idp.hrblock.com Open in urlscan Pro
40.67.190.253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://taxidshield.hrblock.com/
Effective URL:
https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Submission: On November 17 via manual (November 17th 2021, 10:11:04 pm UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 37 domains to perform 109 HTTP transactions. The main IP is 40.67.190.253, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is idp.hrblock.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 20th 2021. Valid for: a year.

This is the only time idp.hrblock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	168.137.103.42 168.137.103.42	26989 (HR-WORLD-...) (HR-WORLD-HEADQUARTERS)
1 1	45.60.123.207 45.60.123.207	19551 (INCAPSULA) (INCAPSULA)
1 5	40.67.190.253 40.67.190.253	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
33	23.37.49.246 23.37.49.246	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.17.185.187 2.17.185.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1 7	52.213.37.66 52.213.37.66	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.44 13.32.121.44	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.156.143.93 18.156.143.93	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.195.238.9 54.195.238.9	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1	63.32.151.178 63.32.151.178	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	15.197.170.101 15.197.170.101	16509 (AMAZON-02) (AMAZON-02)
1 1	3.130.108.206 3.130.108.206	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	216.200.122.11 216.200.122.11	6461 (ZAYO-6461) (ZAYO-6461)
1	2600:9000:223... 2600:9000:223c:c000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	154.59.122.74 154.59.122.74	() ()
1	2600:9000:225... 2600:9000:225e:3400:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.217.188.123 3.217.188.123	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	34.199.207.17 34.199.207.17	14618 (AMAZON-AES) (AMAZON-AES)
1	89.207.16.201 89.207.16.201	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.95.123.229 34.95.123.229	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:223... 2600:9000:223f:4400:15:decf:f580:21	16509 (AMAZON-02) (AMAZON-02)
1	34.95.127.121 34.95.127.121	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2620:119:50e7... 2620:119:50e7:101::9002:e05	14413 (LINKEDIN) (LINKEDIN)
1	2606:4700::68... 2606:4700::6810:7b60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
109	39

1 168.137.103.42 (Kansas City, United States) 1 redirects

ASN26989 (HR-WORLD-HEADQUARTERS, US)
PTR: taxidshield.hrblock.com

taxidshield.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.123.207 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

sso.identitymanagementcenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 40.67.190.253 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

idp.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 23.37.49.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-49-246.deploy.static.akamaitechnologies.com

www.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.185.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-185-187.deploy.static.akamaitechnologies.com

api-nd.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.213.37.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-37-66.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-44.fra60.r.cloudfront.net

sdk.hrb.magicpixel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.143.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-143-93.eu-central-1.compute.amazonaws.com

collection.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.238.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

hrblock.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

smetrics.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.151.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-151-178.eu-west-1.compute.amazonaws.com

hrblock.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.170.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: af7be9a1b07df2d35.awsglobalaccelerator.com

mp-hrbcomlnp.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.108.206 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-108-206.us-east-2.compute.amazonaws.com

zuyapixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.70 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.122.11 (United States) 1 redirects

ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com

gwmtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f100.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.74 (None, )

ASN- ()

acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:3400:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.217.188.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-188-123.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.207.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-207-17.compute-1.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.201 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-usadmm.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.123.229 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 229.123.95.34.bc.googleusercontent.com

linkto.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:4400:15:decf:f580:21 (United States)

ASN16509 (AMAZON-02, US)

d38xvr37kwwhcm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e7:101::9002:e05 (San Francisco, United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7b60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	hrblock.com 2 redirects taxidshield.hrblock.com idp.hrblock.com www.hrblock.com api-nd.hrblock.com smetrics.hrblock.com mp-hrbcomlnp.hrblock.com linkto.hrblock.com	233 KB
8	demdex.net 1 redirects dpm.demdex.net hrblock.demdex.net	10 KB
7	googletagmanager.com www.googletagmanager.com	30 KB
7	doubleclick.net 7 redirects cm.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	2 KB
6	adsrvr.org 2 redirects match.adsrvr.org js.adsrvr.org insight.adsrvr.org	4 KB
6	cookielaw.org cdn.cookielaw.org	113 KB
5	adobedtm.com assets.adobedtm.com	132 KB
3	facebook.com www.facebook.com	487 B
3	tvpixel.com c.tvpixel.com p.tvpixel.com	103 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	quantserve.com 1 redirects pixel.quantserve.com secure.quantserve.com	11 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
2	bing.com bat.bing.com	11 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net
2	facebook.net connect.facebook.net	108 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	802 B
2	decibelinsight.net collection.decibelinsight.net	79 KB
1	cloudflare.com www.cloudflare.com	434 B
1	linkedin.com px.ads.linkedin.com	479 B
1	yahoo.com sp.analytics.yahoo.com	714 B
1	licdn.com snap.licdn.com	2 KB
1	ojrq.net www.ojrq.net	415 B
1	cloudfront.net d38xvr37kwwhcm.cloudfront.net	16 KB
1	impactradius-event.com d.impactradius-event.com	13 KB
1	dotomi.com login.dotomi.com	277 B
1	xg4ken.com resources.xg4ken.com	4 KB
1	pdst.fm cdn.pdst.fm	6 KB
1	acuityplatform.com acuityplatform.com
1	google.de www.google.de	548 B
1	quantcount.com rules.quantcount.com	1 KB
1	gwmtracking.com 1 redirects gwmtracking.com	388 B
1	zuyapixel.com 1 redirects zuyapixel.com	272 B
1	omtrdc.net hrblock.tt.omtrdc.net	503 B
1	onetrust.com geolocation.onetrust.com	412 B
1	magicpixel.io sdk.hrb.magicpixel.io	57 KB
1	identitymanagementcenter.com 1 redirects sso.identitymanagementcenter.com	2 KB
109	37

	Domain	Requested by
33	www.hrblock.com	idp.hrblock.com www.hrblock.com
7	www.googletagmanager.com	sdk.hrb.magicpixel.io www.googletagmanager.com
7	dpm.demdex.net	1 redirects idp.hrblock.com
6	cdn.cookielaw.org	idp.hrblock.com cdn.cookielaw.org
5	assets.adobedtm.com	idp.hrblock.com assets.adobedtm.com
5	idp.hrblock.com	1 redirects idp.hrblock.com www.hrblock.com
4	ad.doubleclick.net	4 redirects
3	www.facebook.com
3	insight.adsrvr.org	js.adsrvr.org
3	mp-hrbcomlnp.hrblock.com	sdk.hrb.magicpixel.io
2	s.amazon-adsystem.com	1 redirects
2	bat.bing.com	sdk.hrb.magicpixel.io
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	connect.facebook.net	idp.hrblock.com connect.facebook.net
2	p.tvpixel.com	c.tvpixel.com
2	adservice.google.com
2	pixel.quantserve.com	1 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	idsync.rlcdn.com	2 redirects
2	smetrics.hrblock.com	assets.adobedtm.com
2	collection.decibelinsight.net	idp.hrblock.com collection.decibelinsight.net
2	api-nd.hrblock.com	idp.hrblock.com api-nd.hrblock.com
1	www.cloudflare.com	d38xvr37kwwhcm.cloudfront.net
1	px.ads.linkedin.com
1	sp.analytics.yahoo.com
1	snap.licdn.com	sdk.hrb.magicpixel.io
1	www.ojrq.net
1	d38xvr37kwwhcm.cloudfront.net	sdk.hrb.magicpixel.io
1	linkto.hrblock.com	d.impactradius-event.com
1	d.impactradius-event.com	sdk.hrb.magicpixel.io
1	login.dotomi.com
1	resources.xg4ken.com	idp.hrblock.com
1	cdn.pdst.fm	idp.hrblock.com
1	c.tvpixel.com	sdk.hrb.magicpixel.io
1	acuityplatform.com	sdk.hrb.magicpixel.io
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	js.adsrvr.org	sdk.hrb.magicpixel.io
1	rules.quantcount.com	secure.quantserve.com
1	gwmtracking.com	1 redirects
1	zuyapixel.com	1 redirects
1	secure.quantserve.com	sdk.hrb.magicpixel.io
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	hrblock.tt.omtrdc.net	assets.adobedtm.com
1	hrblock.demdex.net	assets.adobedtm.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	sdk.hrb.magicpixel.io	idp.hrblock.com
1	sso.identitymanagementcenter.com	1 redirects
1	taxidshield.hrblock.com	1 redirects
109	52

This site contains links to these domains. Also see Links.

Domain
www.hrblock.com
onetrust.com

Subject Issuer	Validity	Valid
idp.hrblock.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-20` - `2022-04-25`	a year	crt.sh
www.hrblock.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-11` - `2022-08-11`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
api-us-east-1.nd.nudatasecurity.com DigiCert SHA2 Extended Validation Server CA	`2021-02-12` - `2022-02-15`	a year	crt.sh
*.hrb.magicpixel.io Amazon	`2021-08-03` - `2022-09-01`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.decibelinsight.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-21` - `2022-01-21`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.hrblock.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
mp-hrbcomlnp.hrblock.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2	`2020-06-10` - `2022-06-10`	2 years	crt.sh
*.tvpixel.com Amazon	`2021-02-13` - `2022-03-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-27` - `2021-11-25`	3 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2021-10-24` - `2022-01-22`	3 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2021-09-17` - `2022-10-19`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-06` - `2022-01-06`	a year	crt.sh
misc.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
linkto.hrblock.com GTS CA 1D4	`2021-10-18` - `2022-01-16`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2021-01-07` - `2022-02-07`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
www.cloudflare.com Cloudflare Inc ECC CA-3	`2021-09-18` - `2022-09-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Frame ID: 293E868265A062C11885872B5E14B95C
Requests: 100 HTTP requests in this frame

Frame: https://hrblock.demdex.net/dest5.html?d_nsid=0
Frame ID: AB7A2F43852FEE26A486F733303CF362
Requests: 6 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=aajmr38&ref=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&upid=s51rgnk&upv=1.1.0
Frame ID: 4BDB0D7E1DA303B4F8153B6901DC9B1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign InBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://taxidshield.hrblock.com/ HTTP 302
https://sso.identitymanagementcenter.com/sp/startSSO.ping?PartnerIdpId=https://idp.hrblock.com/idp/shibboleth&ForceAu... HTTP 302
https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZBBS8NAEIX%2FSti7bTZUV4YkEA1CghW... HTTP 302
https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL

