service-cas-azure-qa-01.hrblock-npr.ca Open in urlscan Pro
20.99.191.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tpsc-secure.hrblock-npr.ca/
Effective URL:
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2Fcallba...
Submission: On December 08 via automatic, source certstream-suspicious (December 8th 2022, 2:01:30 am UTC) — Scanned from CA

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 12 domains to perform 74 HTTP transactions. The main IP is 20.99.191.121, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is service-cas-azure-qa-01.hrblock-npr.ca.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 14th 2022. Valid for: a year.

This is the only time service-cas-azure-qa-01.hrblock-npr.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	40.112.243.107 40.112.243.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	99.84.119.47 99.84.119.47	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	18.164.116.82 18.164.116.82	16509 (AMAZON-02) (AMAZON-02)
1 28	20.99.191.121 20.99.191.121	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
3	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
7	52.70.69.4 52.70.69.4	14618 (AMAZON-AES) (AMAZON-AES)
74	12

12 40.112.243.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tpsc-secure.hrblock-npr.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

maxcdn.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.119.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-119-47.ewr52.r.cloudfront.net

cdn.trialfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:824::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.116.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-82.jfk50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 20.99.191.121 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

service-cas-azure-qa-01.hrblock-npr.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.2 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.70.69.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-69-4.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	hrblock-npr.ca 1 redirects tpsc-secure.hrblock-npr.ca service-cas-azure-qa-01.hrblock-npr.ca	4 MB
9	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3631 heapanalytics.com — Cisco Umbrella Rank: 3047	97 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	320 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	3 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 1989	2 KB
3	gstatic.com fonts.gstatic.com	38 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 402	14 KB
1	trialfire.com cdn.trialfire.com — Cisco Umbrella Rank: 250976	7 KB
1	icons8.com maxcdn.icons8.com — Cisco Umbrella Rank: 96807	6 KB
0	google.ca Failed www.google.ca Failed
0	doubleclick.net Failed stats.g.doubleclick.net Failed
0	google.com Failed analytics.google.com Failed
74	12

	Domain	Requested by
28	service-cas-azure-qa-01.hrblock-npr.ca	1 redirects tpsc-secure.hrblock-npr.ca service-cas-azure-qa-01.hrblock-npr.ca
12	tpsc-secure.hrblock-npr.ca	tpsc-secure.hrblock-npr.ca
7	heapanalytics.com	service-cas-azure-qa-01.hrblock-npr.ca
5	www.googletagmanager.com	tpsc-secure.hrblock-npr.ca www.googletagmanager.com service-cas-azure-qa-01.hrblock-npr.ca
4	fonts.googleapis.com	tpsc-secure.hrblock-npr.ca service-cas-azure-qa-01.hrblock-npr.ca
3	bam-cell.nr-data.net	tpsc-secure.hrblock-npr.ca js-agent.newrelic.com
3	fonts.gstatic.com	fonts.googleapis.com
2	cdn.heapanalytics.com	tpsc-secure.hrblock-npr.ca service-cas-azure-qa-01.hrblock-npr.ca
1	js-agent.newrelic.com	tpsc-secure.hrblock-npr.ca
1	cdn.trialfire.com	tpsc-secure.hrblock-npr.ca
1	maxcdn.icons8.com	tpsc-secure.hrblock-npr.ca
0	www.google.ca Failed
0	stats.g.doubleclick.net Failed	www.googletagmanager.com
0	analytics.google.com Failed	www.googletagmanager.com
74	14

This site contains no links.

Subject Issuer	Validity	Valid
tpsc-secure.hrblock-npr.ca GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-12-08` - `2023-06-08`	6 months	crt.sh
1220595937.rsc.cdn77.org R3	`2022-11-01` - `2023-01-30`	3 months	crt.sh
*.trialfire.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-30` - `2023-01-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2022-07-29` - `2023-08-27`	a year	crt.sh
*.hrblock-npr.ca Go Daddy Secure Certificate Authority - G2	`2022-03-14` - `2023-04-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
Frame ID: 725BFD25D18EDE07B425D643BA142BC0
Requests: 73 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T
Frame ID: 5BC2FC84EB0686BF5A37E8854DEC60DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Application Not Authorized to Use CAS - H&R Block Canada

Page URL History Show full URLs

https://tpsc-secure.hrblock-npr.ca/ Page URL
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=TPSCloud21OIDC&s... HTTP 302
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

89 %
HTTPS

36 %
IPv6

12
Domains

14
Subdomains

12
IPs

1
Countries

4502 kB
Transfer

10238 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tpsc-secure.hrblock-npr.ca/ Page URL
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=TPSCloud21OIDC&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://tpsc-secure.hrblock-npr.ca/callback&state=P8BTaDQAnDebfxo4fREOSG1J5iJcOjYt&nonce=E7IPFR4ZkPCueqrN&googleDeviceId=undefined&locale=en HTTP 302
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
tpsc-secure.hrblock-npr.ca/ 2 KB
3 KB 407ms
89ms Document
text/html 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0 ASP.NET

