service-cas-azure-qa-01.hrblock-npr.ca
Open in
urlscan Pro
20.99.191.121
Public Scan
Effective URL: https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2Fcallba...
Submission: On December 08 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 14th 2022. Valid for: a year.
This is the only time service-cas-azure-qa-01.hrblock-npr.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 40.112.243.107 40.112.243.107 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a02:6ea0:c40... 2a02:6ea0:c400::11 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 99.84.119.47 99.84.119.47 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2607:f8b0:400... 2607:f8b0:4006:824::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2607:f8b0:400... 2607:f8b0:4006:824::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
2 | 18.164.116.82 18.164.116.82 | 16509 (AMAZON-02) (AMAZON-02) | |
1 28 | 20.99.191.121 20.99.191.121 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:822::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 162.247.241.2 162.247.241.2 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
7 | 52.70.69.4 52.70.69.4 | 14618 (AMAZON-AES) (AMAZON-AES) | |
74 | 12 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tpsc-secure.hrblock-npr.ca |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-119-47.ewr52.r.cloudfront.net
cdn.trialfire.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-82.jfk50.r.cloudfront.net
cdn.heapanalytics.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
service-cas-azure-qa-01.hrblock-npr.ca |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-69-4.compute-1.amazonaws.com
heapanalytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
hrblock-npr.ca
1 redirects
tpsc-secure.hrblock-npr.ca service-cas-azure-qa-01.hrblock-npr.ca |
4 MB |
9 |
heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3631 heapanalytics.com — Cisco Umbrella Rank: 3047 |
97 KB |
5 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65 |
320 KB |
4 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51 |
3 KB |
3 |
nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 1989 |
2 KB |
3 |
gstatic.com
fonts.gstatic.com |
38 KB |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 402 |
14 KB |
1 |
trialfire.com
cdn.trialfire.com — Cisco Umbrella Rank: 250976 |
7 KB |
1 |
icons8.com
maxcdn.icons8.com — Cisco Umbrella Rank: 96807 |
6 KB |
0 |
google.ca
Failed
www.google.ca Failed |
|
0 |
doubleclick.net
Failed
stats.g.doubleclick.net Failed |
|
0 |
google.com
Failed
analytics.google.com Failed |
|
74 | 12 |
Domain | Requested by | |
---|---|---|
28 | service-cas-azure-qa-01.hrblock-npr.ca |
1 redirects
tpsc-secure.hrblock-npr.ca
service-cas-azure-qa-01.hrblock-npr.ca |
12 | tpsc-secure.hrblock-npr.ca |
tpsc-secure.hrblock-npr.ca
|
7 | heapanalytics.com |
service-cas-azure-qa-01.hrblock-npr.ca
|
5 | www.googletagmanager.com |
tpsc-secure.hrblock-npr.ca
www.googletagmanager.com service-cas-azure-qa-01.hrblock-npr.ca |
4 | fonts.googleapis.com |
tpsc-secure.hrblock-npr.ca
service-cas-azure-qa-01.hrblock-npr.ca |
3 | bam-cell.nr-data.net |
tpsc-secure.hrblock-npr.ca
js-agent.newrelic.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdn.heapanalytics.com |
tpsc-secure.hrblock-npr.ca
service-cas-azure-qa-01.hrblock-npr.ca |
1 | js-agent.newrelic.com |
tpsc-secure.hrblock-npr.ca
|
1 | cdn.trialfire.com |
tpsc-secure.hrblock-npr.ca
|
1 | maxcdn.icons8.com |
tpsc-secure.hrblock-npr.ca
|
0 | www.google.ca Failed | |
0 | stats.g.doubleclick.net Failed |
www.googletagmanager.com
|
0 | analytics.google.com Failed |
www.googletagmanager.com
|
74 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tpsc-secure.hrblock-npr.ca GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2022-12-08 - 2023-06-08 |
6 months | crt.sh |
1220595937.rsc.cdn77.org R3 |
2022-11-01 - 2023-01-30 |
3 months | crt.sh |
*.trialfire.com Sectigo RSA Domain Validation Secure Server CA |
2021-12-30 - 2023-01-17 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2 |
2022-07-10 - 2023-08-11 |
a year | crt.sh |
cdn.heapanalytics.com Amazon |
2022-07-29 - 2023-08-27 |
a year | crt.sh |
*.hrblock-npr.ca Go Daddy Secure Certificate Authority - G2 |
2022-03-14 - 2023-04-15 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-10 - 2023-02-10 |
a year | crt.sh |
heapanalytics.com Amazon |
2021-12-09 - 2023-01-06 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
Frame ID: 725BFD25D18EDE07B425D643BA142BC0
Requests: 73 HTTP requests in this frame
Frame:
https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T
Frame ID: 5BC2FC84EB0686BF5A37E8854DEC60DD
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Application Not Authorized to Use CAS - H&R Block CanadaPage URL History Show full URLs
- https://tpsc-secure.hrblock-npr.ca/ Page URL
-
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=TPSCloud21OIDC&s...
