login.microsoftonline.com Open in urlscan Pro
2603:1037:1:130::5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sparksecure-test-qa-01.hrblock-qas.ca/
Effective URL:
https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2...
Submission: On December 13 via automatic, source certstream-suspicious (December 13th 2024, 7:12:12 pm UTC) — Scanned from CA

Summary HTTP 74 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 74 HTTP transactions. The main IP is 2603:1037:1:130::5, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 29th 2024. Valid for: 6 months.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	20.115.232.10 20.115.232.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:6ea0:e20... 2a02:6ea0:e200::17	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c0f::5f	15169 (GOOGLE) (GOOGLE)
2	2600:1408:c40... 2600:1408:c400:5::17c7:3719	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2606:4700::68... 2606:4700::6812:4239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:4139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.162.125.33 3.162.125.33	16509 (AMAZON-02) (AMAZON-02)
2 29	20.29.179.18 20.29.179.18	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.21.66.64 52.21.66.64	14618 (AMAZON-AES) (AMAZON-AES)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2603:1037:1:1... 2603:1037:1:130::5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	20.190.155.131 20.190.155.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2603:1036:300... 2603:1036:3000:f8::4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.52.64.201 20.52.64.201	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
74	20

8 20.115.232.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sparksecure-test-qa-01.hrblock-qas.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:e200::17 (Ashburn, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

maxcdn.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c0f::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:5::17c7:3719 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)

a8214761424.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.125.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-33.iad61.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 20.29.179.18 (United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

service-cas-azure-qa-01.hrblock-qas.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.66.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-66-64.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1037:1:130::5 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.155.131 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1036:3000:f8::4 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.52.64.201 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	hrblock-qas.ca 2 redirects sparksecure-test-qa-01.hrblock-qas.ca service-cas-azure-qa-01.hrblock-qas.ca	3 MB
11	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 876	379 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 px4.ads.linkedin.com — Cisco Umbrella Rank: 7032	2 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 867 heapanalytics.com — Cisco Umbrella Rank: 683	38 KB
2	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 94	767 B
2	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3227	55 KB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 10	18 KB
2	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1024 a8214761424.cdn.optimizely.com	66 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	20 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1114	2 KB
1	live.com login.live.com — Cisco Umbrella Rank: 61
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	116 KB
1	icons8.com maxcdn.icons8.com — Cisco Umbrella Rank: 105127	6 KB
0	gstatic.com Failed fonts.gstatic.com Failed
74	16

	Domain	Requested by
29	service-cas-azure-qa-01.hrblock-qas.ca	2 redirects sparksecure-test-qa-01.hrblock-qas.ca service-cas-azure-qa-01.hrblock-qas.ca
11	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
8	sparksecure-test-qa-01.hrblock-qas.ca	sparksecure-test-qa-01.hrblock-qas.ca
5	fonts.googleapis.com	sparksecure-test-qa-01.hrblock-qas.ca service-cas-azure-qa-01.hrblock-qas.ca
3	px.ads.linkedin.com	1 redirects sparksecure-test-qa-01.hrblock-qas.ca
2	browser.events.data.microsoft.com	aadcdn.msftauth.net
2	aadcdn.msftauthimages.net
2	login.microsoftonline.com	service-cas-azure-qa-01.hrblock-qas.ca aadcdn.msftauth.net
2	heapanalytics.com
2	snap.licdn.com	sparksecure-test-qa-01.hrblock-qas.ca
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	cdnjs.cloudflare.com	service-cas-azure-qa-01.hrblock-qas.ca
1	cdn.heapanalytics.com	sparksecure-test-qa-01.hrblock-qas.ca
1	px4.ads.linkedin.com	sparksecure-test-qa-01.hrblock-qas.ca
1	a8214761424.cdn.optimizely.com	sparksecure-test-qa-01.hrblock-qas.ca
1	cdn.optimizely.com	sparksecure-test-qa-01.hrblock-qas.ca
1	www.googletagmanager.com	sparksecure-test-qa-01.hrblock-qas.ca
1	maxcdn.icons8.com	sparksecure-test-qa-01.hrblock-qas.ca
0	fonts.gstatic.com Failed	fonts.googleapis.com
74	20

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
sparksecure-test-qa-01.hrblock-qas.ca GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-12-13` - `2025-06-13`	6 months	crt.sh
1220595937.rsc.cdn77.org E6	`2024-12-12` - `2025-03-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2024-12-02` - `2025-12-01`	a year	crt.sh
cdn.optimizely.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.hrblock-qas.ca Go Daddy Secure Certificate Authority - G2	`2024-10-23` - `2025-10-23`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M03	`2024-11-18` - `2025-12-17`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2024-08-29` - `2025-02-28`	6 months	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2024-05-25` - `2025-05-25`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2024-08-28` - `2025-02-28`	6 months	crt.sh
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 04	`2024-12-05` - `2025-06-03`	6 months	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2024-10-13` - `2025-04-13`	6 months	crt.sh
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 08	`2024-09-27` - `2025-09-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile
Frame ID: 27249243179C78190E32EC364DE28F9D
Requests: 72 HTTP requests in this frame

Frame: https://a8214761424.cdn.optimizely.com/client_storage/a8214761424.html
Frame ID: 4968D12F70A8F52F7D278AABAA5C5494
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://sparksecure-test-qa-01.hrblock-qas.ca/ Page URL
https://service-cas-azure-qa-01.hrblock-qas.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=proportalOIDC&sc... HTTP 302
https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas... Page URL
https://service-cas-azure-qa-01.hrblock-qas.ca/cas/clientredirect?client_name=AzureAD&service=https%3A%2F%2Fservice-cas-azu... HTTP 302
https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&red... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

96 %
HTTPS

58 %
IPv6

16
Domains

20
Subdomains

20
IPs

3
Countries

3590 kB
Transfer

7023 kB
Size

29
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-CA/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-CA/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sparksecure-test-qa-01.hrblock-qas.ca/ Page URL
https://service-cas-azure-qa-01.hrblock-qas.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=proportalOIDC&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://sparksecure-test-qa-01.hrblock-qas.ca/callback&state=DJolZTkV9UPQNGY0GhtwuCALMosw8UvD&nonce=iFtB91cuMOelYAMZ&googleDeviceId=undefined&locale=en HTTP 302
https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient Page URL
https://service-cas-azure-qa-01.hrblock-qas.ca/cas/clientredirect?client_name=AzureAD&service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient&locale=en HTTP 302
https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5407514&time=1734117116978&li_adsId=3e34d951-d398-498d-a391-d21456ffcc0f&url=https%3A%2F%2Fsparksecure-test-qa-01.hrblock-qas.ca%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5407514&time=1734117116978&li_adsId=3e34d951-d398-498d-a391-d21456ffcc0f&url=https%3A%2F%2Fsparksecure-test-qa-01.hrblock-qas.ca%2F&e_ipv6=AQJlcnHDQV9kGgAAAZPBb0yhEW9nxoBBtwqpeS-HzbytYZTSMML0TKvKgbQX0v1Qg86TLsdq

