BEQQjBe4zph+a0h4FyNpLaN0qJHxRO4nPy8QWVW0vrkgeS2MWZmdIIIJgE=

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 114ms
101ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=410428&d=hrblock.com.au&u=D4736DFA0A0A0D6889AE79CB47584B4DC&h=4776189d0fa76e246d52e9a5b1e3d3ce&t=false&r=0.7312482070713613

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 42ms
10ms Script
application/javascript 143.204.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-900965.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-45.fra50.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55578
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hp4fdGXlZGgdhutgYTVEye8RkiKNIczPcknJuTndFQlWDQofIsO99Q==

GET
H2 200 3577.json Show response
script.crazyegg.com/pages/data-scripts/0027/ 74 KB
4 KB 40ms
20ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0027/3577.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0027/3577.js?454923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e6fdc5b2160db417416a16a2d49aedfc2cf59f2344772adaa42eb850cc0dab7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 53478
ce-version: 11.1.358
content-length: 3269
timing-allow-origin: *
last-modified: Tue, 23 Nov 2021 13:02:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6b2fb0a76b7a2bd2-FRA

GET
H/1.1 200
OK px Show response
secure.adnxs.com/ Frame 4457 0
933 B 10ms
9ms Script
application/javascript 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/px?id=1053394&seg=15617256&t=1

Requested by

Host: 8274087.fls.doubleclick.net
URL: https://8274087.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHa1OWMsPQCFb3jEQgd3-QOOg;src=8274087;type=hp_18;cat=hrblo00;ord=3514639865452;gtm=2wgba1;auiddc=733891772.1637726004;ps=1;~oref=https%3A%2F%2Fwww.hrblock.com.au%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 03:53:24 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d24792fd-46c1-4f74-a3dd-5365d55abd74
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 4457 15 KB
6 KB 23ms
22ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 9YF6RSSCY20CK85Q
x-amz-id-2: VKe9P5ItRCyznUhyGYD4jiqCS1p7di/TFO10A38O90vHm1tidW8/Xw5trhCyGvT3596oPxTBSv0=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame 70A7 2 KB
1 KB 39ms
8ms Document
text/html 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-900965.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FPj5gTJYz0BVq9oz5iH5J2TNWBcM0u-bDwhts-HOMEOJ-mE08E6zkg==
age: 664638

GET
H3

200

activityi;dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158 Show response
9035576.fls.doubleclick.net/ Frame D9EC
Redirect Chain

https://9035576.fls.doubleclick.net/activityi;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158?
https://9035576.fls.doubleclick.net/activityi;dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623....

400 B
352 B

41ms
41ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9035576.fls.doubleclick.net/activityi;dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

3847fe154c144a0cd0cde5803c11f5368faed3a4a89edbd0bcc611dc6d3efe65

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
expires: Wed, 24 Nov 2021 03:53:24 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 329
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Nov 2021 03:53:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9035576.fls.doubleclick.net/activityi;dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 10081579.json Show response
s.yimg.com/wi/config/ Frame 4457 46 B
86 B 22ms
22ms XHR
application/octet-stream 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10081579.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

3505d2a126ff1424119f8c16843ad302aa64d3b9553903fbfb1820591be96931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:14:23 GMT
x-content-type-options: nosniff
age: 59942
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: MTMG0YNM5KD984C2
x-amz-id-2: uWXL9CiuvzI483VkBVKh9jCQRJcUg6jkGeqjkKW/01Q0Isd8y0fZLyi9StGX/jXg7duV57g3Ur8=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 19 Jan 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 14 Dec 2020 03:22:15 GMT
server: ATS
etag: "2ab8ef90685da0e1cbfe4bfffecb8795"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: 58SvBRiH1Xg655m9bhIkqyS8IHc9SMSg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H2 200 11.1.358.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 69 KB
22 KB 13ms
13ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0027/3577.js?454923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Nov 2021 19:35:50 GMT
server: cloudflare
age: 53642
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6b2fb0a78c136937-FRA
content-length: 22857