Page Statistics

109
Requests

91 %
HTTPS

33 %
IPv6

37
Domains

52
Subdomains

39
IPs

5
Countries

934 kB
Transfer

3925 kB
Size

63
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hrblock.com/

Search URL Search Domain Scan URL

URL: http://www.hrblock.com/universal/privacy_policy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://taxidshield.hrblock.com/ HTTP 302
https://sso.identitymanagementcenter.com/sp/startSSO.ping?PartnerIdpId=https://idp.hrblock.com/idp/shibboleth&ForceAuthn=true HTTP 302
https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZBBS8NAEIX%2FSti7bTZUV4YkEA1CghWpItLbmg5NYLOb7sxi9de7ph7qpTDH97335uWkRzNBFbi3GzwEJE7e0NPgbCGyRSqSpi7E%2B1ruW07T777dyK2S9cGOqv24uas4CogCNpZYW45MmskrGU%2B9ZhnIFK5vF2qltiJ5cL7DOagQ7AOK5DgaSzA3KETwFpymgcDqEQm4g5dq%2FQixBEzeseucEWX%2Bq4Y50p%2Fxl3FNhJ7jS6JkfRx21A9odvnyzOtkPMFThJv62Zmh%2B0oqY9znvUfN%2BFd5WZ6o%2F4uVPw%3D%3D&RelayState=tI4mVT3I8Cu2ezTcAYMbsI7lUhi4rk HTTP 302
https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1637187059769 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1637187059769

Request Chain 55

https://idsync.rlcdn.com/365868.gif?partner_uid=75934993137597336341165337718185308643 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzU5MzQ5OTMxMzc1OTczMzYzNDExNjUzMzc3MTgxODUzMDg2NDMQABoNCPT71YwGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=019a20c1429353619929f2505599dc50a96e82a461d955fc499e3be93f6bcf0ab0da87c991749652

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzU5MzQ5OTMxMzc1OTczMzYzNDExNjUzMzc3MTgxODUzMDg2NDM= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzU5MzQ5OTMxMzc1OTczMzYzNDExNjUzMzc3MTgxODUzMDg2NDM=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPc-kIFkOYmPff-x6r0QUUA&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 58

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=6e5e03bd-115b-4efc-8264-68db5b2fea7e

Request Chain 59

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=2n7BKNsrninBd8l7jn3VKN4syiXBe8F52ni0NjYb

Request Chain 60

https://a.tribalfusion.com/i.match?p=b13&u=75934993137597336341165337718185308643&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=75934993137597336341165337718185308643&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 64

https://zuyapixel.com/api/?pixelID=2614 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9825626;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9825626;dc_pre=CILV4Ym1oPQCFQW6mgodg-sHxA;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9825626;dc_pre=CILV4Ym1oPQCFQW6mgodg-sHxA;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 65

https://gwmtracking.com/p/v/1/5c086cf1f8708170a6c95a51/format/img HTTP 302
https://ad.doubleclick.net/ddm/activity/src=5262330;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=5262330;dc_pre=COrcooq1oPQCFY2xsgodO7MFyw;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=5262330;dc_pre=COrcooq1oPQCFY2xsgodO7MFyw;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 76

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068430904/?value=0&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1068430904/?value=0&guid=ON&script=0&is_vtc=1&random=1659154268 HTTP 302
https://www.google.de/pagead/1p-user-list/1068430904/?value=0&guid=ON&script=0&is_vtc=1&random=1659154268&ipr=y

Request Chain 99

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7516c06a-b161-70e7-12bd-1918c3b32f90%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hrblock.com/&ex-hargs=v%3D1.0%3Bc%3D8580371368914%3Bp%3D7516C06A-B161-70E7-12BD-1918C3B32F90 HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7516c06a-b161-70e7-12bd-1918c3b32f90%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hrblock.com/&ex-hargs=v%3D1.0%3Bc%3D8580371368914%3Bp%3D7516C06A-B161-70E7-12BD-1918C3B32F90&dcc=t

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
200

Primary Request SSO Show response
idp.hrblock.com/idp/profile/SAML2/Redirect/
Redirect Chain

https://taxidshield.hrblock.com/
https://sso.identitymanagementcenter.com/sp/startSSO.ping?PartnerIdpId=https://idp.hrblock.com/idp/shibboleth&ForceAuthn=true
https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZBBS8NAEIX%2FSti7bTZUV4YkEA1CghWpItLbmg5NYLOb7sxi9de7ph7qpTDH97335uWkRzNBFbi3GzwEJE7e0NPgbCGyRSqSpi7E%2B1ruW07T777dyK2S9cGOqv24ua...
https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

34 KB
9 KB

129ms
129ms

Document
text/html

40.67.190.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.67.190.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

57252bd99cdc5c712a5958a8d197bb40fa6690b124c65d5e91969ddaaf78ef6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=0 max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 17 Nov 2021 22:10:59 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 8200
Connection: keep-alive
Server: Apache
Cache-Control: no-store
Expires
Request-Context: appId=cid-v1:c030799c-f941-4e03-b081-3cf6f715854c
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload max-age=0 max-age=0
X-FRAME-OPTIONS: DENY
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Date: Wed, 17 Nov 2021 22:10:59 GMT
Content-Length: 0
Connection: keep-alive
Server: Apache
Cache-Control: no-store
Expires
Request-Context: appId=cid-v1:c030799c-f941-4e03-b081-3cf6f715854c
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload max-age=0
Location: /idp/profile/SAML2/Redirect/SSO?execution=e1s1

GET
H2 200 gua-init.css
www.hrblock.com/prodidp/theme/default/styles/ 2 KB
1 KB 82ms
29ms Stylesheet
text/css 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/styles/gua-init.css?version=80
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 94eb9e94e4b8d3190e12088612391442395012a686601b5472bee4886adaac03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 01:32:26 GMT
etag: "f40a30d67c4d59d3ac8cbdd38061658c:1634853450.799345"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 903
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 hrblock-design-system.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 120 KB
39 KB 83ms
31ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52924c848bb51af09ed5f05471651c3123888ec96c906112d109705ef36046c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "b55ac327b632c80cdb837be9062354f3:1616099335.292952"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 39667
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 gua-custom-min.css
www.hrblock.com/prodidp/theme/default/styles/ 35 KB
8 KB 75ms
23ms Stylesheet
text/css 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/styles/gua-custom-min.css?version=80
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 958f1d8fd844e89159a1173eef0d752c6a1ec27cd9ccadd6e641dcd56f66b451

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 21:09:46 GMT
etag: "cb1f1b04386a5a8e7a20a8c60b4f9c7e:1634853449.562353"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 8427
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 modernizr-3.6.0-min.js Show response
www.hrblock.com/prodidp/theme/default/js/ 18 KB
7 KB 82ms
30ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/modernizr-3.6.0-min.js
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c25e9178921d49725525815d14c2f7e795c1bbc2dad57a525f1fb9109efca558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 20 Feb 2021 20:48:54 GMT
etag: "c42ce3c579db2069f40b99ddc1823055:1630641390.907303"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 7003
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 launch-ENf8b881eaea0c427ab85c67d659962b81.min.js Show response
assets.adobedtm.com/ 455 KB
108 KB 52ms
8ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENf8b881eaea0c427ab85c67d659962b81.min.js
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1a57533b0d6f4456a9566844411d41e5af5f7062e4d7c8e0d626014b1ffa5c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 22:18:22 GMT
server: AkamaiNetStorage
etag: "1626adeabf0ab0a9744cc428688bb9be:1637101102.281691"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://idp.hrblock.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 110137
expires: Wed, 17 Nov 2021 23:10:59 GMT

GET
H/1.1 200
200 hrb_logo.svg
idp.hrblock.com/idp/theme/default/images/ 7 KB
3 KB 126ms
125ms Image
image/svg+xml 40.67.190.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://idp.hrblock.com/idp/theme/default/images/hrb_logo.svg

Requested by

Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.67.190.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

1d7f088b816cdc72472888029bcce6742a718f48669430ee580290069703f9ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 22:10:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Feb 2021 02:32:24 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/svg+xml;charset=UTF-8
Request-Context: appId=cid-v1:c030799c-f941-4e03-b081-3cf6f715854c
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
200 privacyArrow.svg
idp.hrblock.com/idp/theme/default/images/ 780 B
1 KB 252ms
125ms Image
image/svg+xml 40.67.190.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://idp.hrblock.com/idp/theme/default/images/privacyArrow.svg

Requested by

Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.67.190.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