Request Chain 20

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=proportalOIDC&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://sparksecure-test-qa-01.hrblock-qas.ca/callback&state=DJolZTkV9UPQNGY0GhtwuCALMosw8UvD&nonce=iFtB91cuMOelYAMZ&googleDeviceId=undefined&locale=en HTTP 302
https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
sparksecure-test-qa-01.hrblock-qas.ca/ 2 KB
2 KB 521ms
102ms Document
text/html 20.115.232.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sparksecure-test-qa-01.hrblock-qas.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.115.232.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel / ARR/3.0 ASP.NET

Resource Hash

51db597c6c7a0b1ddb5b8561261e8d5366c65cde2ffddd26cdbdb40f2632dacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Encoding: gzip
Content-Length: 1193
Content-Type: text/html
Date: Fri, 13 Dec 2024 19:11:55 GMT
ETag: "1db4ce2474b5571"
Last-Modified: Thu, 12 Dec 2024 22:07:48 GMT
Server: Kestrel
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Vary: Accept-Encoding
X-Powered-By: ARR/3.0 ASP.NET

GET
H2 200 line-awesome.min.css
maxcdn.icons8.com/fonts/line-awesome/1.1/css/ 27 KB
6 KB 166ms
30ms Stylesheet
text/css 2a02:6ea0:e200::17
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.icons8.com/fonts/line-awesome/1.1/css/line-awesome.min.css
Requested by: Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1e8638f605575bd335d49efa95e165adf7ef06dda8e367661ac2517a0a3a96b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

content-encoding: gzip
etag: W/"4334c8c70998d81bde3e6765828811a6"
x-77-cache: HIT
x-amz-meta-mtime: 1654507817.389231056
date: Fri, 13 Dec 2024 19:11:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-77-nzt-ray: 0f63d419636e7180fc865c6795c2931b
last-modified: Mon, 06 Jun 2022 09:58:54 GMT
x-amz-id-2: zsBEKUXNKd8brAbM5IqLMyyGiyfaIlvwW5+QSIFJ/S0BaBXtmRwZX2wf3PORGfAfM3nlBbAiJkg=
x-77-nzt: EgwBbT1b5QH36McDAAwBnJI74gH3bxMAAA
x-amz-request-id: F2MTXWBZCJ2SB0N4
access-control-allow-origin: *
x-77-pop: ashburnUSVA
x-77-age: 247784
server: CDN77-Turbo

GET
H/1.1 200
OK newrelic.js Show response
sparksecure-test-qa-01.hrblock-qas.ca/ 30 KB
13 KB 94ms
93ms Script
text/javascript 20.115.232.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.115.232.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel / ARR/3.0, ASP.NET

Resource Hash

37f370861cfad4421761dd7bf04c65ce7d05c5e7e890a58bcae35981a9448b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Powered-By: ARR/3.0, ASP.NET
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: "1db4cf6753ae658"
Accept-Ranges: bytes
Content-Length: 13246
Date: Fri, 13 Dec 2024 19:11:55 GMT
Content-Type: text/javascript
Last-Modified: Fri, 13 Dec 2024 00:32:15 GMT
Server: Kestrel
Vary: Accept-Encoding

GET
H/1.1 200
OK main.ce7838f0.js Show response
sparksecure-test-qa-01.hrblock-qas.ca/static/js/ 2 MB
645 KB 202ms
120ms Script
text/javascript 20.115.232.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sparksecure-test-qa-01.hrblock-qas.ca/static/js/main.ce7838f0.js

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.115.232.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel / ARR/3.0, ASP.NET

Resource Hash

652b433fd7f0687933c95cca6b11d65d34318e11f06ad24ed4bcda44ffac804d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Powered-By: ARR/3.0, ASP.NET
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: "1db4ce247686ca7"
Accept-Ranges: bytes
Date: Fri, 13 Dec 2024 19:11:55 GMT
Content-Type: text/javascript
Last-Modified: Thu, 12 Dec 2024 22:07:48 GMT
Server: Kestrel
Vary: Accept-Encoding

GET
H/1.1 200
OK main.75c1a772.css
sparksecure-test-qa-01.hrblock-qas.ca/static/css/ 318 KB
68 KB 196ms
100ms Stylesheet
text/css 20.115.232.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.115.232.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel / ARR/3.0, ASP.NET

Resource Hash

9ddf192ed8e61724a0999cc9fbd92cfad33fb3bd2e210f9831bba7a6ace093eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Powered-By: ARR/3.0, ASP.NET
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: "1db4ce2474fab6a"
Accept-Ranges: bytes
Date: Fri, 13 Dec 2024 19:11:55 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Dec 2024 22:07:48 GMT
Server: Kestrel
Vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 385 KB
116 KB 139ms
61ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P77LF8T

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46eeb92760dc2f8de596688b9917231a171f2be77a4d3c7353c21838061fb7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 13 Dec 2024 19:11:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 19:11:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 118171
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css
fonts.googleapis.com/ 14 KB
947 B 210ms
105ms Stylesheet
text/css 2607:f8b0:400d:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700,900

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b98b502ae442fc075f1a07299bedaa7c0a48e4a26b4b878a848b25be9df380f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 19:11:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 19:11:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 19:11:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 747 B
435 B 207ms
103ms Stylesheet
text/css 2607:f8b0:400d:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Galada:400,500,600,700,900

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7978be170328b9e720f5de4c93cab0b800112aa360425c5e30ef58c4720bf3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 19:11:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 19:11:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 19:11:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 9 KB
842 B 205ms
101ms Stylesheet
text/css 2607:f8b0:400d:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cb8137da439af819057d3ed77c3bc49c4efad1e5773a4171280d08c6db9e5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 19:11:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 19:11:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 19:11:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 icon
fonts.googleapis.com/ 569 B
811 B 154ms
50ms Stylesheet
text/css 2607:f8b0:400d:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 19:11:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 19:11:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 19:11:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 163ms
30ms Script
application/javascript 2600:1408:c400:5::17c7:3719
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

5615cdac4c30b1fb905891f5de1e1dcf7745b6b0ec88cfc89360ee48fc240977

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

cache-control: max-age=30797
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5114
date: Fri, 13 Dec 2024 19:11:56 GMT
last-modified: Wed, 11 Dec 2024 08:31:33 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 23484640733.js Show response
cdn.optimizely.com/js/ 217 KB
66 KB 70ms
29ms Script
text/javascript 2606:4700::6812:4239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/js/23484640733.js
Requested by: Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c0a95d751f6d1ad6fe4f97ea87ecaa7bc2fb3e476588b3f82df149a5463464