Resource Hash

a21c261999e1ebaa033413f602dd5fab049898280967aa3337c5beaacd1efa08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Expose-Headers: Request-Context
Content-Length: 1865
Content-Type: text/html
Date: Thu, 08 Dec 2022 02:01:22 GMT
ETag: "63909a8e-749"
Last-Modified: Wed, 07 Dec 2022 13:52:14 GMT
Request-Context: appId=cid-v1:31a44ba0-206c-4cc0-ac9d-69a8f3076f6c
Server: nginx/1.23.2
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Powered-By: ARR/3.0 ASP.NET

GET
H2 200 line-awesome.min.css
maxcdn.icons8.com/fonts/line-awesome/1.1/css/ 27 KB
6 KB 159ms
43ms Stylesheet
text/css 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.icons8.com/fonts/line-awesome/1.1/css/line-awesome.min.css
Requested by: Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1e8638f605575bd335d49efa95e165adf7ef06dda8e367661ac2517a0a3a96b4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Thu, 08 Dec 2022 02:01:23 GMT
content-encoding: br
x-amz-request-id: NFYN0XWVN3JRMPDB
x-cache: HIT
x-77-cache: HIT
x-age: 499314
x-amz-id-2: P+O2/eZb3OKe4cjWPYajAD1674HZiqxirJvxtYe2Wnbp86TAh5hEn0AxBk/BjbJRoNCnxursERU=
x-77-nzt: AZySJBZ+Mlf/cp4HAA
x-accel-expires: @1671002369
last-modified: Mon, 06 Jun 2022 09:58:54 GMT
server: CDN77-Turbo
etag: W/"4334c8c70998d81bde3e6765828811a6"
x-77-nzt-ray: 1e192d089e8d6bd0734591631d9c330a
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1654507817.389231056

GET
H/1.1 200
OK tf.js Show response
cdn.trialfire.com/ 18 KB
7 KB 74ms
18ms Script
application/javascript 99.84.119.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trialfire.com/tf.js
Requested by: Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.119.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-119-47.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73eae2fe2e70eebfc13490695cd05e2ee2ac1ea6fff8436af83e8601688776c7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 01:36:04 GMT
Content-Encoding: gzip
Via: 1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C3
Age: 1520
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6662
Last-Modified: Tue, 26 Jul 2022 13:59:53 GMT
Server: AmazonS3
ETag: "ee2572159e85224b075d28bf59100936"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0, must-revalidate
Accept-Ranges: bytes
X-Amz-Cf-Id: u2uBdhsm9_FLygpZ8bJ49NhyYGagMHIMJKsOpoKta_aZxRQ3Zky6Sw==

GET
H/1.1 200
OK main.f162ac90.js Show response
tpsc-secure.hrblock-npr.ca/static/js/ 5 MB
2 MB 390ms
230ms Script
application/javascript 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

824708157efff49bbfb0a5619f06da71cb589230aabac7908356023ebf327616

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:15 GMT
Server: nginx/1.23.2
ETag: W/"63909a8f-56a20a"
X-Powered-By: ARR/3.0, ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK main.a0d50988.css
tpsc-secure.hrblock-npr.ca/static/css/ 347 KB
63 KB 188ms
188ms Stylesheet
text/css 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/css/main.a0d50988.css

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

0cddcd872c44781f5c5ffd241c5f0620f79dbb21b1fe77f2873c60381f23a342

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:14 GMT
Server: nginx/1.23.2
ETag: W/"63909a8e-56a15"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: text/css
Content-Length: 63696

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
90 KB 85ms
36ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73edf00aca7375401af4f977c965c2ea0db9aa87ed20e63184354eb58a070156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91592
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Dec 2022 02:01:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 36ms
35ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-11EHC5VVL0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fb652255d18ba5294142c1518b0e70cf2ac03a77451ae60f8c2c3a9230aa061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 02:01:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 87ms
37ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700,900

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/css/main.a0d50988.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8c7f41f7aa9c05f36d61063db1141064b5a30e7477cf6406292a5ef350d39da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 02:01:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Dec 2022 02:01:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 628 B
393 B 95ms
46ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Galada:400,500,600,700,900

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/css/main.a0d50988.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87c347b7793de09cc35519623a86def2805ab4222d6f67404b1cafc0ca55f508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 02:01:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Dec 2022 02:01:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
760 B 120ms
71ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/css/main.a0d50988.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e797bdbf429b03424ff15268860d6c3fd1d80eac6e7d6ca5d4eba691a270a1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 02:01:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Dec 2022 02:01:23 GMT

GET
H/1.1 200
OK configuration
tpsc-secure.hrblock-npr.ca/shared/api/ 326 B
654 B 123ms
123ms XHR
application/json 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/shared/api/configuration

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://tpsc-secure.hrblock-npr.ca/
tracestate: 535437@nr=0-1-535437-560279533-96f6a11112464735----1670464884452
traceparent: 00-6dc124940b15672accb35cb1c9c48bb0-96f6a11112464735-01
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjUzNTQzNyIsImFwIjoiNTYwMjc5NTMzIiwiaWQiOiI5NmY2YTExMTEyNDY0NzM1IiwidHIiOiI2ZGMxMjQ5NDBiMTU2NzJhY2NiMzVjYjFjOWM0OGJiMCIsInRpIjoxNjcwNDY0ODg0NDUyfX0=

Response headers

Date: Thu, 08 Dec 2022 02:01:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Server: nginx/1.23.2
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Content-Length: 249
Request-Context: appId=cid-v1:31a44ba0-206c-4cc0-ac9d-69a8f3076f6c