7c639d2dff855acce1425a17de3c2f5785d4c13b045862632105be35bb2d5e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 22:10:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Feb 2021 02:32:26 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/svg+xml;charset=UTF-8
Request-Context: appId=cid-v1:c030799c-f941-4e03-b081-3cf6f715854c
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.hrblock.com/prodidp/theme/default/scripts/ 87 KB
31 KB 26ms
26ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/scripts/jquery-3.5.1.min.js
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 16:07:45 GMT
etag: "b61aa6e2d68d21b3546b5b418bf0e9c3:1619583606.643249"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 30958
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 login-session-timer.js Show response
www.hrblock.com/prodidp/theme/default/js/ 522 B
744 B 15ms
14ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/login-session-timer.js?version=80
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6397082c237053b35d2ac4cb4e378c0a2f10ba573019b163c37e2e778ff73bf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
last-modified: Fri, 19 Feb 2021 01:32:26 GMT
etag: "b4e393ce80f490ee82e7581418505743:1634853440.654771"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 522
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 jquery.cookie.js Show response
www.hrblock.com/prodidp/theme/default/js/ 3 KB
2 KB 21ms
19ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/jquery.cookie.js
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9307c77b789ef1bccf36a3c54b34ff6f905bb612d2e2ae72481ceab1777df460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 16:07:45 GMT
etag: "997286e5bfb370dcfdf6267a94f2ba91:1619583599.048488"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1376
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 gua_dtm.js Show response
www.hrblock.com/prodidp/theme/default/js/ 2 KB
873 B 20ms
18ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/gua_dtm.js?version=80
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 822eca8ddf86f8703de0a3382ce41bafd51ef5e87b76e0fa5a68c21234e9bbae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 01:32:26 GMT
etag: "a9968b3a5bdc4e2b3541898c608090b2:1634853431.875345"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 630
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 historyState.js Show response
www.hrblock.com/prodidp/theme/default/js/ 41 KB
10 KB 22ms
20ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/historyState.js
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c6356209d1aab3d9460e148450fef987e2fa674c529e23f6e3800754185a821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 20 Feb 2021 20:48:54 GMT
etag: "1d4f4995566a1c074eb0e3bbee9eaa54:1632801200.643516"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 9653
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 jquery.validate.min.js Show response
www.hrblock.com/prodidp/theme/default/js/ 24 KB
8 KB 19ms
17ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/jquery.validate.min.js
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea335e1de5f7b3743ec647c1f18cd6bebfa0c5bcc82028f0470ab3cea213bbc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 16:07:45 GMT
etag: "5b068e334357c04ff2f13a5134cf5057:1619583600.392106"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 7818
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 jquery-idleTimeout.js Show response
www.hrblock.com/prodidp/theme/default/js/ 2 KB
935 B 19ms
17ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/jquery-idleTimeout.js?version=80
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c60eeb094d7c9b44c2346b4e1e5567389dd39ae0d112d2559d3ccef1c82c442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 01:32:26 GMT
etag: "c9b349c451e2a190bc603feb560cd0a5:1634853434.37989"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 693
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 jquery.validateBDS_custom.js Show response
www.hrblock.com/prodidp/theme/default/js/ 42 KB
11 KB 22ms
20ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/jquery.validateBDS_custom.js?version=80
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6f0834e12f66885387e20e213ef4add332a86d7c8601929e4235f51a4cf56afa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 21:09:46 GMT
etag: "e55900f87c61f15fe5dcf2207b627d81:1634853439.874251"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 10565
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 validatorBDS.js Show response
www.hrblock.com/prodidp/theme/default/js/ 86 KB
12 KB 22ms
21ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/theme/default/js/validatorBDS.js?version=80
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe0bbb5ae46158848a5a7c34d4e2291b2a28fd1b91810b699f4fe9ac40927cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 21:09:46 GMT
etag: "28643496266782d81c1d1477af799a52:1634853444.671757"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 11535
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-54bf6d94.system.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 12 KB
3 KB 20ms
19ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-54bf6d94.system.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8170384f7217ae18db9715ad4083d517a9ca1f6bcb64ee37ea2964441fde31f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "9b89f1f72b7714073c417f0b2b05da9e:1616099353.66078"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 3329
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H/1.1 200
OK / Show response
api-nd.hrblock.com/2.2/w/w-446637/sync/js/ 46 KB
16 KB 304ms
145ms Script
application/javascript 2.17.185.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-nd.hrblock.com/2.2/w/w-446637/sync/js/

Requested by

Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.185.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-185-187.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1a1ebb0567388f8563d5599f3c8906c99e351b2cd523027aedd0717554719b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff, nosniff
Server: nginx
Date: Wed, 17 Nov 2021 22:10:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 16019
x-xss-protection: 1; mode=block, 1; mode=block

GET
H2 200 p-a6a54c2f.system.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 22 KB
8 KB 12ms
12ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-a6a54c2f.system.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 75a51dc1d84e2981a0995ab7b72fc9bbf0d6a301151d04ec8b3d0a8d903e6532

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "27795067e11c0e13f23e1937a9ae8df7:1616099364.911674"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 8108
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-89dc1e1d.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 16 KB
5 KB 15ms
13ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-89dc1e1d.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c724a57a63ea555bc777f9c9ac087b6eea61ce40bc3f5db03a1a94446998429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "f592e8433bc627a94c41961ff2ff3ed5:1616099360.512791"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 4492
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-1511d886.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 8 KB
2 KB 29ms
26ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-1511d886.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 616b1743164b60019e7a5981ee982cffabb6fa2c85b1a4a3cc906f9bd7aab0ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "607fcffc35b47c5d8e9af80cbf7385ce:1616099340.382277"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 2301
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-6e95109c.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 134 KB
13 KB 22ms
19ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-6e95109c.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0786f11a33d80e9022bba1bae115e347e9695d48e8fc0a8b84a4ea9616672b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 22:42:26 GMT
etag: "152404dbaf8c7f5cdd8217c5f42c7f2f:1616099357.346183"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 12945
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-fcd3dc86.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 6 KB
1 KB 29ms
26ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-fcd3dc86.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6444e4da671c9eb8c32d8c35ef7ee15b4ae2f07afce41e300373ab953ea63713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 22:26:16 GMT
etag: "7bf53eb6e517033ce8bfb8de5bc26a56:1616099376.899523"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1113
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-eda5fd5b.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 161 KB
7 KB 22ms
19ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-eda5fd5b.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ccbc312e43b3d7cffbeaf5e5105b91a045c26236b0bc97e86d2d3e1dec05ff6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "7385e0775e3eb2b7f8b460c52d0d25bc:1616099373.415911"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 7131
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-2850e208.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 15 KB
5 KB 21ms
18ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-2850e208.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eae39341ad024e9b43721d3787dd13b545622fbe4150bc92b6d26fac65143f8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 22:26:16 GMT
etag: "f640d3e64f485debc4bea910df43d28e:1616099344.87196"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 4462
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-c2f2b303.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 9 KB
2 KB 19ms
18ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-c2f2b303.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3304edc2cdcbfdde8862ee2056e240090266edc7d19362acb3af0c418375c1dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 22:26:16 GMT
etag: "008ecc8d5b30798b8fa51d15565759c5:1616099369.183442"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 2302
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-2c0abf9f.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 17 KB
3 KB 21ms
19ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-2c0abf9f.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a83b54b84cc230b3f66fce25c954ee5d198b54c218e5ee014fae8fd9f121f2ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 22:26:16 GMT
etag: "e59b16e46971b5ed81ae0b024d652b42:1616099345.762875"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 3235
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-54011e48.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 8 KB
2 KB 21ms
19ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-54011e48.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bc1d67ab777ee6a40243fcb2da94b03adf49e788afb3ad5cb9768e9273ebded4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 22:26:16 GMT
etag: "19338860f2222cfab0a9a98c5910d69b:1616099353.395422"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 2157
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-d9627f0f.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 96 KB
5 KB 22ms
20ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-d9627f0f.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1da9522b1f1aa8c2b46d7f23ce8025f7f8b912d4a3f90f915d4e5ae03f5fcf61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "c9b322436b515416ee0984b0878698e9:1616099372.38908"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 4850
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1637187059769
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1637187059769

1 KB
1 KB

33ms
33ms

XHR
application/json

52.213.37.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1637187059769

Requested by

Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

HTTP/1.1

Server

52.213.37.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-37-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

12e3f2b60286af48bf637436056a1e2e4e53b4368bfcaf3f21aa85e489290538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0dab1dc84.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 6ASHC1jYS1c=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://idp.hrblock.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 632
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v019-0ab66d375.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://idp.hrblock.com
X-TID: 3SC89ojoQaM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1637187059769
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf8b881eaea0c427ab85c67d659962b81.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://idp.hrblock.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 17 Nov 2021 23:10:59 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf8b881eaea0c427ab85c67d659962b81.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://idp.hrblock.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 17 Nov 2021 23:10:59 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf8b881eaea0c427ab85c67d659962b81.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://idp.hrblock.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Wed, 17 Nov 2021 23:10:59 GMT

GET
H2 200 fyhAl4WCL.js Show response
sdk.hrb.magicpixel.io/ 383 KB
57 KB 58ms
8ms Script
application/javascript 13.32.121.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77de5d5a9b7b92d716904e0a180d2a1cbc7d8bd7c83bc1e19fca8705c073083b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 19:44:14 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 19:41:44 GMT
server: AmazonS3
age: 8806
etag: W/"7feedf34dd505afc6eaa755a1c78651e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 8emZK7P0exdlKxshkgO1il1nR8vgcbKH5F9AgzGWkMfG35Az8BRxiA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 46ms
29ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Lh0CEVPkmGuwf4KyqdKdhw==
age: 2315
vary: Accept-Encoding
content-length: 6403
x-ms-lease-status: unlocked
last-modified: Wed, 17 Nov 2021 07:57:28 GMT
server: cloudflare
etag: 0x8D9A99FE69AC5E2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3993dfab-c01e-0087-1596-db8dc9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6afc4ad3c9f442d5-FRA

GET
H/1.1 200
OK di.js Show response
collection.decibelinsight.net/i/13948/332429/ 175 KB
68 KB 38ms
9ms Script
text/javascript 18.156.143.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collection.decibelinsight.net/i/13948/332429/di.js

Requested by

Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.156.143.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-143-93.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cacdc05c6428df4ef38d983b8edccce8204d8031d5137c4a167a5348c3a1e56e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 22:10:59 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
ETag: W/000070823-17D2FF40074
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, max-age=5400
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override

GET
H/1.1 200
200 GuaAlive Show response
idp.hrblock.com/idp/Authn/ 0
829 B 144ms
126ms XHR
text/plain 40.67.190.253
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.hrblock.com/idp/Authn/GuaAlive

Requested by

Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/theme/default/scripts/jquery-3.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.67.190.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 22:10:59 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:c030799c-f941-4e03-b081-3cf6f715854c
Cache-Control: private
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-43f7fca6.system.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 622 B
844 B 15ms
14ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-43f7fca6.system.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6739e6568cc269de53c7152e2199647c486203334b8be01ffe32caa2bde5d362