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: HIT
etag: "33341108765f765d7c07e2175f38b3c9"
x-amz-version-id: bBf3c0WKhajLkeT.vIbjp9AzeOmst5Si
age: 259
access-control-allow-methods: GET, HEAD
date: Fri, 13 Dec 2024 19:11:56 GMT
x-amz-meta-revision: 62
content-type: text/javascript; charset=utf-8
last-modified: Mon, 20 May 2024 09:08:20 GMT
vary: Accept-Encoding
x-amz-id-2: t6gidFnf/L7SlGKqQNZ0Zv6BF8rvIqHUyGRfGS2xKFtmXz9oGOPiFduEnPRniJhTG5Mo4liw5yQ=
access-control-allow-headers: *
x-amz-replication-status: COMPLETED
cache-control: max-age=120
timing-allow-origin: *
x-amz-meta-pci_enabled: False
access-control-allow-credentials: false
x-amz-request-id: JX36QF0YP68157Q8
cf-ray: 8f18434c2cb1a2f3-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67062
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 a8214761424.html
a8214761424.cdn.optimizely.com/client_storage/ Frame 4968 0
0 131ms
46ms Document
text/html 2606:4700::6812:4139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a8214761424.cdn.optimizely.com/client_storage/a8214761424.html
Requested by: Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 294
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 8f18434d5b94a286-YUL
content-encoding: gzip
content-length: 892
content-type: text/html; charset=utf-8
date: Fri, 13 Dec 2024 19:11:57 GMT
etag: "7d043f30e531e9499186a85769ba01d9"
last-modified: Mon, 20 May 2024 09:08:17 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT"
vary: Accept-Encoding
x-amz-id-2: voRsZLchsqSiff7sh4HBfypkgJXVKJDJZvXF1m7BpPPqkeKyV0VMqHXxfVAwSzk85JiEXeEHTBw=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: 3K8K1KJ8NXBFZBTJ
x-amz-server-side-encryption: AES256
x-amz-version-id: BGy4EAEdNEP2HjZ7IpUiQhbzHe0cMELK

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 30ms
30ms Script
application/javascript 2600:1408:c400:5::17c7:3719
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

cache-control: max-age=83181
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14634
date: Fri, 13 Dec 2024 19:11:56 GMT
last-modified: Mon, 02 Dec 2024 19:22:52 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
815 B 120ms
67ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5407514&time=1734117116978&url=https%3A%2F%2Fsparksecure-test-qa-01.hrblock-qas.ca%2F
Requested by: Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 0006292b9ac2df5ebec4c86525805404
x-msedge-ref: Ref A: ED9199E3D0134036A66ACE3D3277229B Ref B: YMQ01EDGE0410 Ref C: 2024-12-13T19:11:57Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYpK5rC316+xMhlJYBUBA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 13 Dec 2024 19:11:56 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5407514&time=1734117116978&li_adsId=3e34d951-d398-498d-a391-d21456ffcc0f&url=https%3A%2F%2Fsparksecure-test-qa-01.hrblock-qas.ca%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5407514&time=1734117116978&li_adsId=3e34d951-d398-498d-a391-d21456ffcc0f&url=https%3A%2F%2Fsparksecure-test-qa-01.hrblock-qas.ca%2F&e_ipv6=AQJlcn...

0
265 B

226ms
170ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5407514&time=1734117116978&li_adsId=3e34d951-d398-498d-a391-d21456ffcc0f&url=https%3A%2F%2Fsparksecure-test-qa-01.hrblock-qas.ca%2F&e_ipv6=AQJlcnHDQV9kGgAAAZPBb0yhEW9nxoBBtwqpeS-HzbytYZTSMML0TKvKgbQX0v1Qg86TLsdq
Requested by: Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 82CDE4D379B14A87BF6340814B383DA5 Ref B: YMQ01EDGE0821 Ref C: 2024-12-13T19:11:57Z
x-li-fabric: prod-lor1
x-li-uuid: AAYpK5rGu51DcSTVuqUTiw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 13 Dec 2024 19:11:57 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5407514&time=1734117116978&li_adsId=3e34d951-d398-498d-a391-d21456ffcc0f&url=https%3A%2F%2Fsparksecure-test-qa-01.hrblock-qas.ca%2F&e_ipv6=AQJlcnHDQV9kGgAAAZPBb0yhEW9nxoBBtwqpeS-HzbytYZTSMML0TKvKgbQX0v1Qg86TLsdq
x-msedge-ref: Ref A: 249442A2142D426AADF7FA5562E18D1D Ref B: YMQ01EDGE0519 Ref C: 2024-12-13T19:11:57Z
x-li-fabric: prod-lor1
x-li-uuid: AAYpK5rDPuJjIlAQCafo+A==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 13 Dec 2024 19:11:56 GMT

GET
H/1.1 200
OK configuration
sparksecure-test-qa-01.hrblock-qas.ca/api/ 302 B
611 B 92ms
91ms XHR
application/json 20.115.232.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sparksecure-test-qa-01.hrblock-qas.ca/api/configuration

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.115.232.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

traceparent: 00-8fcc2c23ecc92c2aa7bf5bc1ce941f40-540947d853f8efcf-01
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-api-version: 2020.0
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjUzNTQzNyIsImFwIjoiNzA1OTI2OTI2IiwiaWQiOiI1NDA5NDdkODUzZjhlZmNmIiwidHIiOiI4ZmNjMmMyM2VjYzkyYzJhYTdiZjViYzFjZTk0MWY0MCIsInRpIjoxNzM0MTE3MTE3MjY4fX0=
tracestate: 535437@nr=0-1-535437-705926926-540947d853f8efcf----1734117117268

Response headers

Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Encoding: gzip
Content-Length: 304
Date: Fri, 13 Dec 2024 19:11:57 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Server: Kestrel
X-Powered-By: ARR/3.0, ASP.NET

GET
H2 200 heap-2952186237.js
cdn.heapanalytics.com/js/ 117 KB
38 KB 273ms
157ms Script
application/javascript 3.162.125.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2952186237.js

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-33.iad61.r.cloudfront.net

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
content-encoding: br
etag: W/"1d4bc-btRdVBoAeyeTQCvlwylSeDYET40"
cross-origin-resource-policy: cross-origin
via: 1.1 0d9fa547d973207140747f5567b6a0fa.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: ZtXTCeVLHZzH_PpRSfhbei5ThfCcArCstJD6fJYoKp3_hvHh47cesA==
date: Fri, 13 Dec 2024 19:11:57 GMT
content-type: application/javascript; charset=utf-8
x-powered-by: Express
server: nginx
x-amz-cf-pop: IAD61-P3
vary: Accept-Encoding

GET
H/1.1 200
OK Graphik-Regular-Web.10aed69ae09315f57695.woff
sparksecure-test-qa-01.hrblock-qas.ca/static/media/ 47 KB
48 KB 95ms
95ms Font
application/font-woff 20.115.232.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sparksecure-test-qa-01.hrblock-qas.ca/static/media/Graphik-Regular-Web.10aed69ae09315f57695.woff

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.115.232.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://sparksecure-test-qa-01.hrblock-qas.ca
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Response headers

Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Cache-Control: public, max-age=0
ETag: "1db4ce2474bef97"
Accept-Ranges: bytes
Content-Length: 48535
Date: Fri, 13 Dec 2024 19:11:57 GMT
Content-Type: application/font-woff
Last-Modified: Thu, 12 Dec 2024 22:07:48 GMT
Server: Kestrel
X-Powered-By: ARR/3.0, ASP.NET

GET
H/1.1 200
OK view-dashboard-outline.a4ba4eaf34ed6e3aff15195f5e775695.svg
sparksecure-test-qa-01.hrblock-qas.ca/static/media/ 287 B
656 B 100ms
100ms Image
image/svg+xml 20.115.232.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sparksecure-test-qa-01.hrblock-qas.ca/static/media/view-dashboard-outline.a4ba4eaf34ed6e3aff15195f5e775695.svg

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.115.232.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/home

Response headers

Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Cache-Control: public, max-age=0
ETag: "1db4ce2474b531f"
Accept-Ranges: bytes
Content-Length: 287
Date: Fri, 13 Dec 2024 19:11:57 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 12 Dec 2024 22:07:48 GMT
Server: Kestrel
X-Powered-By: ARR/3.0, ASP.NET

GET
H2

200

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=proportalOIDC&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://sparksecure-te...
https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri...