GET
H2 200 nr-spa-1184.min.js
js-agent.newrelic.com/ 37 KB
14 KB 79ms
27ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by: Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Dec 2022 02:01:24 GMT
x-amz-request-id: TQHY83MVPF5VJBKM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14379
x-amz-id-2: 5PU3iTUBT0mWBoIk7FOte6gU7jZIvmpCFyLHNiNfj99MUu4VnqJVHnDZhzKbvB1I1u+FScb9Gz0=
x-served-by: cache-yyz4543-YYZ
last-modified: Mon, 28 Sep 2020 16:34:47 GMT
server: AmazonS3
x-timer: S1670464885.593354,VS0,VE0
etag: "6b93dbf34696df852c6d69d1652851de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 245

GET
H2 200 heap-3843911494.js
cdn.heapanalytics.com/js/ 114 KB
45 KB 337ms
263ms Script
application/javascript 18.164.116.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3843911494.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-82.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:24 GMT
content-encoding: gzip
via: 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: JFK50-P6
etag: W/"1c9ef-M1n/E79/3amUyru7gD9MZw"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RM8bgpIE8XS-H-PMZ4IE2OKgTR9XSFCiJ5v3_PQFwO_jHWvF0MGBLw==

GET
H/1.1 200
OK hrb-logo.09e70b9a986bfc2a7f7be655b2d38be8.svg
tpsc-secure.hrblock-npr.ca/static/media/ 4 KB
4 KB 118ms
118ms Image
image/svg+xml 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpsc-secure.hrblock-npr.ca/static/media/hrb-logo.09e70b9a986bfc2a7f7be655b2d38be8.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/2022/returns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:14 GMT
Server: nginx/1.23.2
ETag: "63909a8e-1044"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4164

GET
H/1.1 200
OK 33662.34a6e43c.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 458 KB
49 KB 321ms
318ms Script
application/javascript 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/js/33662.34a6e43c.chunk.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/2022/returns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:15 GMT
Server: nginx/1.23.2
ETag: W/"63909a8f-72967"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: application/javascript
Content-Length: 50152

GET
H/1.1 200
OK 82165.9453896e.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 168 KB
47 KB 228ms
118ms Script
application/javascript 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/js/82165.9453896e.chunk.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/2022/returns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:15 GMT
Server: nginx/1.23.2
ETag: W/"63909a8f-2a15a"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: application/javascript
Content-Length: 47953

GET
H/1.1 200
OK 84819.676152f6.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 85 KB
20 KB 266ms
116ms Script
application/javascript 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/js/84819.676152f6.chunk.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/2022/returns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:15 GMT
Server: nginx/1.23.2
ETag: W/"63909a8f-154c5"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: application/javascript
Content-Length: 20227

GET
H/1.1 200
OK 12236.8dcfae00.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 25 KB
8 KB 367ms
204ms Script
application/javascript 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/js/12236.8dcfae00.chunk.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/2022/returns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:15 GMT
Server: nginx/1.23.2
ETag: W/"63909a8f-65af"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: application/javascript
Content-Length: 7783

GET
H2

200

Primary Request login Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/
Redirect Chain

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=TPSCloud21OIDC&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://tpsc-secure.h...
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_ur...

7 KB
7 KB

120ms
120ms

Document
text/html

20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

abef567d6ca03185e9a859c9827476b6f65e81f7a52d5cfd797474d02f6827aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tpsc-secure.hrblock-npr.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en
content-type: text/html;charset=UTF-8
date: Thu, 08 Dec 2022 02:01:25 GMT
expires: 0
pragma: no-cache
server: Apereo CAS
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Thu, 08 Dec 2022 02:01:25 GMT
expires: 0
location: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
pragma: no-cache
server: Apereo CAS
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 70ms
20ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpsc-secure.hrblock-npr.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:29:25 GMT
x-content-type-options: nosniff
age: 5519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 00:29:25 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 73ms
24ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpsc-secure.hrblock-npr.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:08:08 GMT
x-content-type-options: nosniff
age: 111196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 19:08:08 GMT

GET
H/1.1 200
OK 19b1e383d5
bam-cell.nr-data.net/1/ 49 B
947 B 142ms
98ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2008&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns&be=1681&fe=1899&dc=1827&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670464882626,%22n%22:0,%22f%22:0,%22dn%22:4,%22dne%22:159,%22c%22:159,%22s%22:236,%22ce%22:320,%22rq%22:320,%22rp%22:409,%22rpe%22:410,%22dl%22:415,%22di%22:584,%22ds%22:1827,%22de%22:1827,%22dc%22:1898,%22l%22:1899,%22le%22:1901%7D,%22navigation%22:%7B%7D%7D&fp=1832&fcp=1832&jsonp=NREUM.setToken
Requested by: Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU4%2FsZddqbQwn%2BsCnyMZtcTVVMRPt%2Fmyfkelgau%2BJmjg0f6APvBXg1pITaoFYKUqgqApFYUUCZb4qRsOtsiwT%2Fax7fEfgzvriWbMYJnr0yGjUU0km5uELrrWXv8M7f5zEYOlwY%2Bo"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7761e9b94a745485-YYZ