HTTP 302
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Heap (Analytics) Expand
Detected patterns
- heap-\d+\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://tpsc-secure.hrblock-npr.ca/ Page URL
-
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=TPSCloud21OIDC&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://tpsc-secure.hrblock-npr.ca/callback&state=P8BTaDQAnDebfxo4fREOSG1J5iJcOjYt&nonce=E7IPFR4ZkPCueqrN&googleDeviceId=undefined&locale=en
HTTP 302
https://service-cas-azure-qa-01.hrblock-npr.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-npr.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DTPSCloud21OIDC%26redirect_uri%3Dhttps%253A%252F%252Ftpsc-secure.hrblock-npr.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
tpsc-secure.hrblock-npr.ca/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
line-awesome.min.css
maxcdn.icons8.com/fonts/line-awesome/1.1/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tf.js
cdn.trialfire.com/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.f162ac90.js
tpsc-secure.hrblock-npr.ca/static/js/ |
5 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.a0d50988.css
tpsc-secure.hrblock-npr.ca/static/css/ |
347 KB 63 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
299 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
195 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
12 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
628 B 393 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 760 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
configuration
tpsc-secure.hrblock-npr.ca/shared/api/ |
326 B 654 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1184.min.js
js-agent.newrelic.com/ |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-3843911494.js
cdn.heapanalytics.com/js/ |
114 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hrb-logo.09e70b9a986bfc2a7f7be655b2d38be8.svg
tpsc-secure.hrblock-npr.ca/static/media/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
33662.34a6e43c.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
458 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
82165.9453896e.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
168 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
84819.676152f6.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
85 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
12236.8dcfae00.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
service-cas-azure-qa-01.hrblock-npr.ca/cas/ Redirect Chain
|
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
19b1e383d5
bam-cell.nr-data.net/1/ |
49 B 947 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
19b1e383d5
bam-cell.nr-data.net/resources/1/ |
36 B 761 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
19b1e383d5
bam-cell.nr-data.net/events/1/ |
24 B 744 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
62312.22e6a6e8.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
73 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
74749.1dfcc827.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
108 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
73304.73527c84.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
2 KB 826 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
70554.7ed52e6c.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
14781.5db2d101.chunk.js
tpsc-secure.hrblock-npr.ca/static/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
analytics.google.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
stats.g.doubleclick.net/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.ca/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
19b1e383d5
bam-cell.nr-data.net/events/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
19b1e383d5
bam-cell.nr-data.net/jserrors/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
19b1e383d5
bam-cell.nr-data.net/resources/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/normalize.css/8.0.1/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-grid.min.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/bootstrap/4.5.0/css/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-components-web.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/material-components-web/4.0.0/dist/ |