9 KB
9 KB

112ms
111ms

Document
text/html

20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/static/js/main.ce7838f0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

09288e794cb20a9e8d713bc4e9a8c3c51458e6da73e7109cc323cbccb122da6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en
content-type: text/html;charset=UTF-8
date: Fri, 13 Dec 2024 19:11:57 GMT
expires: 0
pragma: no-cache
server: Apereo CAS
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 13 Dec 2024 19:11:57 GMT
expires: 0
location: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
pragma: no-cache
server: Apereo CAS
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK Graphik-Bold-Web.6a2400b58cedfb73240f.woff
sparksecure-test-qa-01.hrblock-qas.ca/static/media/ 49 KB
49 KB 104ms
104ms Font
application/font-woff 20.115.232.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sparksecure-test-qa-01.hrblock-qas.ca/static/media/Graphik-Bold-Web.6a2400b58cedfb73240f.woff

Requested by

Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.115.232.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://sparksecure-test-qa-01.hrblock-qas.ca
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/static/css/main.75c1a772.css

Response headers

Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Cache-Control: public, max-age=0
ETag: "1db4ce2474b9680"
Accept-Ranges: bytes
Content-Length: 50304
Date: Fri, 13 Dec 2024 19:11:57 GMT
Content-Type: application/font-woff
Last-Modified: Thu, 12 Dec 2024 22:07:48 GMT
Server: Kestrel
X-Powered-By: ARR/3.0, ASP.NET

POST
H2 204 /
px.ads.linkedin.com/wa/ 0
211 B 112ms
110ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: sparksecure-test-qa-01.hrblock-qas.ca
URL: https://sparksecure-test-qa-01.hrblock-qas.ca/newrelic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AE83C3667CE84CDB929D15CF07FFDAE1 Ref B: YMQ01EDGE0519 Ref C: 2024-12-13T19:11:57Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYpK5rI365md5hikwEZbQ==
x-li-proto: http/2
access-control-allow-origin: https://sparksecure-test-qa-01.hrblock-qas.ca
x-cache: CONFIG_NOCACHE
date: Fri, 13 Dec 2024 19:11:56 GMT
vary: Origin

GET
H2 200 telemetry
heapanalytics.com/api/ 32 B
234 B 122ms
30ms Image
image/gif 52.21.66.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=2952186237&te=type&te=data&te=cm&te=resetIdentityTelemetry%20-%20anonymous%20user&st=1734117117660&hv=4.23.4&lv=4.23.4&ld=cdn.heapanalytics.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.66.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-66-64.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 32
date: Fri, 13 Dec 2024 19:11:57 GMT
pragma: no-cache
content-type: image/gif

GET
H2 200 h
heapanalytics.com/ 37 B
377 B 112ms
30ms Image
image/gif 52.21.66.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2952186237&u=7239276124366726&v=7647420625070213&s=7052830581250248&b=web&tv=4.0&z=0&h=%2Fhome&d=sparksecure-test-qa-01.hrblock-qas.ca&t=ClientSpark&ts=1734117117669&sch=1200&scw=1600&st=1734117117672&lv=4.23.4&ld=cdn.heapanalytics.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.66.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-66-64.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sparksecure-test-qa-01.hrblock-qas.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Fri, 13 Dec 2024 19:11:57 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 normalize.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/normalize.css/8.0.1/ 6 KB
6 KB 110ms
97ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/normalize.css/8.0.1/normalize.css

Requested by

Host: service-cas-azure-qa-01.hrblock-qas.ca
URL: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 6138
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 bootstrap-grid.min.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/bootstrap/4.5.0/css/ 50 KB
50 KB 111ms
98ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/bootstrap/4.5.0/css/bootstrap-grid.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

e216f49acdbe944b8034d0323ac03cb1562adb6d3cbc767bebe81ea56e1da603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 50995
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 material-components-web.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/material-components-web/4.0.0/dist/ 318 KB
318 KB 109ms
97ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/material-components-web/4.0.0/dist/material-components-web.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1ff8d34ed8c7d30550864936a761d7ce500712956d63becbe7484401d188cad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 325274
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 materialdesignicons.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/mdi__font/5.0.45/css/ 274 KB
275 KB 269ms
257ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/mdi__font/5.0.45/css/materialdesignicons.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

2670ab6235d643c1b8c31504677a38226fcc526e89222081efe80b723a3a83b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 280565
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 cas.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 241 KB
241 KB 106ms
95ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/cas.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

bb3e2f5e170c8e53299996b1edca81852e950160e71e1cf8969acdad9208a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 246356
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
833 B 62ms
50ms Stylesheet
text/css 2607:f8b0:400d:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

156f93e25a16656ac9c9a9ed4817cd9aa09958a8fe848964d105b7e23d58681a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 19:11:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 19:11:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 13 Dec 2024 18:00:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 hrb-card-widget.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 1 KB
2 KB 107ms
96ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/hrb-card-widget.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

112ebd1f3f6a42c2574d558d8d8c8455679acd20e7a4cdc686b8dbf8a1217cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1393
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-cas.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 552 B
847 B 109ms
99ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/hrb-cas.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

72f095d70b0d69330ac73c3cb4108e9f3afa9bb6828a928d550b1812dbc88ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 552
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-checkbox.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 923 B
1 KB 103ms
93ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/hrb-checkbox.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

70ace91f3a0f1c8388daed852a861462cdf17215deb8c2218bf5ffc5111b970e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 923
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-errors.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 1 KB
1 KB 107ms
97ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/hrb-errors.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

7fe7903ce2632538c46cc0b5fdcadbbb8c2ee7434930e5cd851593c5624dd88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1074
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-field.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 108 B
403 B 105ms
95ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/hrb-field.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

ab9fdb993022e9fa0c2e50488d716186aecc5526ee20bbe3f24d0adbd77a1996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 108
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-login.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 658 B
953 B 270ms
260ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/hrb-login.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

ff1a2c5955c65e646f54259039e3e7bb7b9c82ca165bba641a5de4272739fc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 658
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-navbar.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 922 B
1 KB 266ms
257ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/hrb-navbar.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

f09141f2f7dea719c73385e5862f7183a90d35bff7d7e3a96ee97f8d97222563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 922
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-2fa.css
service-cas-azure-qa-01.hrblock-qas.ca/cas/css/ 326 B
621 B 270ms
261ms Stylesheet
text/css 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/css/hrb-2fa.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