POST
H/1.1 200
OK 19b1e383d5
bam-cell.nr-data.net/resources/1/ 36 B
761 B 103ms
103ms XHR
text/plain 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/resources/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2154&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns&st=1670464882626
Requested by: Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://tpsc-secure.hrblock-npr.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://tpsc-secure.hrblock-npr.ca
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6%2Ftwf4Xifkvp6AgEw5n%2FJnKuAW912dc5TLzqsibsmvosOR7xiNVqQk1IiyslRzlpDitw7ER9kkaPMIREORPRGVhy6N1EL1TVyF9RQjTn14wlw%2FvpPSGJ9Ddu%2Bs3%2B442RooZZLDD"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7761e9b9fb665485-YYZ
Content-Length: 36

POST
H/1.1 200
OK 19b1e383d5
bam-cell.nr-data.net/events/1/ 24 B
744 B 149ms
112ms XHR
image/gif 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2160&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns
Requested by: Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://tpsc-secure.hrblock-npr.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://tpsc-secure.hrblock-npr.ca
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHNC9h8OeoWMhKO47d0TDueGQ8bPnqFCNFwPMWjpwlGQ5YfDKxeMGAn8UJupQmsfwYrCd8AA%2B4hhm4D5Fe1q25JWCsQc2W8a2%2FqjXF4w7ahxhapZHdm8j%2FLISSawHStHyAAFT4Pq"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7761e9ba38caa1f3-YYZ
Content-Length: 24

GET
H/1.1 200
OK 62312.22e6a6e8.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 73 KB
9 KB 114ms
113ms Script
application/javascript 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/js/62312.22e6a6e8.chunk.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/2022/returns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:15 GMT
Server: nginx/1.23.2
ETag: W/"63909a8f-12412"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: application/javascript
Content-Length: 8404

GET
H/1.1 200
OK 74749.1dfcc827.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 108 KB
19 KB 121ms
119ms Script
application/javascript 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/js/74749.1dfcc827.chunk.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/2022/returns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:15 GMT
Server: nginx/1.23.2
ETag: W/"63909a8f-1af2b"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: application/javascript
Content-Length: 19491

GET
H/1.1 200
OK 73304.73527c84.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 2 KB
826 B 108ms
106ms Script
application/javascript 40.112.243.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tpsc-secure.hrblock-npr.ca/static/js/73304.73527c84.chunk.js

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/main.f162ac90.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.112.243.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.23.2 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/2022/returns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 02:01:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Last-Modified: Wed, 07 Dec 2022 13:52:15 GMT
Server: nginx/1.23.2
ETag: W/"63909a8f-667"
X-Powered-By: ARR/3.0, ASP.NET
Content-Type: application/javascript
Content-Length: 476

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 81ms
24ms Image
image/gif 52.70.69.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3843911494&u=7418696045184002&v=3801531341015608&s=4268244619833217&b=web&tv=4.0&z=0&h=%2F2022%2Freturns&d=tpsc-secure.hrblock-npr.ca&t=TPS%20Cloud&ts=1670464884981&st=1670464884985

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.69.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-69-4.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpsc-secure.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET 70554.7ed52e6c.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 0
0

GET 14781.5db2d101.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ 0
0

POST collect
analytics.google.com/g/ 0
0

POST collect
stats.g.doubleclick.net/g/ 0
0

GET ga-audiences
www.google.ca/ads/ 0
0

POST 19b1e383d5
bam-cell.nr-data.net/events/1/ 0
0

POST 19b1e383d5
bam-cell.nr-data.net/jserrors/1/ 0
0

POST 19b1e383d5
bam-cell.nr-data.net/resources/1/ 0
0

GET
H2 200 normalize.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/normalize.css/8.0.1/ 6 KB
6 KB 104ms
98ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/normalize.css/8.0.1/normalize.css

Requested by

Host: service-cas-azure-qa-01.hrblock-npr.ca
URL: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 6138
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap-grid.min.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/bootstrap/4.5.0/css/ 50 KB
50 KB 279ms
272ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/bootstrap/4.5.0/css/bootstrap-grid.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

e216f49acdbe944b8034d0323ac03cb1562adb6d3cbc767bebe81ea56e1da603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 50995
x-xss-protection: 1; mode=block

GET
H2 200 material-components-web.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/material-components-web/4.0.0/dist/ 318 KB
318 KB 278ms
271ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/material-components-web/4.0.0/dist/material-components-web.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1ff8d34ed8c7d30550864936a761d7ce500712956d63becbe7484401d188cad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 325274
x-xss-protection: 1; mode=block

GET
H2 200 materialdesignicons.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/mdi__font/5.0.45/css/ 274 KB
275 KB 279ms
272ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/mdi__font/5.0.45/css/materialdesignicons.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

2670ab6235d643c1b8c31504677a38226fcc526e89222081efe80b723a3a83b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 280565
x-xss-protection: 1; mode=block

GET
H2 200 cas.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 241 KB
241 KB 110ms
103ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/cas.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

d0600eaff93b83bb20b36bb35f5c36e6caf21e830e04a2f07ce18b5007292ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 246336
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ 2 KB
607 B 83ms
36ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bef4c90e603ae3791ce5ac8590ffc47c551dc6c95001087df6f01a61036d6c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 02:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 00:55:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Dec 2022 02:01:25 GMT