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "be5917064949c8871b1d0d46332e6884:1616099349.732367"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 622
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-1d37b6e3.system.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 130 B
368 B 15ms
14ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-1d37b6e3.system.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f0151718068d35ec8092ded7e6610541d90d968dae4dbf32179637826c1756d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "5d6d9b81e7141d2e19ece9ab0c61b681:1616099343.380559"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 127
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-8e64cfd5.system.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 2 KB
865 B 16ms
15ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-8e64cfd5.system.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6906672d4891f8796d99c7bde6ee22d51d1b71286513afe04282edd90a557bc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "694838cefab8b1aa795e09289fedeb1c:1616099361.747851"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 623
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-6b4f62ba.system.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 610 B
832 B 15ms
14ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-6b4f62ba.system.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 720f5a48721a813047110c6ed922f782824b4ea2ae7d1023917934bc155ecfaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "9f1549e088d042949e921557b15c979a:1616099357.046762"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 610
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-4ba45203.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 4 KB
1 KB 14ms
14ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-4ba45203.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2f2fedd4c007c869e13a4eea793275de6c6337e9b7813c2162474b8899ba15c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "23b7cea8f7c161c4588c75a70d493320:1616099351.751532"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1053
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 68d1a37f-2d10-4455-8ba9-25a43e6967b1.json Show response
cdn.cookielaw.org/consent/68d1a37f-2d10-4455-8ba9-25a43e6967b1/ 3 KB
2 KB 28ms
14ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/68d1a37f-2d10-4455-8ba9-25a43e6967b1/68d1a37f-2d10-4455-8ba9-25a43e6967b1.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c13673024a4e0ebf04545932e140074842c7043e17caf5748b80e40783a557d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /BqQ8Hf3LdF0WRAWOYbt4A==
age: 3836
vary: Accept-Encoding
content-length: 1163
x-ms-lease-status: unlocked
last-modified: Fri, 18 Dec 2020 15:08:10 GMT
server: cloudflare
etag: 0x8D8A366BBE58A8C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cf627b27-001e-0074-24bf-cb5ea0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6afc4ad43dee4a5b-FRA
expires: Thu, 18 Nov 2021 02:10:59 GMT

GET
H2 200 p-03703ce3.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 5 KB
2 KB 12ms
11ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-03703ce3.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 10a31cad587a9cfbf03f9dadd11fc394d3a46455457d1516a16e8b82c4a320a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "695866188b1c92073983adcfdabc3464:1616099335.972322"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1360
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 p-d26a46a0.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 28 KB
2 KB 13ms
12ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-d26a46a0.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1568a75df5716612d923a4e05ce43d8d6d0322e73dd942d545da4b9f6bcb7730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "f3ca6e48946b1746e78ee4309be0f930:1616099370.683668"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 2189
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
412 B 40ms
22ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6afc4ad48cc0d6f9-FRA

GET
H2 200 p-c3683755.system.entry.js Show response
www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/ 6 KB
1 KB 11ms
10ms Script
application/x-javascript 23.37.49.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/p-c3683755.system.entry.js
Requested by: Host: www.hrblock.com
URL: https://www.hrblock.com/prodidp/bds/node_modules/hrblock-design-system-components/dist/hrblock-design-system/hrblock-design-system.js?version=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.49.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-49-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: db71ebc45710e030b8cfa75eaf005a9df71ea27609b0d3e0312faf6bb076e6db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:10:59 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "fc7ea21d8a63d9b2eeacc94d0071888b:1616099369.476664"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 1025
expires: Wed, 17 Nov 2021 22:10:59 GMT

GET
H/1.1 200
OK / Show response
api-nd.hrblock.com/2.2/w/w-446637/init/js/ 482 B
1 KB 157ms
156ms Script
application/javascript 2.17.185.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-nd.hrblock.com/2.2/w/w-446637/init/js/?q=%7B%22e%22%3A210399%2C%22fvq%22%3A%227N9Q2Q0R8R84427O0OOP44617R99P24R%22%2C%22oq%22%3A%221600%3A1200%3A1600%3A1200%3A1600%3A1200%22%2C%22wfi%22%3A%22flap-150612%22%2C%22yf%22%3A%7B%7D%2C%22jc%22%3A%22Ybtva%22%2C%22jcc%22%3A1%2C%22ov%22%3A%22o2%7C1600k1200%201600k1200%2024%2024%7C0%7Cra-HF%7Coc1-q400qo6n8n86q525%7Csnyfr%7C%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F95.0.4638.54%20Fnsnev%2F537.36%7Cjt1-78r9qs3735260548%22%7D

Requested by

Host: api-nd.hrblock.com
URL: https://api-nd.hrblock.com/2.2/w/w-446637/sync/js/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.185.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-185-187.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a05b01e6bb7bddc10984cf7734ba7cc37df457ebb3dc2054e5ff324ecb7527d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Server: nginx
Date: Wed, 17 Nov 2021 22:11:00 GMT
x-frame-options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 482
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dest5.html Show response
hrblock.demdex.net/ Frame AB7A 7 KB
3 KB 120ms
28ms Document
text/html 54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hrblock.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf8b881eaea0c427ab85c67d659962b81.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 17 Nov 2021 22:11:00 GMT
DCS: dcs-prod-irl1-1-v019-0d891b5f4.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 10:46:53 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: ueHKRIBVRi4=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetrics.hrblock.com/ 48 B
507 B 83ms
18ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.hrblock.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&mid=72001823984809812631919013517443492718&ts=1637187060032

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf8b881eaea0c427ab85c67d659962b81.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a948b42e0f376700de1abc6511a477be1a5befb074cf01afd0fb26cbb2658ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idp.hrblock.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Nov 2021 22:11:00 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-6988cccb6f-86r2n
vary: Origin
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://idp.hrblock.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

POST
H2 200 delivery Show response
hrblock.tt.omtrdc.net/rest/v1/ 280 B
503 B 104ms
38ms XHR
application/json 63.32.151.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hrblock.tt.omtrdc.net/rest/v1/delivery?client=hrblock&sessionId=783e93161b2448238adad2f2f03c7a10&version=2.5.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf8b881eaea0c427ab85c67d659962b81.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.151.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-151-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8c031c00ca5ac49fd26c9b23ec85e95d12123d0b371c69b6e348821612d8d819

Request headers

Referer: https://idp.hrblock.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://idp.hrblock.com
date: Wed, 17 Nov 2021 22:11:00 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: c1c0036c2ac01fc04734c6356df1f303
content-type: application/json;charset=UTF-8

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 15ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Nov 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bh9exWOPGIwRshWljrtlEw==
age: 2592178
vary: Accept-Encoding
content-length: 79698
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:43:00 GMT
server: cloudflare
etag: 0x8D89735260901BC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0bb5fe76-501e-0045-3a6c-c40577000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6afc4ad54db442d5-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/68d1a37f-2d10-4455-8ba9-25a43e6967b1/e3b2ac1e-39fb-41e9-b3b9-dac734e8e19f/ 33 KB
8 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/68d1a37f-2d10-4455-8ba9-25a43e6967b1/e3b2ac1e-39fb-41e9-b3b9-dac734e8e19f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e2e06d4670dbf578006da7c40c99f6f2f9ec5857e1170a326f6b7a258f5ee42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Nov 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: u830YOEU7HkWv9T/I2/3lQ==
age: 493
vary: Accept-Encoding
content-length: 8083
x-ms-lease-status: unlocked
last-modified: Fri, 18 Dec 2020 15:08:12 GMT
server: cloudflare
etag: 0x8D8A366BD254946
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9b3011f2-301e-015a-4f17-b69832000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6afc4ad578374a5b-FRA
expires: Thu, 18 Nov 2021 02:11:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 13 KB
3 KB 13ms
13ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Nov 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W9e0YobmEbvdB0V9OmpQkw==
age: 2571759
vary: Accept-Encoding
content-length: 3329
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:50 GMT
server: cloudflare
etag: 0x8D89735209A34D6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1a3c39d2-d01e-0136-7a9c-c433e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6afc4ad5a87d4a5b-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 62 KB
15 KB 12ms
12ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad092aad6edc5a35ceae773fdaa5bdbac93698c70ff67b229f657c5b5697665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Nov 2021 22:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: EmYCDnUevXSilDmkLpibsQ==
age: 1701260
vary: Accept-Encoding
content-length: 14932
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:51 GMT
server: cloudflare
etag: 0x8D8973520EF1BA5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 927f3be6-201e-0086-4a86-cc8c34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6afc4ad5a8804a5b-FRA

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=019a20c1429353619929f2505599dc50a96e82a461d955fc499e3be93f6bcf0ab0da87c991749652
dpm.demdex.net/ Frame AB7A
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=75934993137597336341165337718185308643
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzU5MzQ5OTMxMzc1OTczMzYzNDExNjUzMzc3MTgxODUzMDg2NDMQABoNCPT71YwGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=019a20c1429353619929f2505599dc50a96e82a461d955fc499e3be93f6bcf0ab0da87c991749652

42 B
945 B

33ms
33ms

Image
image/gif

52.213.37.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=019a20c1429353619929f2505599dc50a96e82a461d955fc499e3be93f6bcf0ab0da87c991749652

Protocol

HTTP/1.1

Server

52.213.37.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-37-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0ab66d375.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: DLZGmOwWQtA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 17 Nov 2021 22:11:00 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=019a20c1429353619929f2505599dc50a96e82a461d955fc499e3be93f6bcf0ab0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK c.json Show response
collection.decibelinsight.net/i/13948/332429/ 16 KB
10 KB 10ms
9ms XHR
application/json 18.156.143.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collection.decibelinsight.net/i/13948/332429/c.json

Requested by

Host: collection.decibelinsight.net
URL: https://collection.decibelinsight.net/i/13948/332429/di.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.156.143.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-143-93.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fb5a71307b5cf4e47706f29760aa6eca1a159f33181d0b207744dfd9f3f7b338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 22:11:00 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
ETag: W/000070824-17D2FF401E3
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://idp.hrblock.com
Cache-Control: private, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPc-kIFkOYmPff-x6r0QUUA&google_cver=1
dpm.demdex.net/ Frame AB7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzU5MzQ5OTMxMzc1OTczMzYzNDExNjUzMzc3MTgxODUzMDg2NDM=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzU5MzQ5OTMxMzc1OTczMzYzNDExNjUzMzc3MTgxODUzMDg2NDM=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPc-kIFkOYmPff-x6r0QUUA&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

40ms
40ms

Image
image/gif

52.213.37.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPc-kIFkOYmPff-x6r0QUUA&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.213.37.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-37-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0cd393dcb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MroN62nnSu8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPc-kIFkOYmPff-x6r0QUUA&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=6e5e03bd-115b-4efc-8264-68db5b2fea7e
dpm.demdex.net/ Frame AB7A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=6e5e03bd-115b-4efc-8264-68db5b2fea7e

42 B
945 B

38ms
33ms

Image
image/gif

52.213.37.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=6e5e03bd-115b-4efc-8264-68db5b2fea7e