94e930950d5878f513802a3a816e57048fff5bedb5143c7cb5fedabc0e5c8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 326
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 68ms
35ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 245794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fs9Akmes%2BDlPOOImOFRhzJBJUHq%2FeqURfzip9JSQolDaNP8EXAORJB0aeviod%2FpMuj2UMoYq1dmBI%2FPHA%2Fkf5VYY9p7oarteMPvAh8VEMfke2J5RW7x4J95KFEFCUWCSzm%2FA7Ghm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 19:11:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 13 Dec 2024 19:11:57 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f184352b933542b-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 es5-shim.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/es5-shim/4.5.9/ 83 KB
83 KB 270ms
262ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/es5-shim/4.5.9/es5-shim.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

baa149cfca28ea70ccc424d5e526768f8177d7c2153ad2b6c0dd76693b66794a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 84557
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 css-vars-ponyfill.min.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/css-vars-ponyfill/2.3.1/dist/ 22 KB
22 KB 273ms
265ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/css-vars-ponyfill/2.3.1/dist/css-vars-ponyfill.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 22494
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 jquery.min.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/jquery/3.5.1/ 87 KB
88 KB 269ms
261ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 89476
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 material-components-web.js
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/material-components-web/4.0.0/dist/ 929 KB
930 KB 270ms
263ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/material-components-web/4.0.0/dist/material-components-web.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 951419
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 cas.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/js/ 3 KB
3 KB 270ms
263ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/js/cas.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

58b863a4c10da17158c40c29f542890d3b51542fd3d9172a74ef75c53a030258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2981
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 language-switcher.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/js/ 862 B
1 KB 267ms
261ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/js/language-switcher.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

e14bda4aa379c1a777ca28e1038247e8650ebea9f5a3a58e85a566722cc53079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 862
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-login.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/js/ 5 KB
5 KB 268ms
263ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/js/hrb-login.js?v=3378

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

c11a8fd2acb8a9e9f4189f40222e3a2f0085b0d08042032c760154cff76670eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5193
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb-gtm.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/js/ 1 KB
1 KB 271ms
265ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/js/hrb-gtm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1ebb5f23935ba97d6452d8dd3a5b1c0de72fa09c76ea1be7a6b106f189844d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1178
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 js.cookie.min.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/js/ 2 KB
2 KB 270ms
265ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/js/js.cookie.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1685
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 heap.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/js/ 621 B
926 B 269ms
264ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/js/heap.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

bc5aa56daca3e7d743828c64d97907d99fd6640053b5c0c6f408e3d0f46bca03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 621
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 heap-init.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/js/ 149 B
454 B 269ms
264ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/js/heap-init.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

5fc21462803f9d1a092c18bd1033a79bf7c103a1b2b1523fa751555fa8ac7dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 149
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 heap-service.js Show response
service-cas-azure-qa-01.hrblock-qas.ca/cas/js/ 2 KB
2 KB 266ms
262ms Script
application/javascript 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/js/heap-service.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

ad68b6241297a314650de9e3173f2f370752f87e0b18daac25ca359f8f907f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2232
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2 200 hrb_logo.svg
service-cas-azure-qa-01.hrblock-qas.ca/cas/images/ 3 KB
3 KB 264ms
260ms Image
image/svg+xml 20.29.179.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/images/hrb_logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.29.179.18 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apereo CAS /

Resource Hash

1d663e50db6646c8a64a087ba0b804ddcdee8e8b15ff2a3623cb9014b77ae74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient

Response headers

strict-transport-security: max-age=15768000 ; includeSubDomains
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
expires: 0
accept-ranges: bytes
content-length: 2870
date: Fri, 13 Dec 2024 19:11:57 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: Apereo CAS
last-modified: Wed, 11 Dec 2024 22:12:19 GMT

GET
H2

200

Primary Request authorize Show response
login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/
Redirect Chain

https://service-cas-azure-qa-01.hrblock-qas.ca/cas/clientredirect?client_name=AzureAD&service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3...
https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_n...

40 KB
17 KB

255ms
139ms

Document
text/html

2603:1037:1:130::5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2603:1037:1:130::5 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb2b5c98d01933c351eddb27748b6dc23830a01c37a6ecc76e0d0440b210cfa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/login?service=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DproportalOIDC%26redirect_uri%3Dhttps%253A%252F%252Fsparksecure-test-qa-01.hrblock-qas.ca%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3Dundefined%26client_name%3DCasOAuthClient
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
content-length: 14854
content-security-policy-report-only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-1O4FK9Hxvxr-80eMlAZoSQ' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
content-type: text/html; charset=utf-8
date: Fri, 13 Dec 2024 19:11:58 GMT
expires: -1
link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: DENY
x-ms-ests-server: 2.1.19683.3 - NCUS ProdSlices
x-ms-request-id: fa15fb87-2914-4e37-a8fb-03875e877b00
x-ms-srs: 1.P
x-xss-protection: 0

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en
content-length: 0
date: Fri, 13 Dec 2024 19:11:58 GMT
expires: 0
location: https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile
pragma: no-cache
server: Apereo CAS
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2
fonts.gstatic.com/s/notosans/v38/ 0
0

GET materialdesignicons-webfont.woff2
service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/mdi__font/5.0.45/fonts/ 0
0

GET
H2 200 converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 111 KB
20 KB 110ms
25ms Stylesheet
text/css 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D15A) /
Resource Hash: 6cc79c59f00478ce5d8eaa982efdd8fc3cc205a7ea023a564bb2688fa206a087

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/

Response headers

content-md5: O6TXahet0KbDTuaW8oyFQQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DCFFB1F10FB7D8
age: 2987187
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: text/css
last-modified: Fri, 08 Nov 2024 04:58:09 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 3b6bc20b-601e-0074-7b67-32603e000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20410
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D15A)

GET
H2 200 ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 440 KB
120 KB 113ms
28ms Script
application/x-javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D157) /
Resource Hash: 3bb35e786c5ef0186c1202ce43b9745d0ea7315c2158259bdfbdf9cc028780c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/

Response headers

content-md5: rJpu1Qgyg2GkyVMDJalAdg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DD0A95DDC3438A
age: 1770722
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: application/x-javascript
last-modified: Fri, 22 Nov 2024 01:34:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 911e61bd-001e-00f4-5478-3d9f38000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 122515
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D157)

GET
H2 200 ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js Show response
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 56 KB
16 KB 111ms
26ms Script
application/x-javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D11D) /
Resource Hash: 993a5748db7b6bc125f88788845a7599234130bce2858b528071035488cb886d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/

Response headers

content-md5: GHueukH99mssj362RdK8Fw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DCF55E8343790A
age: 3975711
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: application/x-javascript
last-modified: Sat, 26 Oct 2024 01:35:45 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 42813f20-401e-003b-3a6a-298f88000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16345
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D11D)

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 268ms
89ms Other
text/html 20.190.155.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.155.131 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

GET
H2 200 oneDs_f2e0f4a029670f10d892.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 186 KB
60 KB 96ms
25ms Script
application/x-javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D111) /
Resource Hash: 8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: wegr9xrdYirQ87+FcvY0/A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DB5D44A2CEB430
age: 22764408
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: application/x-javascript
last-modified: Thu, 25 May 2023 17:22:37 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 6d5ef305-c01e-002f-4e88-7e420a000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61052
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D111)