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 4457 43 B
79 B 33ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2024%20Nov%202021%2003%3A53%3A24%20GMT&n=0&.yp=10081579&f=https%3A%2F%2F8274087.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHa1OWMsPQCFb3jEQgd3-QOOg%3Bsrc%3D8274087%3Btype%3Dhp_18%3Bcat%3Dhrblo00%3Bord%3D3514639865452%3Bgtm%3D2wgba1%3Bauiddc%3D733891772.1637726004%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.hrblock.com.au%252F&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8274087.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 24 Nov 2021 03:53:24 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/900965/ 146 B
323 B 116ms
36ms XHR
application/json 54.76.144.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/900965/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.376dac12c7cbd03331c3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.144.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-144-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer: https://www.hrblock.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 3577.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0027/ 46 B
158 B 19ms
19ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0027/3577.json?t=454923
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d4a5972b9b2656811a09cb64e612ba7a867403725839241d9184248e2f83fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 53477
ce-version: 11.1.358
content-length: 65
timing-allow-origin: *
last-modified: Tue, 23 Nov 2021 13:02:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6b2fb0a7cbd62bd2-FRA

GET
H3 200 dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158
adservice.google.com/ddm/fls/z/ Frame D9EC 42 B
63 B 59ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158

Requested by

Host: 9035576.fls.doubleclick.net
URL: https://9035576.fls.doubleclick.net/activityi;dc_pre=CM6B7OWMsPQCFQMs4AodXckA-w;src=9035576;type=invmedia;cat=hrblo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8432342182623.158?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9035576.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 03:53:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
419 B 39ms
7ms XHR
binary/octet-stream 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 3705109
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: p6H6upoEHGOSian16ylYvAqqZ6JRseC4zIpvJyUpumW-gdyrTXxa-A==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
419 B 39ms
8ms XHR
binary/octet-stream 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 3705109
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: oSLO_cQsb_TlwKSyPaEpuTQYcsKDgHv-Wz03kEtMxZOKtmwrqL2Yhg==

GET
BLOB 200
OK 446b05d0-478d-4251-aa7a-b59215c1bc86
https://www.hrblock.com.au/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hrblock.com.au/446b05d0-478d-4251-aa7a-b59215c1bc86
Requested by: Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 27 B
134 B 116ms
41ms XHR
text/plain 34.255.166.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1637726004592
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 84e04d36d120a40a63c90304a60c7134985cadf17de35303604ca967f25f7b40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Nov 2021 03:53:24 GMT
cache-control: no-store
server: awselb/2.0
content-length: 27
content-type: text/plain