Protocol

HTTP/1.1

Server

52.213.37.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-37-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-014acb01f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bOqfdqDWSeo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=6e5e03bd-115b-4efc-8264-68db5b2fea7e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=2n7BKNsrninBd8l7jn3VKN4syiXBe8F52ni0NjYb
dpm.demdex.net/ Frame AB7A
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=2n7BKNsrninBd8l7jn3VKN4syiXBe8F52ni0NjYb

42 B
945 B

55ms
34ms

Image
image/gif

52.213.37.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=2n7BKNsrninBd8l7jn3VKN4syiXBe8F52ni0NjYb

Protocol

HTTP/1.1

Server

52.213.37.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-37-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-088c7d1ad.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qBkKggf4Sgs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=2n7BKNsrninBd8l7jn3VKN4syiXBe8F52ni0NjYb
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame AB7A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=75934993137597336341165337718185308643&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=75934993137597336341165337718185308643&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
959 B

39ms
39ms

Image
image/gif

52.213.37.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

52.213.37.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-37-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0724f3096.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: 37PlvvqDRKM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:00 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 16
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6afc4ad9d93442e7-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dpm.demdex.net/ibs:dpid=22054
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 11e0642772864c65ae4bab2728284ade Show response
mp-hrbcomlnp.hrblock.com/p/hrb/fyhAl4WCL/sst/ 15 B
174 B 407ms
109ms XHR
application/json 15.197.170.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-hrbcomlnp.hrblock.com/p/hrb/fyhAl4WCL/sst/11e0642772864c65ae4bab2728284ade
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.170.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: af7be9a1b07df2d35.awsglobalaccelerator.com
Software: /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://idp.hrblock.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://idp.hrblock.com
date: Wed, 17 Nov 2021 22:11:01 GMT
access-control-allow-credentials: true
content-length: 15
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 200 3b309e5c85a1445788357cbb8103e621
mp-hrbcomlnp.hrblock.com/p/hrb/fyhAl4WCL/info/pv/ 0
0 401ms
108ms Ping
application/json 15.197.170.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-hrbcomlnp.hrblock.com/p/hrb/fyhAl4WCL/info/pv/3b309e5c85a1445788357cbb8103e621
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.170.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: af7be9a1b07df2d35.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://idp.hrblock.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 10ms
9ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:00 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 24 Nov 2021 22:11:00 GMT

GET
H2

200

src=9825626;dc_pre=CILV4Ym1oPQCFQW6mgodg-sHxA;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://zuyapixel.com/api/?pixelID=2614
https://ad.doubleclick.net/ddm/activity/src=9825626;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9825626;dc_pre=CILV4Ym1oPQCFQW6mgodg-sHxA;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9825626;dc_pre=CILV4Ym1oPQCFQW6mgodg-sHxA;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
494 B

1475ms
77ms

Image
image/gif

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9825626;dc_pre=CILV4Ym1oPQCFQW6mgodg-sHxA;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9825626;dc_pre=CILV4Ym1oPQCFQW6mgodg-sHxA;type=invmedia;cat=hrb-u0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=5262330;dc_pre=COrcooq1oPQCFY2xsgodO7MFyw;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://gwmtracking.com/p/v/1/5c086cf1f8708170a6c95a51/format/img?
https://ad.doubleclick.net/ddm/activity/src=5262330;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=5262330;dc_pre=COrcooq1oPQCFY2xsgodO7MFyw;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=5262330;dc_pre=COrcooq1oPQCFY2xsgodO7MFyw;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

496ms
112ms

Image
image/gif

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=5262330;dc_pre=COrcooq1oPQCFY2xsgodO7MFyw;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=5262330;dc_pre=COrcooq1oPQCFY2xsgodO7MFyw;type=invmedia;cat=hrb_c00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-4UZr_j7rCm_Aj.js Show response
rules.quantcount.com/ 2 KB
1 KB 47ms
19ms Script
application/javascript 2600:9000:223c:c000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-4UZr_j7rCm_Aj.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a4d7db3d9158b73f517ad2f9529d45cc2ffd6558a7c3765e0e02400d3694e51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 21:26:43 GMT
content-encoding: gzip
age: 2658
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 18 Nov 2019 15:26:45 GMT
server: AmazonS3
etag: W/"e4c56bbd59e5af72fed9eecc7539922a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 3nkeDM-Ha7ZPXwoQDzyGnkN4tgA6X71VZEPKZ5C8P3mpqfIKPpDK9A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
30 KB 374ms
93ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b42ac6036e55bfe495adf0fc2890f852f94a1828c4ded9746f2f458db49157ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30019
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 22:11:01 GMT

GET
H2 200 pixel;r=143679014;labels=_fp.event.Universal_HRBlock%2C_fp.pcat.INSERT%2BPRODUCT%2BCATEGORY%2C_fp.customer.INSERT%2BCUSTOMER%2BTYPE;event=refresh;rf=3;a=p-4UZr_j7rCm_Aj;url=https%3A%2F%2Fidp.hrbloc...
pixel.quantserve.com/ 35 B
210 B 11ms
11ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=143679014;labels=_fp.event.Universal_HRBlock%2C_fp.pcat.INSERT%2BPRODUCT%2BCATEGORY%2C_fp.customer.INSERT%2BCUSTOMER%2BTYPE;event=refresh;rf=3;a=p-4UZr_j7rCm_Aj;url=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1;uht=2;fpan=1;fpa=P0-1863820503-1637187060858;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=hrblock.com;je=0;sr=1600x1200x24;dst=0;et=1637187060858;tzo=0;ogl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:00 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 93 KB
0 822ms
627ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1068430904&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50978
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 22:11:01 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 40 KB
0 1385ms
1190ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-955953367&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39734
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 22:11:01 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 83 KB
0 758ms
563ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-824176236&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39547
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 22:11:01 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 66 KB
0 546ms
352ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-986633679&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39668
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 22:11:01 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 88 KB
0 293ms
99ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-858419637&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39548
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 22:11:01 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 40 KB
0 936ms
742ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9121585&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35974
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 22:11:01 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 106ms
7ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 15:45:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 23130
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 985c0b2ec44bdebc7f24f26d1e427d31.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: zdNOcAraEb9TogxtILB7wTzKw9BXJ2V-F6z9WIZfYk87L7gsZE6uGw==

GET
H2

200

/
www.google.de/pagead/1p-user-list/1068430904/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068430904/?value=0&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1068430904/?value=0&guid=ON&script=0&is_vtc=1&random=1659154268
https://www.google.de/pagead/1p-user-list/1068430904/?value=0&guid=ON&script=0&is_vtc=1&random=1659154268&ipr=y

42 B
548 B

435ms
51ms

Image
image/gif

142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068430904/?value=0&guid=ON&script=0&is_vtc=1&random=1659154268&ipr=y

Protocol

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1068430904/?value=0&guid=ON&script=0&is_vtc=1&random=1659154268&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 5975881100353701888
acuityplatform.com/Adserver/pxlj/ 492 B
0 2350ms
447ms Script
text/javascript 154.59.122.74

General

Check archive.org

Show headers Download Go to

Full URL: https://acuityplatform.com/Adserver/pxlj/5975881100353701888
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.59.122.74 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 22:11:03 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
103 KB 35ms
7ms Script
application/javascript 2600:9000:225e:3400:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=hr-block-3b2605dc-5ccc-4a88-9436-5cddea1827c1
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3400:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
via: 1.1 70d755f7200c02162c7545e4ce74649b.cloudfront.net (CloudFront)
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
age: 62932
etag: "08e770c8a17bf087d50cec01af0892c2"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 17 Nov 2021 04:42:10 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 105110
x-amz-cf-id: -wZg_vzspe1l0jxNcP6sD8cBOijmiF-iMdBdIY__9mHUxJmEsitH0Q==

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 4BDB 0
181 B 38ms
32ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=aajmr38&ref=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&upid=s51rgnk&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 317ms
99ms Preflight 3.217.188.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.188.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-188-123.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://idp.hrblock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 22:11:02 GMT
content-length: 0
access-control-allow-origin: https://idp.hrblock.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
336 B 302ms
100ms XHR
text/plain 3.217.188.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: c.tvpixel.com
URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=hr-block-3b2605dc-5ccc-4a88-9436-5cddea1827c1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.188.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-188-123.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://idp.hrblock.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://idp.hrblock.com
date: Wed, 17 Nov 2021 22:11:02 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
23 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a6f890cb47fee47c8f8f2366ce7481f6323eecf1f966784f350761cfab24d35

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 22474
x-xss-protection: 0
pragma: public
x-fb-debug: KfXmI17pc/OsxBJk9BjoFitGvQxgpoXxC4IZF4ymZBxy4KjuqjsCC3SfPhNgDi9W4jydDCQw5GVytpEpk6TkeA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Nov 2021 22:11:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 54ms
14ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 21:23:19 GMT
content-encoding: gzip
age: 2863
x-guploader-uploadid: ADPycdvE_PnIN57L0OLc9sZ6lWjQieLsjGaGTWF1-QFw2wmPHJ-YppmRYO-k3oh_D233FPlfHX3CZn0sFjT99H43myo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 17 Nov 2021 22:23:19 GMT

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 38ms
36ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=2bxh61v&ct=0:gik6h62&fmt=3&td9=72001823984809812631919013517443492718
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ 10 KB
4 KB 436ms
97ms Script
text/plain 34.199.207.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N426A-3ED

Requested by

Host: idp.hrblock.com
URL: https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.207.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-207-17.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7debc5d521d825bf54a3da7e1b8700756a74cf70306712ca7fd192fd37aaa003

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 22:11:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 12:41:09 GMT
Server: nginx
ETag: "61828365-ef2"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 3826
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 Nov 2021 22:11:02 GMT