318 KB 318 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialdesignicons.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/mdi__font/5.0.45/css/ |
274 KB 275 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cas.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
241 KB 241 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css
fonts.googleapis.com/ |
2 KB 607 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-card-widget.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-cas.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
552 B 847 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-checkbox.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
923 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-errors.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-field.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
108 B 403 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-login.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
848 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-navbar.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
922 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-2fa.css
service-cas-azure-qa-01.hrblock-npr.ca/cas/css/ |
326 B 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
es5-shim.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/es5-shim/4.5.9/ |
83 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css-vars-ponyfill.min.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/css-vars-ponyfill/2.3.1/dist/ |
22 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/jquery/3.5.1/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-components-web.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/webjars/material-components-web/4.0.0/dist/ |
929 KB 930 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cas.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
language-switcher.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ |
862 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-login.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb-gtm.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js.cookie.min.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ |
621 B 926 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-init.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ |
149 B 454 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-service.js
service-cas-azure-qa-01.hrblock-npr.ca/cas/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hrb_logo.svg
service-cas-azure-qa-01.hrblock-npr.ca/cas/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
299 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ns.html
www.googletagmanager.com/ Frame 5BC2 |
266 B 114 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
heap-4211856143.js
cdn.heapanalytics.com/js/ |
138 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telemetry
heapanalytics.com/api/ |
37 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
add_user_properties_v3
heapanalytics.com/api/ |
37 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
add_user_properties_v3
heapanalytics.com/api/ |
37 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
195 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telemetry
heapanalytics.com/api/ |
37 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tpsc-secure.hrblock-npr.ca
- URL
- https://tpsc-secure.hrblock-npr.ca/static/js/70554.7ed52e6c.chunk.js
- Domain
- tpsc-secure.hrblock-npr.ca
- URL
- https://tpsc-secure.hrblock-npr.ca/static/js/14781.5db2d101.chunk.js
- Domain
- analytics.google.com
- URL
- https://analytics.google.com/g/collect?v=2&tid=G-11EHC5VVL0>m=2oebu0&_p=882639342&_gaz=1&cid=782759611.1670464885&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670464885&sct=1&seg=0&dl=https%3A%2F%2Ftpsc-secure.hrblock-npr.ca%2F2022%2Freturns&dt=TPS%20Cloud&en=user_engagement&_fv=1&_nsi=1&_ss=1
- Domain
- stats.g.doubleclick.net
- URL
- https://stats.g.doubleclick.net/g/collect?v=2&tid=G-11EHC5VVL0&cid=782759611.1670464885>m=2oebu0&aip=1
- Domain
- www.google.ca
- URL