GET
H2 200 hrb-card-widget.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 1 KB
1 KB 279ms
272ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/hrb-card-widget.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

5ad27a6010b18e293c065996299fabae7a01c588556e4284c8a6cc72ca03f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 1044
x-xss-protection: 1; mode=block

GET
H2 200 hrb-cas.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 552 B
847 B 110ms
104ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/hrb-cas.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

72f095d70b0d69330ac73c3cb4108e9f3afa9bb6828a928d550b1812dbc88ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 552
x-xss-protection: 1; mode=block

GET
H2 200 hrb-checkbox.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 923 B
1 KB 279ms
273ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/hrb-checkbox.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

70ace91f3a0f1c8388daed852a861462cdf17215deb8c2218bf5ffc5111b970e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 923
x-xss-protection: 1; mode=block

GET
H2 200 hrb-errors.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 1 KB
1 KB 111ms
104ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/hrb-errors.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

7fe7903ce2632538c46cc0b5fdcadbbb8c2ee7434930e5cd851593c5624dd88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 1074
x-xss-protection: 1; mode=block

GET
H2 200 hrb-field.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 108 B
403 B 279ms
273ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/hrb-field.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

ab9fdb993022e9fa0c2e50488d716186aecc5526ee20bbe3f24d0adbd77a1996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 hrb-login.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 848 B
1 KB 291ms
285ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/hrb-login.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

0891b6a62b86c8469ee74b3ac442cf739db0e341d9ed1d992bc1b2f1fc37b90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 848
x-xss-protection: 1; mode=block

GET
H2 200 hrb-navbar.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 922 B
1 KB 292ms
286ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/hrb-navbar.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

2e49f51414ed48f0fb31a2439f80f525b8d9b97ef4e83d204014fb8bd8aba5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 922
x-xss-protection: 1; mode=block

GET
H2 200 hrb-2fa.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ 326 B
621 B 287ms
282ms Stylesheet
text/css 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/css/hrb-2fa.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

94e930950d5878f513802a3a816e57048fff5bedb5143c7cb5fedabc0e5c8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css;charset=UTF-8
accept-ranges: bytes
content-length: 326
x-xss-protection: 1; mode=block

GET
H2 200 es5-shim.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/es5-shim/4.5.9/ 83 KB
83 KB 292ms
287ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/es5-shim/4.5.9/es5-shim.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

baa149cfca28ea70ccc424d5e526768f8177d7c2153ad2b6c0dd76693b66794a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 84557
x-xss-protection: 1; mode=block

GET
H2 200 css-vars-ponyfill.min.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/css-vars-ponyfill/2.3.1/dist/ 22 KB
22 KB 288ms
283ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/css-vars-ponyfill/2.3.1/dist/css-vars-ponyfill.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 22494
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/jquery/3.5.1/ 87 KB
88 KB 292ms
287ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 89476
x-xss-protection: 1; mode=block

GET
H2 200 material-components-web.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/material-components-web/4.0.0/dist/ 929 KB
930 KB 288ms
284ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/material-components-web/4.0.0/dist/material-components-web.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

eb2d589aec5c4ca7d4589d2a4ff620648dced60870bfedbe15d104fa2abe15c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 951419
x-xss-protection: 1; mode=block

GET
H2 200 cas.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ 3 KB
3 KB 292ms
287ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/cas.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

58b863a4c10da17158c40c29f542890d3b51542fd3d9172a74ef75c53a030258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 2981
x-xss-protection: 1; mode=block

GET
H2 200 language-switcher.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ 862 B
1 KB 285ms
280ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/language-switcher.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

e14bda4aa379c1a777ca28e1038247e8650ebea9f5a3a58e85a566722cc53079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 862
x-xss-protection: 1; mode=block

GET
H2 200 hrb-login.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ 3 KB
3 KB 286ms
282ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/hrb-login.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

41e698bcd9356a6881170dcbd9f8b3e4adcdc0989c6ddc359630473fc1ea4b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 3202
x-xss-protection: 1; mode=block

GET
H2 200 hrb-gtm.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ 1 KB
1 KB 285ms
281ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/hrb-gtm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1ebb5f23935ba97d6452d8dd3a5b1c0de72fa09c76ea1be7a6b106f189844d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 1178
x-xss-protection: 1; mode=block

GET
H2 200 js.cookie.min.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ 2 KB
2 KB 289ms
286ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/js.cookie.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 1685
x-xss-protection: 1; mode=block

GET
H2 200 heap.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ 621 B
926 B 288ms
284ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/heap.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

bc5aa56daca3e7d743828c64d97907d99fd6640053b5c0c6f408e3d0f46bca03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 621
x-xss-protection: 1; mode=block

GET
H2 200 heap-init.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ 149 B
454 B 291ms
288ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/heap-init.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

5fc21462803f9d1a092c18bd1033a79bf7c103a1b2b1523fa751555fa8ac7dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 149
x-xss-protection: 1; mode=block

GET
H2 200 heap-service.js Show response
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ 2 KB
2 KB 286ms
283ms Script
application/javascript 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/heap-service.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

ad68b6241297a314650de9e3173f2f370752f87e0b18daac25ca359f8f907f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
accept-ranges: bytes
content-length: 2232
x-xss-protection: 1; mode=block