GET
H2 200 1_0
login.dotomi.com/profile/visit/px/ 43 B
277 B 83ms
27ms Image
image/gif 89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/profile/visit/px/1_0?dtm_cid=81208&dtm_cmagic=a664e9&dtm_fid=101&cli_promo_id=1&cachebuster=a009331cd09443fa90dce1fdd0c7688f&dtmc_loc=https://idp.hrblock.com/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-usadmm.dotomi.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
access-control-allow-origin: *
cache-control: no-cache, private, max-age=0, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 A407482-2eb4-43e5-8a9f-fb0c7cbe8bc11.js Show response
d.impactradius-event.com/ 42 KB
13 KB 167ms
129ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A407482-2eb4-43e5-8a9f-fb0c7cbe8bc11.js
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1b5c802e036d5c12a4484c4e0e6e80fa2504c3cc064a09efb4b398ea2045635b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:02 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdtFztHMap0T4Ait-J4USOxZUA7PKAg6HvVE_4QeWgxJo1k_5ZZ33gPCI-fk1NyFg7cf7FkIiVk5Cy-BvB9-gkE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 13166
last-modified: Tue, 16 Nov 2021 18:47:50 GMT
server: UploadServer
etag: "bf58a2a882619c54aeb469f17e9179e1"
vary: Accept-Encoding
x-goog-hash: crc32c=oSScxg==, md5=v1iiqIJhnFSutGnxfpF54Q==
x-goog-generation: 1637088470120685
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13166
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Wed, 17 Nov 2021 22:16:02 GMT

GET
H3 200 288696891835309 Show response
connect.facebook.net/signals/config/ 355 KB
85 KB 68ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/288696891835309?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7796ffc612076ef6af80ae43aa00feb7bf1747a9d38b635b17e3127804cca92e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: WEdif/IhNvCYuU+0lkLPem1qAN8JT5zDOrbge8gdNFVucF2Ir3YX2T5iUnywtbRLkonL6oHZG4tbYnnjMkLfUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Nov 2021 22:11:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 203ms
172ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://idp.hrblock.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Nov 2021 22:11:02 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: b1c09c2bc64229efe170f6401712fdf4
function-execution-id: uicxi63knmbu
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 186ms
138ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://idp.hrblock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: 5mcbqz1vjr9r
x-powered-by: Express
x-cloud-trace-context: 9511dccf9468015b95813ff2e500aea4
content-encoding: gzip
date: Wed, 17 Nov 2021 22:11:02 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 37ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=288696891835309&ev=PageView&dl=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&rl=&if=false&ts=1637187062085&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1637187062084.96507485&it=1637187061989&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 22:11:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 37ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=288696891835309&ev=Universal_HRBlock&dl=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&rl=&if=false&ts=1637187062087&sw=1600&sh=1200&v=2.9.5&r=c2&ec=1&o=30&fbp=fb.1.1637187062084.96507485&it=1637187061989&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 22:11:02 GMT

POST
H2 200 5683 Show response
linkto.hrblock.com/xc/417662/391261/ 113 B
755 B 101ms
21ms XHR
application/json 34.95.123.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://linkto.hrblock.com/xc/417662/391261/5683
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A407482-2eb4-43e5-8a9f-fb0c7cbe8bc11.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.123.229 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 229.123.95.34.bc.googleusercontent.com
Software: /
Resource Hash: d205209346c71877d75a511deb26be32b5a46890c4e46606af5945c516aed151

Request headers

Referer: https://idp.hrblock.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://idp.hrblock.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
alt-svc: clear
expires: Wed, 17 Nov 2021 22:11:02 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 58ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:01 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 03:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 591BD2EF42314FD3A1A4910D8FEC3D05 Ref B: FRAEDGE1219 Ref C: 2021-11-17T22:11:02Z
etag: "80dc6f5342d8d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10442

GET
H2 204 0
bat.bing.com/action/ 0
149 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=&Ver=2&mid=0104ad90-f2db-4b09-8a9e-c62f15522cf2&sid=4040532047f311ecbf08aba2a5c626d4&vid=40407ab047f311ecb90e277b0c738727&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20In&kw=H%26R%20Block&p=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&r=&lt=2876&evt=pageLoad&msclkid=N&sv=1&rn=182841
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5E7A094144B4E40903C424B18324364 Ref B: FRAEDGE1219 Ref C: 2021-11-17T22:11:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grin-sdk.js Show response
d38xvr37kwwhcm.cloudfront.net/js/ 45 KB
16 KB 36ms
8ms Script
application/javascript 2600:9000:223f:4400:15:decf:f580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4400:15:decf:f580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3c788a6469d3de15f844df644f328c04c222d1f34cf29850bcda1386da0fd56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 08:11:27 GMT
content-encoding: gzip
etag: W/"1f6c0af887baf74e41d5bc75d3fb2fda"
last-modified: Mon, 28 Jun 2021 22:43:09 GMT
server: AmazonS3
age: 50376
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ooW9mSDgunI7ImfrO9OyeBOtE726v8uzdxymJZja97Skcb0SpNFuMg==

GET
H2 200 /
www.ojrq.net/p/ 50 B
415 B 59ms
20ms Image
image/gif 34.95.127.121
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=5683&tpsync=no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Wed, 17 Nov 2021 22:11:02 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 37ms
8ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 22:11:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=35033
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7516c06a-b161-70e7-12bd-1918c3b32f90%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hrblock.com/&ex-hargs=v%3D1.0%3Bc%3D8580...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7516c06a-b161-70e7-12bd-1918c3b32f90%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hrblock.com/&ex-hargs=v%3D1.0%3Bc%3D8580...

43 B
932 B

127ms
126ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7516c06a-b161-70e7-12bd-1918c3b32f90%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hrblock.com/&ex-hargs=v%3D1.0%3Bc%3D8580371368914%3Bp%3D7516C06A-B161-70E7-12BD-1918C3B32F90&dcc=t

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 22:11:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0NPB1X09SCS7PSSY0AQC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 22:11:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W80CBDG2KFSSCFQ5DMZ6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D7516c06a-b161-70e7-12bd-1918c3b32f90%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hrblock.com/&ex-hargs=v%3D1.0%3Bc%3D8580371368914%3Bp%3D7516C06A-B161-70E7-12BD-1918C3B32F90&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 34ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=n17jjff&ct=0:6yszdwi&fmt=3&td1=Universal%20HRBlock
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
714 B 112ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10167060&he=&el=Universal%20HRBlock

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 22:11:02 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 17 Nov 2021 22:11:02 GMT

GET
H2 200 collect
px.ads.linkedin.com/ 0
479 B 563ms
205ms Image
application/javascript 2620:119:50e7:101::9002:e05
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1637187062313&url=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e7:101::9002:e05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:02 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lor1
content-type: application/javascript
content-length: 0
x-li-uuid: 9+tRmvV0uBbgtI0S8CoAAA==

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 286 B
434 B 43ms
15ms XHR
text/plain 2606:4700::6810:7b60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: d38xvr37kwwhcm.cloudfront.net
URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7b60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1d4076a590dc0ea32b2d61c181016401307af9b62050d36af8c18263ba12d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6afc4ae90eca4a74-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 f8702384963c4a0d8f9c54cded4d5666 Show response
mp-hrbcomlnp.hrblock.com/p/hrb/fyhAl4WCL/sst/ 15 B
174 B 111ms
110ms XHR
application/json 15.197.170.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-hrbcomlnp.hrblock.com/p/hrb/fyhAl4WCL/sst/f8702384963c4a0d8f9c54cded4d5666
Requested by: Host: sdk.hrb.magicpixel.io
URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.170.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: af7be9a1b07df2d35.awsglobalaccelerator.com
Software: /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://idp.hrblock.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://idp.hrblock.com
date: Wed, 17 Nov 2021 22:11:03 GMT
access-control-allow-credentials: true
content-length: 15
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 RC92af0219ef854b9d88982976df9dba08-source.min.js Show response
assets.adobedtm.com/f6306126288b/e9e814d2f623/9ea832205697/ 886 B
719 B 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f6306126288b/e9e814d2f623/9ea832205697/RC92af0219ef854b9d88982976df9dba08-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf8b881eaea0c427ab85c67d659962b81.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 667462bab26a66da9cd2cbcf0770b50cdd201f30f5ab2fcebce5d5bff0693e8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:03 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 22:18:23 GMT
server: AkamaiNetStorage
etag: "5885fc99c29317d0d3aee8acd3c0342d:1637101103.166115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://idp.hrblock.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 454
expires: Wed, 17 Nov 2021 23:11:03 GMT

GET
H2 200 s13948348069819 Show response
smetrics.hrblock.com/b/ss/hrblockcom/10/JS-2.22.0-LBWB/ 1 KB
1 KB 44ms
43ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.hrblock.com/b/ss/hrblockcom/10/JS-2.22.0-LBWB/s13948348069819?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=17%2F10%2F2021%2022%3A11%3A3%203%200&d.&nsid=0&jsonv=1&.d&sdid=7C739E622C0312C6-2CF45632FEBCEB82&mid=72001823984809812631919013517443492718&aamlh=6&ce=UTF-8&pageName=gua%7Csignin%7Csignin_myhrb&g=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&cc=USD&ch=gua&events=event162&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=signin&c3=signin_myhrb&c7=gua%7Csignin%7Csignin_myhrb&v12=gua&v13=signin&c23=signin_myhrb&c24=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&c28=idp.hrblock.com&c30=72001823984809812631919013517443492718&c32=Web%7CWeb%7CProd%7CHRBlock%7C&c34=Wednesday%7C10%3A00%20PM%7CWeekDay&c36=5.2.0%7C2.22.0%7C9.4%7C2.5.0%7Cproduction%7Cyes%7CH%26R%20Block%20-%20US%20Website%7C2021-11-16T22%3A18%3A04Z%7C&c55=idp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO&v92=gua%7Csignin%7Csignin_myhrb&v100=core.direct-call%20%3A%20Global%20Page%20Load%20%28page_load%29&v113=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&v119=idp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO&v120=di-332429-6E9DCD8B8E33AE8B5F1CAA1349798C13D7&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

4aaa673a1bf8edba997d2b57631ebd89db1b2622e1d5c8864d073220b16c340d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-aam-tid: IrV7d8RnTYM=
date: Wed, 17 Nov 2021 22:11:03 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
vary: *
content-length: 1120
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v019-02cd5e33a.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Thu, 18 Nov 2021 22:11:03 GMT
server: jag
xserver: anedge-6988cccb6f-bxv8h
etag: 3515832447861325824-4619601271061769090
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 16 Nov 2021 22:11:03 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=288696891835309&ev=Microdata&dl=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&rl=&if=false&ts=1637187063588&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20In%22%2C%22meta%3Adescription%22%3A%22Login%20to%20your%20H%26R%20Block%20account%20to%20check%20the%20status%20of%20your%20tax%20refund%20and%20efile%20status%2C%20gain%20access%20to%20past%20returns%20or%20file%20your%20taxes%20online.%22%2C%22meta%3Akeywords%22%3A%22H%26R%20Block%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=c2&ec=2&o=30&fbp=fb.1.1637187062084.96507485&it=1637187061989&coo=false&es=automatic&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://idp.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:11:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 17 Nov 2021 22:11:03 GMT