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1676525339054216&ev=Microdata&dl=https%3A%2F%2Fwww.hrblock.com.au%2F&rl=&if=false&ts=1637726004615&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tax%20Return%20%26%20Tax%20Accountants%20in%20Australia%20%7C%20H%26R%20Block%20Australia%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22H%26R%20Block%20is%20Australia%27s%20leading%20tax%20services%20company.%20Our%20accountants%20offer%20advice%20on%20income%20tax%20returns%2C%20refunds%20%26%20more.%20Find%20your%20nearest%20H%26R%20Block%20office.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Home%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22%2Fcontent%2Fimages%2Fog-placeholder.png%22%2C%22og%3Adescription%22%3A%22H%26R%20Block%20is%20Australia%27s%20leading%20tax%20services%20company.%20Our%20accountants%20offer%20advice%20on%20income%20tax%20returns%2C%20refunds%20%26%20more.%20Find%20your%20nearest%20H%26R%20Block%20office.%22%2C%22og%3Aurl%22%3A%22%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fwww.schema.org%22%2C%22%40type%22%3A%22product%22%2C%22brand%22%3A%22H%26R%20Block%22%2C%22name%22%3A%22Online%20Tax%20Express%22%2C%22image%22%3A%22https%3A%2F%2Fpubweb-kentico.s3.ap-southeast-2.amazonaws.com%2Fhrb%2Fmedia%2Fgeneral%2F492e2f84-0f96-4ff8-811d-b03702695de9.svg%3Fext%3D.svg%22%2C%22description%22%3A%22Get%20your%20quick%2C%20carefully%20checked%20tax%20return%20done%20in%20as%20little%20as%2010%20minutes.%22%2C%22aggregateRating%22%3A%7B%22%40type%22%3A%22aggregateRating%22%2C%22ratingValue%22%3A%224.7%22%2C%22reviewCount%22%3A%223422%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1637726004111.1807157213&it=1637726004003&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 24 Nov 2021 03:53:24 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325040221692730&ev=Microdata&dl=https%3A%2F%2Fwww.hrblock.com.au%2F&rl=&if=false&ts=1637726004685&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tax%20Return%20%26%20Tax%20Accountants%20in%20Australia%20%7C%20H%26R%20Block%20Australia%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22H%26R%20Block%20is%20Australia%27s%20leading%20tax%20services%20company.%20Our%20accountants%20offer%20advice%20on%20income%20tax%20returns%2C%20refunds%20%26%20more.%20Find%20your%20nearest%20H%26R%20Block%20office.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Home%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22%2Fcontent%2Fimages%2Fog-placeholder.png%22%2C%22og%3Adescription%22%3A%22H%26R%20Block%20is%20Australia%27s%20leading%20tax%20services%20company.%20Our%20accountants%20offer%20advice%20on%20income%20tax%20returns%2C%20refunds%20%26%20more.%20Find%20your%20nearest%20H%26R%20Block%20office.%22%2C%22og%3Aurl%22%3A%22%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fwww.schema.org%22%2C%22%40type%22%3A%22product%22%2C%22brand%22%3A%22H%26R%20Block%22%2C%22name%22%3A%22Online%20Tax%20Express%22%2C%22image%22%3A%22https%3A%2F%2Fpubweb-kentico.s3.ap-southeast-2.amazonaws.com%2Fhrb%2Fmedia%2Fgeneral%2F492e2f84-0f96-4ff8-811d-b03702695de9.svg%3Fext%3D.svg%22%2C%22description%22%3A%22Get%20your%20quick%2C%20carefully%20checked%20tax%20return%20done%20in%20as%20little%20as%2010%20minutes.%22%2C%22aggregateRating%22%3A%7B%22%40type%22%3A%22aggregateRating%22%2C%22ratingValue%22%3A%224.7%22%2C%22reviewCount%22%3A%223422%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1637726004111.1807157213&it=1637726004003&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.hrblock.com.au