GET
H2 200 hrb_logo.svg
service-cas-azure-qa-01.hrblock-npr.ca/cas/images/ 3 KB
3 KB 273ms
272ms Image
image/svg+xml 20.99.191.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service-cas-azure-qa-01.hrblock-npr.ca/cas/images/hrb_logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.99.191.121 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

627957be995ccc2a2e395ad49e98c006ffacd19fc1f53c25efd6046a0d895451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 02:01:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 15:37:06 GMT
server: Apereo CAS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/svg+xml;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 2870
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 78ms
36ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service-cas-azure-qa-01.hrblock-npr.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:08:08 GMT
x-content-type-options: nosniff
age: 111198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 19:08:08 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
89 KB 70ms
70ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Requested by

Host: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ce7a1da9f355d07caed15657c34a177b2408a6e5f1ce20e918f957a30cb88fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91590
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Dec 2022 02:01:26 GMT

GET
H3 200 ns.html Show response
www.googletagmanager.com/ Frame 5BC2 266 B
114 B 39ms
38ms Document
text/html 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T

Requested by

Host: service-cas-azure-qa-01.hrblock-npr.ca
URL: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/hrb-gtm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 02:01:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H3 200 heap-4211856143.js Show response
cdn.heapanalytics.com/js/ 138 KB
50 KB 64ms
40ms Script
application/javascript 18.164.116.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-4211856143.js

Requested by

Host: service-cas-azure-qa-01.hrblock-npr.ca
URL: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/js/heap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.164.116.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-82.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

325dff801d9eb685833be1f12acda79073f152a9ccb1d00079e797f70bd0518e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront)
server: nginx
age: 3
x-amz-cf-pop: JFK50-P6
etag: W/"22675-k3HQIXOhb90KVsrHLLZ3ng"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8e92lh9lVRbIFfijO2ngxJl3zC8xmu52RBrD8rXXzzYnntdXisIVWQ==

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 26ms
25ms Image
image/gif 52.70.69.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=4211856143&te=type&te=data&te=cm&te=IDv4%20called%20-%20App%20is%20whitelisted.%20Using%20IDv4&st=1670464886078&hv=4.19.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.69.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-69-4.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 02:01:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
258 B 28ms
26ms Image
image/gif 52.70.69.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=4211856143&u=4374861509818361&v=4122966943285831&s=4646416124769715&b=web&tv=4.0&_googleDeviceId=undefined&st=1670464886079

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.69.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-69-4.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 02:01:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
258 B 29ms
28ms Image
image/gif 52.70.69.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=4211856143&u=4374861509818361&v=4122966943285831&s=4646416124769715&b=web&tv=4.0&_Cross%20Domain%20Identifier=undefined&st=1670464886079

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.69.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-69-4.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 02:01:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 28ms
27ms Image
image/gif 52.70.69.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4211856143&u=4374861509818361&v=4122966943285831&s=4646416124769715&b=web&tv=4.0&z=0&h=%2Fcas%2Flogin&q=%3Fservice%3Dhttps%253A%252F%252Fservice-cas-azure-qa-01.hrblock-npr.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DTPSCloud21OIDC%2526redirect_uri%253Dhttps%25253A%25252F%25252Ftpsc-secure.hrblock-npr.ca%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253Dundefined%2526client_name%253DCasOAuthClient&d=service-cas-azure-qa-01.hrblock-npr.ca&t=Application%20Not%20Authorized%20to%20Use%20CAS%20-%20H%26R%20Block%20Canada&r=https%3A%2F%2Ftpsc-secure.hrblock-npr.ca%2F&ts=1670464886075&st=1670464886080

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.69.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-69-4.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 02:01:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 36ms
35ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-11EHC5VVL0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fb652255d18ba5294142c1518b0e70cf2ac03a77451ae60f8c2c3a9230aa061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:01:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 02:01:26 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 27ms
26ms Image
image/gif 52.70.69.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4211856143&u=4374861509818361&v=4122966943285831&s=4646416124769715&b=web&tv=4.0&sp=r&sp=https%3A%2F%2Ftpsc-secure.hrblock-npr.ca%2F&sp=ts&sp=1670464886075&sp=d&sp=service-cas-azure-qa-01.hrblock-npr.ca&sp=h&sp=%2Fcas%2Flogin&sp=q&sp=%3Fservice%3Dhttps%253A%252F%252Fservice-cas-azure-qa-01.hrblock-npr.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DTPSCloud21OIDC%2526redirect_uri%253Dhttps%25253A%25252F%25252Ftpsc-secure.hrblock-npr.ca%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253Dundefined%2526client_name%253DCasOAuthClient&pp=d&pp=service-cas-azure-qa-01.hrblock-npr.ca&pp=q&pp=%3Fservice%3Dhttps%253A%252F%252Fservice-cas-azure-qa-01.hrblock-npr.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DTPSCloud21OIDC%2526redirect_uri%253Dhttps%25253A%25252F%25252Ftpsc-secure.hrblock-npr.ca%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253Dundefined%2526client_name%253DCasOAuthClient&pp=h&pp=%2Fcas%2Flogin&pp=t&pp=Application%20Not%20Authorized%20to%20Use%20CAS%20-%20H%26R%20Block%20Canada&pp=ts&pp=1670464886075&id0=6115688904425074&k0=Load%20Time&k0=1572&t0=Page%20Load&ts0=1670464886275&st=1670464886276