Verdicts & Comments Add Verdict or Comment

439 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decibelinsight.net/i/13948/	1970-01-20 07:32:03	Name: da_lid Value: -5DAEFEB89A73EA10CA4DBB990B7BC61864\|0\|0\|0
.decibelinsight.net/i/13948/	1970-01-19 22:46:28	Name: da_sid Value: 6E9DCD8B8E33AE8B5F1CAA1349798C13D7\|3\|0\|3
idp.hrblock.com/idp	1969-12-31 23:59:59	Name: _idp_s Value: 7A9D2D0E8E84427B0BBC44617E99C24E
idp.hrblock.com/idp	1969-12-31 23:59:59	Name: _idp_rs Value: 16An4sQEK2qcezyZ7cJBZnEfGWwS1rT%2FVfk1XQICieA4446TYNL6RIdaJ1k9IO6EL3pDjC3luxWPYO7%2BYUmOHA%3D%3D
sso.identitymanagementcenter.com/	1969-12-31 23:59:59	Name: PF Value: tzPmqPYK0vrblhsgx0J3uQ
.identitymanagementcenter.com/	1970-01-20 07:31:21	Name: visid_incap_2145724 Value: Ie5uAn8LQS6+tIQ566xcufF9lWEAAAAAQUIPAAAAAADdTuP1gyeLgjvxpyHLETdw
.identitymanagementcenter.com/	1969-12-31 23:59:59	Name: nlbi_2145724 Value: F9RkbYYL4l3AHlSwX82omwAAAADN2nSnD4YA6iHDmFyIyP0Z
.identitymanagementcenter.com/	1969-12-31 23:59:59	Name: incap_ses_448_2145724 Value: gRbuJEydXDn+WpkWHp43BvJ9lWEAAAAAgKF7n5/fvAhwfySd12yGeQ==
idp.hrblock.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity-A3PCGUAAGW01ECORS Value: 521c184e43489ef4cfbf598ba0ce3fd3
idp.hrblock.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity-A3PCGUAAGW01E Value: 521c184e43489ef4cfbf598ba0ce3fd3
idp.hrblock.com/	1969-12-31 23:59:59	Name: IDP-Internal Value: 5df2562337dc6f4f679459de85a78f41
.hrblock.com/	1970-01-20 10:24:51	Name: _idp_fP Value: aKMO5vbtOyus0PK3OIa8cRbG%2FF9Mo%2FDaEf0aI0ZYvLYk5Ux4U8SQ8SOkMZcQshmA
.hrblock.com/	1969-12-31 23:59:59	Name: _idp_gua_token Value: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTUuMC40NjM4LjU0IFNhZmFyaS81MzcuMzYiLCJpc3MiOiJHVUEiLCJqdGkiOiI3QTlEMkQwRThFODQ0MjdCMEJCQzQ0NjE3RTk5QzI0RSIsImV4cCI6MTYzNzE4ODI1OX0.Pr2m26EJwI-yzPHC9O8lAV1ZH9BZrO55Xjdh-Gp8RLFx-mA1UehF_fO_Q8IxK71SkQC62kf7X5XTS_mgxeyVBA
.hrblock.com/	1970-01-20 07:32:03	Name: _idp_lo Value: en
idp.hrblock.com/	1969-12-31 23:59:59	Name: sat_track Value: true
.hrblock.com/	1969-12-31 23:59:59	Name: _hrbc_fv Value: yes
.hrblock.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 03:05:39	Name: demdex Value: 75934993137597336341165337718185308643
.hrblock.com/	1969-12-31 23:59:59	Name: AMCVS_A78D3BC75245AD7C0A490D4D%40AdobeOrg Value: 1
.hrblock.com/	1970-01-20 16:17:39	Name: s_ecid Value: MCMID%7C72001823984809812631919013517443492718
.hrblock.com/	1970-01-20 07:32:03	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Nov+17+2021+22%3A11%3A00+GMT%2B0000+(GMT)&version=6.10.0&hosts=&landingPath=https%3A%2F%2Fidp.hrblock.com%2Fidp%2Fprofile%2FSAML2%2FRedirect%2FSSO%3Fexecution%3De1s1&groups=C0001%3A1%2CC0004%3A1
.hrblock.com/	1970-01-20 16:17:39	Name: AMCV_A78D3BC75245AD7C0A490D4D%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18949%7CMCMID%7C72001823984809812631919013517443492718%7CMCAAMLH-1637791860%7C6%7CMCAAMB-1637791860%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1637194260s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.hrblock.com/	1970-01-20 16:20:31	Name: mbox Value: session#783e93161b2448238adad2f2f03c7a10#1637188920\|PC#783e93161b2448238adad2f2f03c7a10.37_0#1700431861
.hrblock.com/	1970-01-20 07:32:03	Name: ndcd Value: wc1.1.w-729460.1.2.OhAz-Kk6A55fgApWqz3gow%252C%252C.OhYbxH6EADDqHidjaDmeDGFYXV1_pGICzj2rOQCRPBQYCIogjF2gddebIy8ja5AwF3pAbnJ21-Q4XY1MIYRNP5Evy1kw7kvw6g1tSipNTST6-jgnLVPnUwjX89Dj9MlIsoPFHnyV8PYHaNxvoZqWQJWpgY7c6c2esK-Dt4uJNfvyxoJapH1SSVSpFX_mPTCB
.hrblock.com/	1970-01-19 22:46:28	Name: da_sid Value: 6E9DCD8B8E33AE8B5F1CAA1349798C13D7\|3\|0\|3
.hrblock.com/	1970-01-20 07:32:03	Name: da_lid Value: 5DAEFEB89A73EA10CA4DBB990B7BC61864\|0\|0\|0
.hrblock.com/	1970-01-19 22:46:28	Name: da_intState Value:
.rlcdn.com/	1970-01-20 07:32:03	Name: rlas3 Value: kE050938qJBwTsaIeRngqpiExTPWlst+LElhvr+NDcI=
.rlcdn.com/	1970-01-20 00:12:51	Name: pxrc Value: CPT71YwGEgUI6AcQABIGCPHrARAA
.dpm.demdex.net/	1970-01-20 03:05:39	Name: dpm Value: 75934993137597336341165337718185308643
.doubleclick.net/	1970-01-20 08:08:03	Name: IDE Value: AHWqTUnL2Udb4vh4wN1kP3fXmrSiOl3fp5TB70JqFlkoBQRVS66vLAlsFrUrLslHxTE
.adsrvr.org/	1970-01-20 07:32:03	Name: TDID Value: 6e5e03bd-115b-4efc-8264-68db5b2fea7e
.adsrvr.org/	1970-01-20 07:32:03	Name: TDCPM Value: CAESEgoDYWFtEgsIhPbCu6WIlToQBRgFIAEoAjILCKjIm-i7iJU6EAU4AQ..
.quantserve.com/	1970-01-20 00:56:03	Name: d Value: EJEBDAHfJLmvYA
.quantserve.com/	1970-01-20 08:16:41	Name: mc Value: 61957df4-81fb2-52c28-49d67
.demdex.net/	1970-01-20 03:05:39	Name: dextp Value: 477-1-1637187060179\|771-1-1637187060284\|903-1-1637187060385\|1175-1-1637187060486\|22054-1-1637187060587
.hrblock.com/	1970-01-20 08:10:55	Name: __qca Value: P0-1863820503-1637187060858
.tribalfusion.com/	1970-01-20 00:56:03	Name: ANON_ID Value: avnrXhtMPmEUTgUpMDGcLHrG3pFElNs31n3VRSEqpf8oGLBIMOGPb4ZdrBdZdZabykDMlQJaV96
.hrblock.com/	1970-01-19 22:46:28	Name: _dpm_ses.891f Value: *
.hrblock.com/	1970-01-20 07:32:03	Name: _dpm_id.891f Value: 7dbcc96d-1ba4-400b-a363-a92dc582ec18.1637187062.1.1637187062.1637187062.689314b1-1b27-4f6a-9920-91b45a32bd99
idp.hrblock.com/	1970-01-20 07:32:03	Name: __pdst Value: 772506af5dc1445e98c8f5b39df129e2
.hrblock.com/	1970-01-20 00:56:03	Name: _fbp Value: fb.1.1637187062084.96507485
.hrblock.com/	1969-12-31 23:59:59	Name: IR_gbd Value: hrblock.com
.hrblock.com/	1969-12-31 23:59:59	Name: IR_5683 Value: 1637187062148%7C417662%7C1637187062148%7C%7C
.bing.com/	1970-01-20 08:08:03	Name: MUID Value: 26CB19E0F3D161D218A20912F203608C
.hrblock.com/	1970-01-19 22:47:53	Name: _uetsid Value: 4040532047f311ecbf08aba2a5c626d4
.hrblock.com/	1970-01-20 08:08:03	Name: _uetvid Value: 40407ab047f311ecb90e277b0c738727
.hrblock.com/	1970-01-20 16:03:15	Name: brwsr Value: 40434c9a-47f3-11ec-bc09-9db2feef10ec
linkto.hrblock.com/	1970-01-20 03:05:39	Name: irld Value: LS6a2FVSqBwRG0dU1gUVhhTb5wQ-V0-W%3APUfgVFfRzYUJH1fk
.hrblock.com/	1970-01-19 22:47:53	Name: irtps Value: 1
.hrblock.com/	1970-01-20 16:03:15	Name: IR_PI Value: 40434c9a-47f3-11ec-bc09-9db2feef10ec%7C1637273462148
.ojrq.net/	1970-01-20 16:03:15	Name: brwsr Value: 404e21bb-47f3-11ec-8e81-f3787b459057
gwmtracking.com/	1970-02-13 19:17:50	Name: kwsu Value: 61957df6478b62677594efa4
.yahoo.com/	1970-01-20 07:32:24	Name: A3 Value: d=AQABBPZ9lWECEO1N9q9h9etouNrX7o3ElcEFEgEBAQHPlmGfYQAAAAAA_eMAAA&S=AQAAApk2bceW5yzQ9Sl8-ErI_Mg
.tvpixel.com/	1970-01-20 07:32:03	Name: sp Value: 18cf2451-aa7a-466b-ada6-8cc280df3fbf
.amazon-adsystem.com/	1970-01-20 04:11:53	Name: ad-id Value: AyhYPxKpSUoKuwkl_sbVzSw
.amazon-adsystem.com/	1970-01-21 19:40:41	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:18:20	Name: bcookie Value: "v=2&1c02342c-cbbf-498c-8414-212b28e4ffe7"
.linkedin.com/	1970-01-19 22:47:53	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2537:u=1:x=1:i=1637187062:t=1637273462:v=2:sig=AQGdcM0FjYE1t_wUXeXdASNGm5JWV7oT"
.hrblock.com/	1970-01-20 03:05:39	Name: _hrbc Value: {%22ppn%22:%22gua\|signin\|signin_myhrb%22%2C%22pss%22:%22gua%22}
.hrblock.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.hrblock.com/	1970-01-20 03:04:12	Name: aam_uuid Value: 75934993137597336341165337718185308643