GET
H2 200 convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 397 KB
114 KB 27ms
26ms Script
application/x-javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D12F) /
Resource Hash: 54b34ea260d9dcf6d7961a60c9b540673312a965f9ddc2f1ab9855d622bfa07c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: MGOw2kC0W0ZgL86ZrFPTFQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DD05A56313A35E
age: 2102550
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Nov 2024 18:43:24 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: be73a7ae-b01e-0083-0c73-3a4aac000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116343
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D12F)

GET
H2 200 favicon
aadcdn.msftauthimages.net/dbd5a2dd-xb7evaii9dqa9g8d2muqdepsr9x7p0s09dre7mb71da/logintenantbranding/0/ 1 KB
2 KB 271ms
72ms Other
image/* 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://aadcdn.msftauthimages.net/dbd5a2dd-xb7evaii9dqa9g8d2muqdepsr9x7p0s09dre7mb71da/logintenantbranding/0/favicon?ts=638091158472476517

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cfef619ca55413feca732d954f5d53fb55199170be7c04002e45fb6890e7023f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DAF4872365AD71
x-fd-int-roxy-purgeid: 50755578
x-content-type-options: nosniff
x-cache: TCP_REVALIDATED_HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: image/*
last-modified: Thu, 12 Jan 2023 10:24:07 GMT
cache-control: public, max-age=86400
x-ms-request-id: 524fbf58-201e-0022-530a-4bc24c000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1243
x-azure-ref: 20241213T191159Z-17cf4964b89kmdd4hC1YTOvqds0000000mkg000000001q6w
x-ms-blob-type: BlockBlob

GET
H2 200 convergedlogin_pfetchsessionsprogress_1cd84c14a6b01fcd8515.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 28ms
27ms Script
application/x-javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_1cd84c14a6b01fcd8515.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D12E) /
Resource Hash: 73911b6531d9af94c4b34095f0899a00cb5765a417a5eedac85d5dc5458390f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: KM5b+LrLltHCz6AJIUXG7g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DD05A5631A7984
age: 2083154
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Nov 2024 18:43:24 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 7aa08a6d-901e-00dc-13a0-3a6072000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5525
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D12E)

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 27ms
26ms Image
image/gif 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D179) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: Fm3lNHEmUlOrOkVt7+baIw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DB5C3F4982FD30
age: 22764014
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: image/gif
last-modified: Wed, 24 May 2023 10:11:48 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 5fdf9378-001e-005b-7589-7e1c02000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2672
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D179)

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 27ms
27ms Image
image/gif 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D144) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: tUCo5RgDcZLjLE/li/Lbqw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DB5C3F492F3EE5
age: 22764367
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: image/gif
last-modified: Wed, 24 May 2023 10:11:48 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 2502d487-701e-0068-3488-7e4015000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3620
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D144)

GET
H2 200 illustration
aadcdn.msftauthimages.net/dbd5a2dd-xb7evaii9dqa9g8d2muqdepsr9x7p0s09dre7mb71da/logintenantbranding/0/ 52 KB
53 KB 132ms
47ms Image
image/* 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aadcdn.msftauthimages.net/dbd5a2dd-xb7evaii9dqa9g8d2muqdepsr9x7p0s09dre7mb71da/logintenantbranding/0/illustration?ts=637248974417318326

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e26fc09734421808c5e145e96795cdc44f3445d8f3b547689f3fe40d7a108fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

x-cache-info: L1_T2
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D7F690E226B6FB
x-fd-int-roxy-purgeid: 50755578
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: image/*
last-modified: Tue, 12 May 2020 16:24:02 GMT
cache-control: public, max-age=86400
x-ms-request-id: 9622146a-b01e-0042-0840-3cbed3000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53419
x-azure-ref: 20241213T191159Z-17cf4964b89kmdd4hC1YTOvqds0000000mkg000000001q6v
x-ms-blob-type: BlockBlob

GET
H2 200 microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
2 KB 27ms
27ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D12A) /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: nzaLxFgP7ZB3dfMcaybWzw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DB5C3F495F4B8C
age: 22764418
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: image/svg+xml
last-modified: Wed, 24 May 2023 10:11:48 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 595f60f2-701e-00d0-2f88-7e6e40000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1435
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D12A)

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/winauth/ 12 B
2 KB 456ms
165ms Image
image/png 2603:1036:3000:f8::4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/winauth/ssoprobe?client-request-id=f92b70f7-2918-4733-bab7-d5e3b3f0c56f&_=1734117119570

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:f8::4 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

x-ms-ests-server: 2.1.19683.3 - NCUS ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, OPTIONS
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Date: Fri, 13 Dec 2024 19:11:59 GMT
Content-Type: image/png; charset=utf-8
Vary: Origin
Cache-Control: no-store, no-cache
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Pragma: no-cache
WWW-Authenticate: Negotiate
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin-when-cross-origin
x-ms-request-id: afee27b6-4043-4c88-a45a-6105a45b8000
Content-Security-Policy-Report-Only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-oMsfi9mS-dwS9NHDbrMEyg' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
Access-Control-Allow-Origin: https://login.microsoftonline.com
Content-Length: 12
X-XSS-Protection: 0

POST
H2 200 dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 120ms
111ms XHR
application/json 2603:1037:1:130::5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2603:1037:1:130::5 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9d0562c19dac996a1d2a1caaa74e8ab9d18d86fdaa1622d3d5f6d2f5378ad030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgid: 1104
Referer: https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile
hpgact: 1800
canary: PAQABDgEAAADW6jl31mB3T7ugrWTT8pFegRw5irMVj9m_wWnLhkpAnHZXSTq0eAQ4eKQHmatDHJweB3ufx-9Wf72OU9_LLc-jKDXqCb5HSNFH6orCer9c1LLUBT57CVld3sCHp0FWx7uaPPAZit9hfVLl03EMWb4_b4_ulwHf6tlBrN2GTO0gJ05aFO6KOle9cvMcChwDRBCo2cUENLFz6hKT9T9VpLFgkWNKX8rjidqbZA5Mauay7CAA
client-request-id: f92b70f7-2918-4733-bab7-d5e3b3f0c56f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
hpgrequestid: fa15fb87-2914-4e37-a8fb-03875e877b00
Content-type: application/json; charset=UTF-8

Response headers

x-ms-ests-server: 2.1.19683.3 - WUS3 ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-content-type-options: nosniff
access-control-allow-methods: POST, OPTIONS
expires: -1
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
date: Fri, 13 Dec 2024 19:11:59 GMT
content-type: application/json; charset=utf-8
x-ms-srs: 1.P
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store, no-cache
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-ms-request-id: 7bc6531b-2352-429b-92a3-1c66abe34000
content-security-policy-report-only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-f6VZAwFcL4mOrz180mhVPw' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
client-request-id: f92b70f7-2918-4733-bab7-d5e3b3f0c56f
access-control-allow-origin: https://autologon.microsoftazuread-sso.com/
content-length: 265
x-xss-protection: 0

GET
H2 200 convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
35 KB 25ms
25ms Script
application/x-javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D14B) /
Resource Hash: c30fd6bb912661057ec2eea9a2f135303a6d0f8d110bf11493b369286f0587ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: FxpN2UAHCLiHJLV9YrJKag==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DD05A56399A1D5
age: 2102550
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:12:00 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Nov 2024 18:43:25 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 5578df23-a01e-0007-6173-3aed04000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35170
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D14B)