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.69.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-69-4.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 02:01:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 24ms
24ms Image
image/gif 52.70.69.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=4211856143&te=type&te=data&te=cm&te=Obviously%20wrong%20identify%20call%20made&st=1670464886079&hv=4.19.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.69.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-69-4.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://service-cas-azure-qa-01.hrblock-npr.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 02:01:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/70554.7ed52e6c.chunk.js

Domain: tpsc-secure.hrblock-npr.ca
URL: https://tpsc-secure.hrblock-npr.ca/static/js/14781.5db2d101.chunk.js

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-11EHC5VVL0&gtm=2oebu0&_p=882639342&_gaz=1&cid=782759611.1670464885&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670464885&sct=1&seg=0&dl=https%3A%2F%2Ftpsc-secure.hrblock-npr.ca%2F2022%2Freturns&dt=TPS%20Cloud&en=user_engagement&_fv=1&_nsi=1&_ss=1

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-11EHC5VVL0&cid=782759611.1670464885&gtm=2oebu0&aip=1

Domain: www.google.ca
URL: https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-11EHC5VVL0&cid=782759611.1670464885&gtm=2oebu0&aip=1&z=49896241

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/events/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2585&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/jserrors/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2586&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns&xhr=%5B%7B%22params%22:%7B%22method%22:%22GET%22,%22host%22:%22tpsc-secure.hrblock-npr.ca:443%22,%22pathname%22:%22/shared/api/configuration%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22rxSize%22:%7B%22t%22:326%7D,%22duration%22:%7B%22t%22:126%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:1826%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam-cell.nr-data.net:443%22,%22pathname%22:%22/resources/1/19b1e383d5%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:2541%7D,%22rxSize%22:%7B%22t%22:36%7D,%22duration%22:%7B%22t%22:105%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:2155%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam-cell.nr-data.net:443%22,%22pathname%22:%22/events/1/19b1e383d5%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:371%7D,%22rxSize%22:%7B%22t%22:24%7D,%22duration%22:%7B%22t%22:171%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:2160%7D%7D%7D%5D

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/resources/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2587&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns&st=1670464882626&ptid=87089e45-0001-b8fc-3924-0184ef77506e