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=0 max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acuityplatform.com
ad.doubleclick.net
adservice.google.com
api-nd.hrblock.com
assets.adobedtm.com
bat.bing.com
c.tvpixel.com
cdn.cookielaw.org
cdn.pdst.fm
cm.g.doubleclick.net
collection.decibelinsight.net
connect.facebook.net
d.impactradius-event.com
d38xvr37kwwhcm.cloudfront.net
dpm.demdex.net
geolocation.onetrust.com
googleads.g.doubleclick.net
gwmtracking.com
hrblock.demdex.net
hrblock.tt.omtrdc.net
idp.hrblock.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
linkto.hrblock.com
login.dotomi.com
match.adsrvr.org
mp-hrbcomlnp.hrblock.com
p.tvpixel.com
pixel.quantserve.com
px.ads.linkedin.com
resources.xg4ken.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
sdk.hrb.magicpixel.io
secure.quantserve.com
smetrics.hrblock.com
snap.licdn.com
sp.analytics.yahoo.com
sso.identitymanagementcenter.com
taxidshield.hrblock.com
us-central1-adaptive-growth.cloudfunctions.net
www.cloudflare.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.hrblock.com
www.ojrq.net
zuyapixel.com
13.32.121.44
142.250.185.131
142.250.185.162
142.250.185.98
142.250.186.70
15.197.170.101
15.236.176.210
154.59.122.74
168.137.103.42
172.217.16.130
172.217.18.100
18.156.143.93
18.66.96.113
2.17.185.187
2001:4860:4802:36::36
209.54.180.3
212.82.100.181
216.200.122.11
23.37.49.246
2600:9000:223c:c000:6:44e3:f8c0:93a1
2600:9000:223f:4400:15:decf:f580:21
2600:9000:225e:3400:1d:bf0a:0:93a1
2606:4700:10::6814:b844
2606:4700::6810:7b60
2606:4700::6810:9440
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:119:50e7:101::9002:e05
2620:1ec:c11::200
2a00:1450:4001:829::2008
2a02:26f0:6c00:299::1e80
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.130.108.206
3.217.188.123
34.199.207.17
34.95.123.229
34.95.127.121
35.186.249.72
35.244.142.80
35.244.174.68
40.67.190.253
45.60.123.207
52.213.37.66
52.223.40.198
54.195.238.9
63.32.151.178
89.207.16.201
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0ad092aad6edc5a35ceae773fdaa5bdbac93698c70ff67b229f657c5b5697665
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
0c724a57a63ea555bc777f9c9ac087b6eea61ce40bc3f5db03a1a94446998429
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10a31cad587a9cfbf03f9dadd11fc394d3a46455457d1516a16e8b82c4a320a6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12e3f2b60286af48bf637436056a1e2e4e53b4368bfcaf3f21aa85e489290538
1568a75df5716612d923a4e05ce43d8d6d0322e73dd942d545da4b9f6bcb7730
1a1ebb0567388f8563d5599f3c8906c99e351b2cd523027aedd0717554719b7d
1a57533b0d6f4456a9566844411d41e5af5f7062e4d7c8e0d626014b1ffa5c65
1b5c802e036d5c12a4484c4e0e6e80fa2504c3cc064a09efb4b398ea2045635b
1d7f088b816cdc72472888029bcce6742a718f48669430ee580290069703f9ac
1da9522b1f1aa8c2b46d7f23ce8025f7f8b912d4a3f90f915d4e5ae03f5fcf61
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f2fedd4c007c869e13a4eea793275de6c6337e9b7813c2162474b8899ba15c3
3304edc2cdcbfdde8862ee2056e240090266edc7d19362acb3af0c418375c1dd
3c13673024a4e0ebf04545932e140074842c7043e17caf5748b80e40783a557d
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4a4d7db3d9158b73f517ad2f9529d45cc2ffd6558a7c3765e0e02400d3694e51
4aaa673a1bf8edba997d2b57631ebd89db1b2622e1d5c8864d073220b16c340d
52924c848bb51af09ed5f05471651c3123888ec96c906112d109705ef36046c9
57252bd99cdc5c712a5958a8d197bb40fa6690b124c65d5e91969ddaaf78ef6e
5e2e06d4670dbf578006da7c40c99f6f2f9ec5857e1170a326f6b7a258f5ee42
616b1743164b60019e7a5981ee982cffabb6fa2c85b1a4a3cc906f9bd7aab0ff
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
6397082c237053b35d2ac4cb4e378c0a2f10ba573019b163c37e2e778ff73bf3
6444e4da671c9eb8c32d8c35ef7ee15b4ae2f07afce41e300373ab953ea63713
667462bab26a66da9cd2cbcf0770b50cdd201f30f5ab2fcebce5d5bff0693e8f
6739e6568cc269de53c7152e2199647c486203334b8be01ffe32caa2bde5d362
6906672d4891f8796d99c7bde6ee22d51d1b71286513afe04282edd90a557bc6
6f0834e12f66885387e20e213ef4add332a86d7c8601929e4235f51a4cf56afa
720f5a48721a813047110c6ed922f782824b4ea2ae7d1023917934bc155ecfaf
75a51dc1d84e2981a0995ab7b72fc9bbf0d6a301151d04ec8b3d0a8d903e6532
7796ffc612076ef6af80ae43aa00feb7bf1747a9d38b635b17e3127804cca92e
77de5d5a9b7b92d716904e0a180d2a1cbc7d8bd7c83bc1e19fca8705c073083b
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c639d2dff855acce1425a17de3c2f5785d4c13b045862632105be35bb2d5e27
7debc5d521d825bf54a3da7e1b8700756a74cf70306712ca7fd192fd37aaa003
8170384f7217ae18db9715ad4083d517a9ca1f6bcb64ee37ea2964441fde31f8
822eca8ddf86f8703de0a3382ce41bafd51ef5e87b76e0fa5a68c21234e9bbae
8c031c00ca5ac49fd26c9b23ec85e95d12123d0b371c69b6e348821612d8d819
8c1d4076a590dc0ea32b2d61c181016401307af9b62050d36af8c18263ba12d9
8ccbc312e43b3d7cffbeaf5e5105b91a045c26236b0bc97e86d2d3e1dec05ff6
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0151718068d35ec8092ded7e6610541d90d968dae4dbf32179637826c1756d
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
9307c77b789ef1bccf36a3c54b34ff6f905bb612d2e2ae72481ceab1777df460
94eb9e94e4b8d3190e12088612391442395012a686601b5472bee4886adaac03
958f1d8fd844e89159a1173eef0d752c6a1ec27cd9ccadd6e641dcd56f66b451
9a6f890cb47fee47c8f8f2366ce7481f6323eecf1f966784f350761cfab24d35
9c60eeb094d7c9b44c2346b4e1e5567389dd39ae0d112d2559d3ccef1c82c442
9c6356209d1aab3d9460e148450fef987e2fa674c529e23f6e3800754185a821
a05b01e6bb7bddc10984cf7734ba7cc37df457ebb3dc2054e5ff324ecb7527d5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a83b54b84cc230b3f66fce25c954ee5d198b54c218e5ee014fae8fd9f121f2ad
a948b42e0f376700de1abc6511a477be1a5befb074cf01afd0fb26cbb2658ab6
b42ac6036e55bfe495adf0fc2890f852f94a1828c4ded9746f2f458db49157ab
bc1d67ab777ee6a40243fcb2da94b03adf49e788afb3ad5cb9768e9273ebded4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25e9178921d49725525815d14c2f7e795c1bbc2dad57a525f1fb9109efca558
cacdc05c6428df4ef38d983b8edccce8204d8031d5137c4a167a5348c3a1e56e
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
d0786f11a33d80e9022bba1bae115e347e9695d48e8fc0a8b84a4ea9616672b1
d205209346c71877d75a511deb26be32b5a46890c4e46606af5945c516aed151
d3c788a6469d3de15f844df644f328c04c222d1f34cf29850bcda1386da0fd56
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
db71ebc45710e030b8cfa75eaf005a9df71ea27609b0d3e0312faf6bb076e6db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
ea335e1de5f7b3743ec647c1f18cd6bebfa0c5bcc82028f0470ab3cea213bbc4
eae39341ad024e9b43721d3787dd13b545622fbe4150bc92b6d26fac65143f8f
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fb5a71307b5cf4e47706f29760aa6eca1a159f33181d0b207744dfd9f3f7b338
fe0bbb5ae46158848a5a7c34d4e2291b2a28fd1b91810b699f4fe9ac40927cf1
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

idp.hrblock.com Open in urlscan Pro 40.67.190.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

109 Requests

91 %HTTPS

33 %IPv6

37 Domains

52 Subdomains

39 IPs

5 Countries

934 kBTransfer

3925 kBSize

63 Cookies

3 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

idp.hrblock.com Open in urlscan Pro
40.67.190.253 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

91 %
HTTPS

33 %
IPv6

37
Domains

52
Subdomains

39
IPs

5
Countries

934 kB
Transfer

3925 kB
Size

63
Cookies

109 HTTP transactions
0 data transactions