- https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-11EHC5VVL0&cid=782759611.1670464885>m=2oebu0&aip=1&z=49896241
- Domain
- bam-cell.nr-data.net
- URL
- https://bam-cell.nr-data.net/events/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2585&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns
- Domain
- bam-cell.nr-data.net
- URL
- https://bam-cell.nr-data.net/jserrors/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2586&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns&xhr=%5B%7B%22params%22:%7B%22method%22:%22GET%22,%22host%22:%22tpsc-secure.hrblock-npr.ca:443%22,%22pathname%22:%22/shared/api/configuration%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22rxSize%22:%7B%22t%22:326%7D,%22duration%22:%7B%22t%22:126%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:1826%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam-cell.nr-data.net:443%22,%22pathname%22:%22/resources/1/19b1e383d5%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:2541%7D,%22rxSize%22:%7B%22t%22:36%7D,%22duration%22:%7B%22t%22:105%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:2155%7D%7D%7D,%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam-cell.nr-data.net:443%22,%22pathname%22:%22/events/1/19b1e383d5%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:371%7D,%22rxSize%22:%7B%22t%22:24%7D,%22duration%22:%7B%22t%22:171%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:2160%7D%7D%7D%5D
- Domain
- bam-cell.nr-data.net
- URL
- https://bam-cell.nr-data.net/resources/1/19b1e383d5?a=560279533&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2587&ck=1&ref=https://tpsc-secure.hrblock-npr.ca/2022/returns&st=1670464882626&ptid=87089e45-0001-b8fc-3924-0184ef77506e
Verdicts & Comments Add Verdict or Comment
45 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange undefined| returnExports function| cssVars function| $ function| jQuery object| mdc function| requestGeoPosition function| logGeoLocationError function| showGeoPosition function| preserveAnchorTagOnForm function| reloadLoginPage function| generateUrlWithServiceParameter function| resourceLoadedSuccessfully function| buildPathWithLocale function| getOppositeLocale function| goToEnglishVersion function| goToFrenchVersion function| areCookiesEnabled function| checkCookieForUsername function| setUserNameCookie function| addUsernameCookieOnSubmitListener function| initializeAddUserNameCookieFromParentIframe function| initializeLoginForm function| getUrlParameter function| initializeGtm object| Cookies object| heap function| initializeHeap function| identifyUserWithGAId function| identifyAnonymousUser function| identify function| baseProperty function| passAnonymousDataAsParameter function| baseIdentify function| getUniqueIdentifier function| addPropertyToHeapEventData function| getUrlQueryParameterByName boolean| trackGeoLocation object| googleAnalyticsTrackingId function| jqueryReady object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
service-cas-azure-qa-01.hrblock-npr.ca/cas/ | Name: SESSION Value: MDY5ZWRlN2MtMmY0OS00NmNjLWFkNzktMzMwODI5MjZmNGQx |
|
.tpsc-secure.hrblock-npr.ca/ | Name: ARRAffinity Value: 3eb1d66d3cee60ab49936e4337db5ec3b3790bf319fd366c8e7bdf2c2c3ac089 |
|
.tpsc-secure.hrblock-npr.ca/ | Name: ARRAffinitySameSite Value: 3eb1d66d3cee60ab49936e4337db5ec3b3790bf319fd366c8e7bdf2c2c3ac089 |
|
.nr-data.net/ | Name: JSESSIONID Value: e9a5132ec2b9afeb |
|
.hrblock-npr.ca/ | Name: _hp2_id.3843911494 Value: %7B%22userId%22%3A%227418696045184002%22%2C%22pageviewId%22%3A%223801531341015608%22%2C%22sessionId%22%3A%224268244619833217%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D |
|
.hrblock-npr.ca/ | Name: _hp2_ses_props.3843911494 Value: %7B%22ts%22%3A1670464884981%2C%22d%22%3A%22tpsc-secure.hrblock-npr.ca%22%2C%22h%22%3A%22%2F2022%2Freturns%22%7D |
|
service-cas-azure-qa-01.hrblock-npr.ca/ | Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: en |
|
.service-cas-azure-qa-01.hrblock-npr.ca/ | Name: pac4jCsrfToken Value: 4f3df80c-973a-4bd9-b94d-15b8ea2f3d02 |
|
.hrblock-npr.ca/ | Name: _ga_11EHC5VVL0 Value: GS1.1.1670464885.1.0.1670464885.60.0.0 |
|
.hrblock-npr.ca/ | Name: _ga Value: GA1.1.782759611.1670464885 |
|