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
service-cas-azure-qa-01.hrblock-npr.ca/cas/	1969-12-31 23:59:59	Name: SESSION Value: MDY5ZWRlN2MtMmY0OS00NmNjLWFkNzktMzMwODI5MjZmNGQx
.tpsc-secure.hrblock-npr.ca/	1969-12-31 23:59:59	Name: ARRAffinity Value: 3eb1d66d3cee60ab49936e4337db5ec3b3790bf319fd366c8e7bdf2c2c3ac089
.tpsc-secure.hrblock-npr.ca/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 3eb1d66d3cee60ab49936e4337db5ec3b3790bf319fd366c8e7bdf2c2c3ac089
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: e9a5132ec2b9afeb
.hrblock-npr.ca/	1970-01-20 17:29:02	Name: _hp2_id.3843911494 Value: %7B%22userId%22%3A%227418696045184002%22%2C%22pageviewId%22%3A%223801531341015608%22%2C%22sessionId%22%3A%224268244619833217%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.hrblock-npr.ca/	1970-01-20 08:01:06	Name: _hp2_ses_props.3843911494 Value: %7B%22ts%22%3A1670464884981%2C%22d%22%3A%22tpsc-secure.hrblock-npr.ca%22%2C%22h%22%3A%22%2F2022%2Freturns%22%7D
service-cas-azure-qa-01.hrblock-npr.ca/	1969-12-31 23:59:59	Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: en
.service-cas-azure-qa-01.hrblock-npr.ca/	1969-12-31 23:59:59	Name: pac4jCsrfToken Value: 4f3df80c-973a-4bd9-b94d-15b8ea2f3d02
.hrblock-npr.ca/	1970-01-20 17:37:04	Name: _ga_11EHC5VVL0 Value: GS1.1.1670464885.1.0.1670464885.60.0.0
.hrblock-npr.ca/	1970-01-20 17:37:04	Name: _ga Value: GA1.1.782759611.1670464885
.hrblock-npr.ca/	1970-01-20 17:29:02	Name: _hp2_id.4211856143 Value: %7B%22userId%22%3A%224374861509818361%22%2C%22pageviewId%22%3A%224122966943285831%22%2C%22sessionId%22%3A%224646416124769715%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.hrblock-npr.ca/	1970-01-20 08:01:06	Name: _hp2_ses_props.4211856143 Value: %7B%22r%22%3A%22https%3A%2F%2Ftpsc-secure.hrblock-npr.ca%2F%22%2C%22ts%22%3A1670464886075%2C%22d%22%3A%22service-cas-azure-qa-01.hrblock-npr.ca%22%2C%22h%22%3A%22%2Fcas%2Flogin%22%2C%22q%22%3A%22%3Fservice%3Dhttps%253A%252F%252Fservice-cas-azure-qa-01.hrblock-npr.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DTPSCloud21OIDC%2526redirect_uri%253Dhttps%25253A%25252F%25252Ftpsc-secure.hrblock-npr.ca%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253Dundefined%2526client_name%253DCasOAuthClient%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bam-cell.nr-data.net
cdn.heapanalytics.com
cdn.trialfire.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
js-agent.newrelic.com
maxcdn.icons8.com
service-cas-azure-qa-01.hrblock-npr.ca
stats.g.doubleclick.net
tpsc-secure.hrblock-npr.ca
www.google.ca
www.googletagmanager.com
analytics.google.com
bam-cell.nr-data.net
stats.g.doubleclick.net
tpsc-secure.hrblock-npr.ca
www.google.ca
151.101.194.137
162.247.241.2
18.164.116.82
20.99.191.121
2607:f8b0:4006:822::2003
2607:f8b0:4006:824::2008
2607:f8b0:4006:824::200a
2a02:6ea0:c400::11
40.112.243.107
52.70.69.4
99.84.119.47
0891b6a62b86c8469ee74b3ac442cf739db0e341d9ed1d992bc1b2f1fc37b90e
0cddcd872c44781f5c5ffd241c5f0620f79dbb21b1fe77f2873c60381f23a342
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
1e8638f605575bd335d49efa95e165adf7ef06dda8e367661ac2517a0a3a96b4
1ebb5f23935ba97d6452d8dd3a5b1c0de72fa09c76ea1be7a6b106f189844d0b
1ff8d34ed8c7d30550864936a761d7ce500712956d63becbe7484401d188cad4
2670ab6235d643c1b8c31504677a38226fcc526e89222081efe80b723a3a83b3
2e49f51414ed48f0fb31a2439f80f525b8d9b97ef4e83d204014fb8bd8aba5eb
325dff801d9eb685833be1f12acda79073f152a9ccb1d00079e797f70bd0518e
41e698bcd9356a6881170dcbd9f8b3e4adcdc0989c6ddc359630473fc1ea4b4e
4ce7a1da9f355d07caed15657c34a177b2408a6e5f1ce20e918f957a30cb88fe
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
58b863a4c10da17158c40c29f542890d3b51542fd3d9172a74ef75c53a030258
5ad27a6010b18e293c065996299fabae7a01c588556e4284c8a6cc72ca03f767
5fb652255d18ba5294142c1518b0e70cf2ac03a77451ae60f8c2c3a9230aa061
5fc21462803f9d1a092c18bd1033a79bf7c103a1b2b1523fa751555fa8ac7dfc
627957be995ccc2a2e395ad49e98c006ffacd19fc1f53c25efd6046a0d895451
70ace91f3a0f1c8388daed852a861462cdf17215deb8c2218bf5ffc5111b970e
72f095d70b0d69330ac73c3cb4108e9f3afa9bb6828a928d550b1812dbc88ac6
73eae2fe2e70eebfc13490695cd05e2ee2ac1ea6fff8436af83e8601688776c7
73edf00aca7375401af4f977c965c2ea0db9aa87ed20e63184354eb58a070156
7fe7903ce2632538c46cc0b5fdcadbbb8c2ee7434930e5cd851593c5624dd88a
824708157efff49bbfb0a5619f06da71cb589230aabac7908356023ebf327616
87c347b7793de09cc35519623a86def2805ab4222d6f67404b1cafc0ca55f508
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
94e930950d5878f513802a3a816e57048fff5bedb5143c7cb5fedabc0e5c8d36
a21c261999e1ebaa033413f602dd5fab049898280967aa3337c5beaacd1efa08
ab9fdb993022e9fa0c2e50488d716186aecc5526ee20bbe3f24d0adbd77a1996
abef567d6ca03185e9a859c9827476b6f65e81f7a52d5cfd797474d02f6827aa
ad68b6241297a314650de9e3173f2f370752f87e0b18daac25ca359f8f907f8e
b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8
b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7
baa149cfca28ea70ccc424d5e526768f8177d7c2153ad2b6c0dd76693b66794a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5aa56daca3e7d743828c64d97907d99fd6640053b5c0c6f408e3d0f46bca03
bef4c90e603ae3791ce5ac8590ffc47c551dc6c95001087df6f01a61036d6c03
c8c7f41f7aa9c05f36d61063db1141064b5a30e7477cf6406292a5ef350d39da
d0600eaff93b83bb20b36bb35f5c36e6caf21e830e04a2f07ce18b5007292ec2
e14bda4aa379c1a777ca28e1038247e8650ebea9f5a3a58e85a566722cc53079
e216f49acdbe944b8034d0323ac03cb1562adb6d3cbc767bebe81ea56e1da603
e797bdbf429b03424ff15268860d6c3fd1d80eac6e7d6ca5d4eba691a270a1e3
eb2d589aec5c4ca7d4589d2a4ff620648dced60870bfedbe15d104fa2abe15c6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

service-cas-azure-qa-01.hrblock-npr.ca Open in urlscan Pro 20.99.191.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

89 %HTTPS

36 %IPv6

12 Domains

14 Subdomains

12 IPs

1 Countries

4502 kBTransfer

10238 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

service-cas-azure-qa-01.hrblock-npr.ca Open in urlscan Pro
20.99.191.121 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

89 %
HTTPS

36 %
IPv6

12
Domains

14
Subdomains

12
IPs

1
Countries

4502 kB
Transfer

10238 kB
Size

12
Cookies

74 HTTP transactions
0 data transactions