URL: https://www.hrblock.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hrblock.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:53:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 24 Nov 2021 03:53:24 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hrblock.com.au/	1970-01-19 23:05:30	Name: AWSALB Value: G5si9lY9whoFrwiTNtKhmdw1KVXU4yNr0mkQ5EDVf5LWqRlNJCo9581LOo4QXywZ/vrc7lE+kWkPWek4lufZXpGGM19K4sotEtbm4xwAWGOPpcCssXtsLb1P4FYK
hrblock.com.au/	1970-01-19 23:05:30	Name: AWSALBCORS Value: G5si9lY9whoFrwiTNtKhmdw1KVXU4yNr0mkQ5EDVf5LWqRlNJCo9581LOo4QXywZ/vrc7lE+kWkPWek4lufZXpGGM19K4sotEtbm4xwAWGOPpcCssXtsLb1P4FYK
www.hrblock.com.au/	1970-02-07 04:55:26	Name: CurrentContact Value: a8dfc997-be5b-44bf-9d94-803e505ebcbe
www.hrblock.com.au/	1970-01-20 00:23:16	Name: CMSABHome_en-AU_1 Value: {"VariantIdentifier":"4009bb90-13ed-4d5e-a602-9b926cfc7151","Conversions":[]}
www.hrblock.com.au/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bnj55xvr5vg2hridlsoj44co
.hrblock.com.au/	1970-01-20 01:05:02	Name: _gcl_au Value: 1.1.733891772.1637726004
.hrblock.com.au/	1970-01-19 22:56:52	Name: _gid Value: GA1.3.1698943337.1637726004
.hrblock.com.au/	1970-01-19 22:55:26	Name: _gat_UA-4716073-1 Value: 1
.bing.com/	1970-01-20 08:17:02	Name: MUID Value: 101568E3374761E91D71781A362C60F6
.hrblock.com.au/	1970-01-20 16:26:38	Name: _ga_W63SFTMYDD Value: GS1.1.1637726003.1.0.1637726003.0
.hrblock.com.au/	1970-01-20 16:26:38	Name: _ga Value: GA1.1.364316232.1637726004
.hrblock.com.au/	1970-01-20 01:05:02	Name: _rdt_uuid Value: 1637726004022.3e772398-d6d7-400b-8ea8-7ddf4ce6b33d
.doubleclick.net/	1970-01-20 08:17:02	Name: IDE Value: AHWqTUmGTVma2U-7FTMBtKjChGMJv0fRwgZWoZNhzQdJFyQ5AGlPaYjwisTMGJUCiqI
.hrblock.com.au/	1970-01-20 01:05:02	Name: _fbp Value: fb.2.1637726004111.1807157213
.adnxs.com/	1970-01-20 01:05:02	Name: uuid2 Value: 6105425640857435946
.yahoo.com/	1970-01-20 07:41:23	Name: A3 Value: d=AQABBDS3nWECEIaF75foXBT0xgReIoOcAgcFEgEBAQEIn2GnYQAAAAAA_eMAAA&S=AQAAAmvSoB3TQgAm8Nbtaq8sH2Q
.hrblock.com.au/	1970-01-19 22:56:52	Name: _uetsid Value: 12b9fb304cda11ecbe8613afe839da66
.hrblock.com.au/	1970-01-20 08:17:02	Name: _uetvid Value: 12ba0b804cda11ecbecf210e310e725a
.hrblock.com.au/	1970-01-20 07:42:28	Name: _vwo_uuid_v2 Value: D4736DFA0A0A0D6889AE79CB47584B4DC\|4776189d0fa76e246d52e9a5b1e3d3ce
.adnxs.com/	1970-01-20 01:05:02	Name: anj Value: dTM7k!M4/8D>6NRF']wIg2In3hN.fP!fss0=Ir4A3KL9D3I?.+n!i%t
.linkedin.com/	1970-01-19 23:38:38	Name: UserMatchHistory Value: AQKpNB1ypJ6ergAAAX1QE6RceSRoxb1G2yCEm5Phc_rx8aXrEirh6fASzbuRqlzI6aqbkyUPo6vSQg
.linkedin.com/	1970-01-19 23:38:38	Name: AnalyticsSyncHistory Value: AQKupaoFlJmKhAAAAX1QE6RcNommq9Hjk0e9w7r2F2loy4x-DywtStyMSlDwMgaha-AumMW_oKeXhT9aJHBWeQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:27:19	Name: bcookie Value: "v=2&f44c8fa6-c9a2-48d9-863c-e4b7a90f9674"
.linkedin.com/	1970-01-19 22:56:52	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2406:u=1:x=1:i=1637726004:t=1637812404:v=2:sig=AQFZEDttfVCnMMyLBmqH3FeKSdiJW_dH"
.hrblock.com.au/	1970-01-20 07:41:02	Name: _hjSessionUser_900965 Value: eyJpZCI6IjE0ZTY2ZDdlLTA2YjQtNWE4My05MDJmLTI4N2FiYzI5YTYyOSIsImNyZWF0ZWQiOjE2Mzc3MjYwMDQzODAsImV4aXN0aW5nIjpmYWxzZX0=
.hrblock.com.au/	1970-01-19 22:55:27	Name: _hjFirstSeen Value: 1
.hrblock.com.au/	1970-01-19 22:55:27	Name: _hjSession_900965 Value: eyJpZCI6ImY2ODg4ZWE4LTFlYTUtNDY5Ni1hYzliLTYzMzVkNjk1NTljZiIsImNyZWF0ZWQiOjE2Mzc3MjYwMDQ0MjR9