GET
H2 200 signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 2 KB
773 B 29ms
28ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D162) /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: R2FAVxfpONfnQAuxVxXbHg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DB5C3F4BB4F03C
age: 22764371
x-ms-version: 2009-09-19
x-cache: HIT
date: Fri, 13 Dec 2024 19:12:00 GMT
content-type: image/svg+xml
last-modified: Wed, 24 May 2023 10:11:52 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 2c91614c-c01e-0013-5788-7e9702000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 621
x-ms-blob-type: BlockBlob
server: ECAcc (nyd/D162)

POST
H2 200 / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
767 B 572ms
225ms XHR
application/json 20.52.64.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.52.64.201 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

f4907226d56e97fab84ecacf40d92d0fa7fb97b44510f821160f2935b6636432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

cache-control: no-cache, no-store
Referer: https://login.microsoftonline.com/
Client-Id: NO_AUTH
upload-time: 1734117122046
time-delta-to-apply-millis: use-collector-delta
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/x-json-stream
client-version: 1DS-Web-JS-3.2.6
apikey: 69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293

Response headers

strict-transport-security: max-age=31536000
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: https://login.microsoftonline.com
content-length: 153
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date: Fri, 13 Dec 2024 19:12:02 GMT
content-type: application/json
server: Microsoft-HTTPAPI/2.0
time-delta-millis: 1070
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis

OPTIONS
H2 200 /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 663ms
228ms Preflight 20.52.64.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.52.64.201 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://login.microsoftonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin: https://login.microsoftonline.com
access-control-max-age: 3600
cache-control: public, 3600
content-length: 0
date: Fri, 13 Dec 2024 19:12:02 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/notosans/v38/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2

Domain: service-cas-azure-qa-01.hrblock-qas.ca
URL: https://service-cas-azure-qa-01.hrblock-qas.ca/cas/webjars/mdi__font/5.0.45/fonts/materialdesignicons-webfont.woff2?v=5.0.45

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
service-cas-azure-qa-01.hrblock-qas.ca/cas/	1969-12-31 23:59:59	Name: SESSION Value: NWEyYTNhOTgtMzg1OC00NTc3LWFiMDgtYjM4ZTg4ZWViYzdm
service-cas-azure-qa-01.hrblock-qas.ca/cas/	1969-12-31 23:59:59	Name: DISSESSION Value: 431d001c-f1e9-442c-8877-f1c4509b0c34
.sparksecure-test-qa-01.hrblock-qas.ca/	1969-12-31 23:59:59	Name: ARRAffinity Value: dceba16ff59c5cf557367edec87335b6db00b4b59eabe964c2f02e0bd6d966c1
.sparksecure-test-qa-01.hrblock-qas.ca/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: dceba16ff59c5cf557367edec87335b6db00b4b59eabe964c2f02e0bd6d966c1
.hrblock-qas.ca/	1970-01-21 06:01:09	Name: optimizelyEndUserId Value: oeu1734117116906r0.42233190274271437
.linkedin.com/	1970-01-21 10:27:33	Name: bcookie Value: "v=2&cd906175-300b-4a1e-8408-834c1c30d024"
.linkedin.com/	1970-01-21 06:01:09	Name: li_gc Value: MTswOzE3MzQxMTcxMTc7MjswMjED2cKgrwg3VnCUwnA7rwYRxYFRy/6Thxos5ZJWwCZZ8A==
.linkedin.com/	1970-01-21 01:43:23	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3475:u=1:x=1:i=1734117117:t=1734203517:v=2:sig=AQEVS9PGhFKgAfUWY-uMLJPcX-H8VkIq"
.hrblock-qas.ca/	1970-01-21 11:09:54	Name: _hp2_id.2952186237 Value: %7B%22userId%22%3A%227239276124366726%22%2C%22pageviewId%22%3A%227647420625070213%22%2C%22sessionId%22%3A%227052830581250248%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
service-cas-azure-qa-01.hrblock-qas.ca/	1969-12-31 23:59:59	Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: en
.service-cas-azure-qa-01.hrblock-qas.ca/	1969-12-31 23:59:59	Name: pac4jCsrfToken Value: 61029952-dac3-4170-8cfb-25a63935b69c
.hrblock-qas.ca/	1970-01-21 01:41:58	Name: _hp2_ses_props.2952186237 Value: %7B%22ts%22%3A1734117117669%2C%22d%22%3A%22sparksecure-test-qa-01.hrblock-qas.ca%22%2C%22h%22%3A%22%2Fhome%22%7D
login.microsoftonline.com/	1970-01-21 02:25:09	Name: buid Value: 1.AX0ALzuJdvoKukWncu4CkzzY2Ja4f4y4bFlMtIRpMxXld6i1AAB9AA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFeE1AwAkWagG24wbWizeuLWBBcq9JSvATcjvpCWHVLQC4sn_6vBdqsrD59sjGQirRczE-NkJkpd8WYcmi2aLQMtdqFx-JMcAXIDyKTNwieaCMgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFeDRQJ90b6MYvl4Hi3wjQnM_XrEyoHjt7naEk4Kk7r3seOgg7f3XM0WeA3P47Zwxu5opjYuzUQFfuXR65FBfe5WF3vThituo4E6u7MyEdjsUO2fUgFrN42nE5i2n7OZ7um6cGmu3BoIhM4hcxZkQCFqEmf9GHD4Dv_OafVv6zrNDogAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-IFPEep6DDo0 Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFeSGXjQN1-Le1LbyOF0CZEi6WpA3GbTrt9WamaQ6M3iJrxSfrql3ZOxyRkfmvrbjooJUfvuyXFawxYSr_8uOKbMt6Ib83A1jQgV2TB08FjWYiiOMBeP2LmdXBAt4DYG8Abey-URi5gV_1TqR95HQdTWCAA
login.microsoftonline.com/	1970-01-21 02:25:09	Name: fpc Value: Ag8q3-glp1ZDqYOanMCuf7nLUb0QAQAAAP597t4OAAAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
login.microsoftonline.com/	1970-01-21 10:27:33	Name: MicrosoftApplicationsTelemetryDeviceId Value: 45f41df3-35a7-45f9-8368-c8341e7ca2c5
.login.microsoftonline.com/	1970-01-21 11:03:33	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 333f72fc70d64498b401b3997bca1c72
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1734117119&co=1
autologon.microsoftazuread-sso.com/	1970-01-21 02:25:09	Name: fpc Value: Ap4KRNZF5OFCkQkmYwxhpNo
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
login.microsoftonline.com/	1970-01-21 01:41:58	Name: ai_session Value: pCn/VUmNQub/hn31Rds0ly\|1734117120041\|1734117120041
.microsoft.com/	1970-01-21 10:27:33	Name: MC1 Value: GUID=6657290eb4fd43c18d3869782a25b578&HASH=6657&LV=202412&V=4&LU=1734117123116
.microsoft.com/	1970-01-21 01:41:58	Name: MS0 Value: b3555b52324e48b8899c6423b7824497
login.microsoftonline.com/	1970-01-21 10:27:33	Name: MSFPC Value: GUID=6657290eb4fd43c18d3869782a25b578&HASH=6657&LV=202412&V=4&LU=1734117123116