.hrblock-npr.ca/ | Name: _hp2_id.4211856143 Value: %7B%22userId%22%3A%224374861509818361%22%2C%22pageviewId%22%3A%224122966943285831%22%2C%22sessionId%22%3A%224646416124769715%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D |
|
.hrblock-npr.ca/ | Name: _hp2_ses_props.4211856143 Value: %7B%22r%22%3A%22https%3A%2F%2Ftpsc-secure.hrblock-npr.ca%2F%22%2C%22ts%22%3A1670464886075%2C%22d%22%3A%22service-cas-azure-qa-01.hrblock-npr.ca%22%2C%22h%22%3A%22%2Fcas%2Flogin%22%2C%22q%22%3A%22%3Fservice%3Dhttps%253A%252F%252Fservice-cas-azure-qa-01.hrblock-npr.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DTPSCloud21OIDC%2526redirect_uri%253Dhttps%25253A%25252F%25252Ftpsc-secure.hrblock-npr.ca%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253Dundefined%2526client_name%253DCasOAuthClient%22%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552001; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
bam-cell.nr-data.net
cdn.heapanalytics.com
cdn.trialfire.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
js-agent.newrelic.com
maxcdn.icons8.com
service-cas-azure-qa-01.hrblock-npr.ca
stats.g.doubleclick.net
tpsc-secure.hrblock-npr.ca
www.google.ca
www.googletagmanager.com
analytics.google.com
bam-cell.nr-data.net
stats.g.doubleclick.net
tpsc-secure.hrblock-npr.ca
www.google.ca
151.101.194.137
162.247.241.2
18.164.116.82
20.99.191.121
2607:f8b0:4006:822::2003
2607:f8b0:4006:824::2008
2607:f8b0:4006:824::200a
2a02:6ea0:c400::11
40.112.243.107
52.70.69.4
99.84.119.47
0891b6a62b86c8469ee74b3ac442cf739db0e341d9ed1d992bc1b2f1fc37b90e
0cddcd872c44781f5c5ffd241c5f0620f79dbb21b1fe77f2873c60381f23a342
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
1e8638f605575bd335d49efa95e165adf7ef06dda8e367661ac2517a0a3a96b4
1ebb5f23935ba97d6452d8dd3a5b1c0de72fa09c76ea1be7a6b106f189844d0b
1ff8d34ed8c7d30550864936a761d7ce500712956d63becbe7484401d188cad4
2670ab6235d643c1b8c31504677a38226fcc526e89222081efe80b723a3a83b3
2e49f51414ed48f0fb31a2439f80f525b8d9b97ef4e83d204014fb8bd8aba5eb
325dff801d9eb685833be1f12acda79073f152a9ccb1d00079e797f70bd0518e
41e698bcd9356a6881170dcbd9f8b3e4adcdc0989c6ddc359630473fc1ea4b4e
4ce7a1da9f355d07caed15657c34a177b2408a6e5f1ce20e918f957a30cb88fe
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
58b863a4c10da17158c40c29f542890d3b51542fd3d9172a74ef75c53a030258
5ad27a6010b18e293c065996299fabae7a01c588556e4284c8a6cc72ca03f767
5fb652255d18ba5294142c1518b0e70cf2ac03a77451ae60f8c2c3a9230aa061
5fc21462803f9d1a092c18bd1033a79bf7c103a1b2b1523fa751555fa8ac7dfc
627957be995ccc2a2e395ad49e98c006ffacd19fc1f53c25efd6046a0d895451
70ace91f3a0f1c8388daed852a861462cdf17215deb8c2218bf5ffc5111b970e
72f095d70b0d69330ac73c3cb4108e9f3afa9bb6828a928d550b1812dbc88ac6
73eae2fe2e70eebfc13490695cd05e2ee2ac1ea6fff8436af83e8601688776c7
73edf00aca7375401af4f977c965c2ea0db9aa87ed20e63184354eb58a070156
7fe7903ce2632538c46cc0b5fdcadbbb8c2ee7434930e5cd851593c5624dd88a
824708157efff49bbfb0a5619f06da71cb589230aabac7908356023ebf327616
87c347b7793de09cc35519623a86def2805ab4222d6f67404b1cafc0ca55f508
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
94e930950d5878f513802a3a816e57048fff5bedb5143c7cb5fedabc0e5c8d36
a21c261999e1ebaa033413f602dd5fab049898280967aa3337c5beaacd1efa08
ab9fdb993022e9fa0c2e50488d716186aecc5526ee20bbe3f24d0adbd77a1996
abef567d6ca03185e9a859c9827476b6f65e81f7a52d5cfd797474d02f6827aa
ad68b6241297a314650de9e3173f2f370752f87e0b18daac25ca359f8f907f8e
b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8
b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7
baa149cfca28ea70ccc424d5e526768f8177d7c2153ad2b6c0dd76693b66794a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5aa56daca3e7d743828c64d97907d99fd6640053b5c0c6f408e3d0f46bca03
bef4c90e603ae3791ce5ac8590ffc47c551dc6c95001087df6f01a61036d6c03
c8c7f41f7aa9c05f36d61063db1141064b5a30e7477cf6406292a5ef350d39da
d0600eaff93b83bb20b36bb35f5c36e6caf21e830e04a2f07ce18b5007292ec2
e14bda4aa379c1a777ca28e1038247e8650ebea9f5a3a58e85a566722cc53079
e216f49acdbe944b8034d0323ac03cb1562adb6d3cbc767bebe81ea56e1da603
e797bdbf429b03424ff15268860d6c3fd1d80eac6e7d6ca5d4eba691a270a1e3
eb2d589aec5c4ca7d4589d2a4ff620648dced60870bfedbe15d104fa2abe15c6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d