www.hrblock.com.au/	1970-01-19 22:55:26	Name: _hjIncludedInPageviewSample Value: 1
.hrblock.com.au/	1970-01-19 22:55:27	Name: _hjAbsoluteSessionInProgress Value: 0
www.hrblock.com.au/	1970-01-19 22:55:26	Name: _hjIncludedInSessionSample Value: 0
www.hrblock.com.au/	1970-01-19 22:55:27	Name: CMSLandingPageLoaded Value: true
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:27:19	Name: bscookie Value: "v=1&20211124035324afab2b7f-7bea-4348-87d8-80fb7c1bfa9fAQHwS-VcjNli9tbRUT03159Am2dwFsZk"
.linkedin.com/	1970-01-20 16:19:17	Name: li_gc Value: MTswOzE2Mzc3MjYwMDQ7MjswMjEQWkCQu/YZxyz5sNFpQOQcunr8ATpR+EdqPbUBYFixtw==
www.hrblock.com.au/	1970-01-19 23:05:30	Name: AWSALB Value: WpmNHkBNlwibPeuJNb/aT+Nx/NI3CENO3sC0IMGYp8E5ziRgiRUgSkg/OkMv2zVzGL9wgvnJyWLdDWleIGKdlorr2rFBTNCqaxlLn98ju+imJbM7bWVNnuLshsNK
www.hrblock.com.au/	1970-01-19 23:05:30	Name: AWSALBCORS Value: WpmNHkBNlwibPeuJNb/aT+Nx/NI3CENO3sC0IMGYp8E5ziRgiRUgSkg/OkMv2zVzGL9wgvnJyWLdDWleIGKdlorr2rFBTNCqaxlLn98ju+imJbM7bWVNnuLshsNK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8274087.fls.doubleclick.net
9035576.fls.doubleclick.net
adservice.google.com
adservice.google.de
alb.reddit.com
assets-tracking.crazyegg.com
bat.bing.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
hrblock.com.au
in.hotjar.com
pagestates-tracking.crazyegg.com
pixel.mediaiqdigital.com
pubweb-kentico.s3.ap-southeast-2.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.yimg.com
script.crazyegg.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
tracking.crazyegg.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hrblock.com.au
www.linkedin.com
www.redditstatic.com
108.174.10.14
13.210.165.235
142.250.74.198
143.204.98.102
143.204.98.45
143.204.98.50
143.204.98.57
143.204.98.93
151.101.65.140
18.196.51.175
212.82.100.181
2606:4700::6813:9408
2620:119:50e8:101::9002:f05
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9d
2a02:26f0:6c00::210:ba11
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:600::396
34.255.166.68
34.96.102.137
37.252.173.27
52.95.132.98
54.76.144.107
023953cdec40199818d363a5ac5ac891a22ed80444f56baf41a4888babbcf522
02453e7fac6d249409708e2e4e14610f31f747b213cd7028a7ef899978ee29d1
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
04bbf3119e8bda63dd1b94472bc283965ffdec2f4ab7ee99451c59154622b7ae
04f9b1f9cd499b583331d057f3e2027fe68dbe52b3822fd5f20213ae86ce1e69
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e5018c397cfe937122ae036d65144b49ee7093fa450244d928de561efa9da87
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13df0afb4be5e2849966ff42799b62b0be629d96c1f892709c88f8617562ec2a
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
147a84418490f7a72d4e1baa8acf5abc67fe1576b24aedd27cb8cb636f81cf39
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f65e4432c35bbfb082db807747d6545926b810d002b304d08f687cc9d234afd
22483d7ffeed7edf7d458821b74297980da8dc66f0c51294ccc5eb30d0cb53c9
229af0c0522862aac781f3524028add60bf6881aea85a607c47e057f826f6ae0
243dfee3015be651f59f0fe2b90701a6e10246852bf5ba3bddb8bb799ccffa0c
262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58
28508083285e4b87239f6e5167d41e2c9119cd14e021fdf56e75abbb0f0f7b2c
2ff2ca6f013c2a886e4e5447d759efe19581bceb9ec748ec715d587c34cc5ea2
3505d2a126ff1424119f8c16843ad302aa64d3b9553903fbfb1820591be96931
37071ae6f3a076f2567b431e5a1f312be6cbc0cd5ec927c97098ece841401544
3847fe154c144a0cd0cde5803c11f5368faed3a4a89edbd0bcc611dc6d3efe65