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://autologon.microsoftazuread-sso.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/winauth/ssoprobe?client-request-id=f92b70f7-2918-4733-bab7-d5e3b3f0c56f&_=1734117119570 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation	verbose	URL: https://login.microsoftonline.com/76893b2f-0afa-45ba-a772-ee02933cd8d8/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fservice-cas-azure-qa-01.hrblock-qas.ca%2Fcas%2Flogin%3Fclient_name%3DAzureAD&state=TST-253-GVZNj5iIK7dsibL2Q3Vh2uZNZOv93OBz&client_id=8c7fb896-6cb8-4c59-b484-693315e577a8&scope=openid+email+profile Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8214761424.cdn.optimizely.com
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
browser.events.data.microsoft.com
cdn.heapanalytics.com
cdn.optimizely.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
login.live.com
login.microsoftonline.com
maxcdn.icons8.com
px.ads.linkedin.com
px4.ads.linkedin.com
service-cas-azure-qa-01.hrblock-qas.ca
snap.licdn.com
sparksecure-test-qa-01.hrblock-qas.ca
www.googletagmanager.com
fonts.gstatic.com
service-cas-azure-qa-01.hrblock-qas.ca
104.17.25.14
13.107.42.14
20.115.232.10
20.190.155.131
20.29.179.18
20.52.64.201
2600:1408:c400:5::17c7:3719
2603:1036:3000:f8::4
2603:1037:1:130::5
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700::6812:4139
2606:4700::6812:4239
2607:f8b0:400d:c04::61
2607:f8b0:400d:c0f::5f
2620:1ec:21::14
2620:1ec:29:1::40
2a02:6ea0:e200::17
3.162.125.33
52.21.66.64
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
09288e794cb20a9e8d713bc4e9a8c3c51458e6da73e7109cc323cbccb122da6f
112ebd1f3f6a42c2574d558d8d8c8455679acd20e7a4cdc686b8dbf8a1217cd0
156f93e25a16656ac9c9a9ed4817cd9aa09958a8fe848964d105b7e23d58681a
1d663e50db6646c8a64a087ba0b804ddcdee8e8b15ff2a3623cb9014b77ae74a
1e8638f605575bd335d49efa95e165adf7ef06dda8e367661ac2517a0a3a96b4
1ebb5f23935ba97d6452d8dd3a5b1c0de72fa09c76ea1be7a6b106f189844d0b
1ff8d34ed8c7d30550864936a761d7ce500712956d63becbe7484401d188cad4
2670ab6235d643c1b8c31504677a38226fcc526e89222081efe80b723a3a83b3
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
37f370861cfad4421761dd7bf04c65ce7d05c5e7e890a58bcae35981a9448b5b
3bb35e786c5ef0186c1202ce43b9745d0ea7315c2158259bdfbdf9cc028780c6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46eeb92760dc2f8de596688b9917231a171f2be77a4d3c7353c21838061fb7b5
51db597c6c7a0b1ddb5b8561261e8d5366c65cde2ffddd26cdbdb40f2632dacf
54b34ea260d9dcf6d7961a60c9b540673312a965f9ddc2f1ab9855d622bfa07c
5615cdac4c30b1fb905891f5de1e1dcf7745b6b0ec88cfc89360ee48fc240977
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
58b863a4c10da17158c40c29f542890d3b51542fd3d9172a74ef75c53a030258
5fc21462803f9d1a092c18bd1033a79bf7c103a1b2b1523fa751555fa8ac7dfc
652b433fd7f0687933c95cca6b11d65d34318e11f06ad24ed4bcda44ffac804d
6cc79c59f00478ce5d8eaa982efdd8fc3cc205a7ea023a564bb2688fa206a087
70ace91f3a0f1c8388daed852a861462cdf17215deb8c2218bf5ffc5111b970e
72f095d70b0d69330ac73c3cb4108e9f3afa9bb6828a928d550b1812dbc88ac6
73911b6531d9af94c4b34095f0899a00cb5765a417a5eedac85d5dc5458390f9
7978be170328b9e720f5de4c93cab0b800112aa360425c5e30ef58c4720bf3a5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fe7903ce2632538c46cc0b5fdcadbbb8c2ee7434930e5cd851593c5624dd88a
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8cb8137da439af819057d3ed77c3bc49c4efad1e5773a4171280d08c6db9e5ac
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
94e930950d5878f513802a3a816e57048fff5bedb5143c7cb5fedabc0e5c8d36
993a5748db7b6bc125f88788845a7599234130bce2858b528071035488cb886d
9d0562c19dac996a1d2a1caaa74e8ab9d18d86fdaa1622d3d5f6d2f5378ad030
9ddf192ed8e61724a0999cc9fbd92cfad33fb3bd2e210f9831bba7a6ace093eb
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
ab9fdb993022e9fa0c2e50488d716186aecc5526ee20bbe3f24d0adbd77a1996
ad68b6241297a314650de9e3173f2f370752f87e0b18daac25ca359f8f907f8e
b0c0a95d751f6d1ad6fe4f97ea87ecaa7bc2fb3e476588b3f82df149a5463464
b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8
b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7
b98b502ae442fc075f1a07299bedaa7c0a48e4a26b4b878a848b25be9df380f5
baa149cfca28ea70ccc424d5e526768f8177d7c2153ad2b6c0dd76693b66794a
bb2b5c98d01933c351eddb27748b6dc23830a01c37a6ecc76e0d0440b210cfa0
bb3e2f5e170c8e53299996b1edca81852e950160e71e1cf8969acdad9208a2aa
bc5aa56daca3e7d743828c64d97907d99fd6640053b5c0c6f408e3d0f46bca03
c11a8fd2acb8a9e9f4189f40222e3a2f0085b0d08042032c760154cff76670eb
c30fd6bb912661057ec2eea9a2f135303a6d0f8d110bf11493b369286f0587ae
cfef619ca55413feca732d954f5d53fb55199170be7c04002e45fb6890e7023f
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e14bda4aa379c1a777ca28e1038247e8650ebea9f5a3a58e85a566722cc53079
e216f49acdbe944b8034d0323ac03cb1562adb6d3cbc767bebe81ea56e1da603
e26fc09734421808c5e145e96795cdc44f3445d8f3b547689f3fe40d7a108fd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
f09141f2f7dea719c73385e5862f7183a90d35bff7d7e3a96ee97f8d97222563
f4907226d56e97fab84ecacf40d92d0fa7fb97b44510f821160f2935b6636432
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff1a2c5955c65e646f54259039e3e7bb7b9c82ca165bba641a5de4272739fc0b

login.microsoftonline.com Open in urlscan Pro 2603:1037:1:130::5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

96 %HTTPS

58 %IPv6

16 Domains

20 Subdomains

20 IPs

3 Countries

3590 kBTransfer

7023 kBSize

29 Cookies

2 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.microsoftonline.com Open in urlscan Pro
2603:1037:1:130::5 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

96 %
HTTPS

58 %
IPv6

16
Domains

20
Subdomains

20
IPs

3
Countries

3590 kB
Transfer

7023 kB
Size

29
Cookies

74 HTTP transactions
0 data transactions