42fe5590ca5a0960e68d4141313c8bf623cbfe0e132ba6664436b5d70ed70810
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4910b35395c8696881672b17beccfe91db905dab539fab483925cf7e078ebf93
492dcc0b5b34b8c530cb7f5339f96beb46487075e9ff8d2d822f43d4ca158aee
536c596777cb8ce16df5590e61ef6eb2a01ece09b49283149fe53476df8f763c
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5fd387fdef350a7635c24c582687e174e29cead08ab6b55fe58ced7f8716bd48
6330f060e3085daa00743ee917ad931d901abc8be237b6bd9a13806a0b9eccf8
640144f29c18c82a63ce86f46ca987c5678732597ac035924b9bbc26ac6fc26e
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a
6e680123f341ed25b6ee4d7e7fb0d3a01227fdc7a7d7c9787328f60ef1b7c1fb
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e04d36d120a40a63c90304a60c7134985cadf17de35303604ca967f25f7b40
87f3b06b820848c8a03d0219c274a23a663c0ec90e618602ce8dad456bcca618
88a5194aac12c68920bb1f8f0ac04ed4de602b20e21d07ed69534089f0d82142
8ab35986c5b55a79634469b76a4e6e1af9c7464f02427e05b219c8c08f4c6e60
8e6fdc5b2160db417416a16a2d49aedfc2cf59f2344772adaa42eb850cc0dab7
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
99e04fd95743146a969380f2155eb998e9f3914b4246bd463bc56287ee5ba136
9e8e8b41f358768487bc551384a56a350fb5f091022219c48bc258e3074d18f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44917314e54d737b384d5661030e4d278da03c7894d4c88e3b27954a36e0891
a762b44e14eea21bbcf8323fcf8190cad963f834faf71f55ac0be5f8bbe13f05
af102ea3030d94b10fe2f99957cf52589f0e13ac450fa24a9dd642dfc44b149d
afbff3a0c6a8895a8ccf6a9aacd07cce64913f70b3764b68abcd72cbb986549a
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b674aeafe1e44eb77f48979b4758a2e0df2c6ec2b3d85501c3be50ae95e03f86
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d054a00bc94f58764388649a639fc636d2805f17f02217ff7f66c7b79168f82b
d12a174ff5db3a4b4c9712caa50b90e4e4d42251289d0e1b70d64755df51b3ba
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d87bd6bdc8b0cc14308c915f9b651e5abefb6642a2b24f113f006b6bcae68ba5
d9b95ec61662ba13c4ee5811a6c48b984dba99ec073c6eba8e3f5da07deefba7
daf8907d504c5ec2d578c4c2d0155954849a8d3696d095376d23a0849ef30572
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df92bb96d3bcc21da645a2f8513394fdf1837630d5a3e20d412f14b566416ff5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e727111906516cea6e1767070766370381ddc55f1f40bc2b7c34142d8dc27e51
e9a1b90797796f27197c6dfee01449dc408274f6052efb53a4db05e35384a391
eee65240e5b01d64edeeb72365a5500c42262d114beafa9be8194d35fc5a02f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ed7bdab0d0e923f3d726da01d8fcbf0157308ee3dd8f9079502ae555979555
f4d4a5972b9b2656811a09cb64e612ba7a867403725839241d9184248e2f83fc
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f79108de1655f93d1253f4c52fd219efe7ea8b23cb9cf9dad32b45b11790c80e
fa97994da9e0c73bbdf0af5c650b8d8e3073799fdb18e02a18d481e859374e06
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff9fad2df99db8294c09e3ed5a2bd079c8d7d1eb5ff2883179c9e9c8486c3814

www.hrblock.com.au Open in urlscan Pro 13.210.165.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

97 Requests

97 %HTTPS

50 %IPv6

21 Domains

34 Subdomains

30 IPs

5 Countries

976 kBTransfer

2773 kBSize

37 Cookies

7 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hrblock.com.au Open in urlscan Pro
13.210.165.235 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

97 %
HTTPS

50 %
IPv6

21
Domains

34
Subdomains

30
IPs

5
Countries

976 kB
Transfer

2773 kB
Size

37
Cookies

97 HTTP transactions
5 data transactions