service-cas.hrblockonline.ca
Open in
urlscan Pro
20.99.133.72
Public Scan
Submitted URL: https://2021.hrblockonline.ca/
Effective URL: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthoriz...
Submission: On February 02 via manual from CA — Scanned from CA
Effective URL: https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthoriz...
Submission: On February 02 via manual from CA — Scanned from CA
Summary
This website contacted 25 IPs
in 3 countries
across 19 domains to perform 95 HTTP transactions.
The main IP is 20.99.133.72, located in
United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is service-cas.hrblockonline.ca.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 21st 2021. Valid for: a year.
This is the only time service-cas.hrblockonline.ca was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 21st 2021. Valid for: a year.
This is the only time service-cas.hrblockonline.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
45
20.99.133.72
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| 2021.hrblockonline.ca | |
| service-cas.hrblockonline.ca |
2
13.225.214.23
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-23.ewr50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-23.ewr50.r.cloudfront.net
| cdn.heapanalytics.com |
1
198.103.206.25
(Canada)
ASN2665 (CDAGOVN, CA)
PTR: apps3.ams-sga.cra-arc.gc.ca
ASN2665 (CDAGOVN, CA)
PTR: apps3.ams-sga.cra-arc.gc.ca
| apps3.ams-sga.cra-arc.gc.ca |
1
35.186.249.72
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
| d.impactradius-event.com |
2
52.7.202.11
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-202-11.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-202-11.compute-1.amazonaws.com
| heapanalytics.com |
3
142.250.65.226
(United States)
ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
| www.googleadservices.com |
4
142.250.65.230
(United States)
ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
| 10488595.fls.doubleclick.net |
2
2a03:2880:f012:8:face:b00c:0:1
(Secaucus, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
2
2a03:2880:f112:83:face:b00c:0:25de
(Secaucus, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 45 |
hrblockonline.ca
1 redirects
2021.hrblockonline.ca service-cas.hrblockonline.ca |
5 MB |
| 7 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 Failed 10488595.fls.doubleclick.net Failed stats.g.doubleclick.net — Cisco Umbrella Rank: 96 |
2 KB |
| 5 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80 |
2 KB |
| 4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
145 KB |
| 4 |
heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3885 heapanalytics.com — Cisco Umbrella Rank: 3226 |
87 KB |
| 3 |
google.ca
www.google.ca — Cisco Umbrella Rank: 7861 |
719 B |
| 3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 385 Failed |
11 KB |
| 3 |
googleadservices.com
1 redirects
www.googleadservices.com — Cisco Umbrella Rank: 106 |
29 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
40 KB |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
498 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146 Failed |
113 KB |
| 2 |
redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1463 |
8 KB |
| 2 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
155 KB |
| 2 |
zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2185 ekr.zdassets.com — Cisco Umbrella Rank: 2460 |
7 KB |
| 2 |
cra-arc.gc.ca
1 redirects
ams-sga.cra-arc.gc.ca — Cisco Umbrella Rank: 437259 apps3.ams-sga.cra-arc.gc.ca |
6 KB |
| 1 |
reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1532 |
125 B |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
1 KB |
| 1 |
impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 2727 |
13 KB |
| 1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 881 |
23 KB |
| 95 | 19 |
| Domain | Requested by | |
|---|---|---|
| 30 | service-cas.hrblockonline.ca |
1 redirects
2021.hrblockonline.ca
service-cas.hrblockonline.ca |
| 15 | 2021.hrblockonline.ca |
2021.hrblockonline.ca
|
| 4 | 10488595.fls.doubleclick.net |
www.googletagmanager.com
|
| 4 | www.google.com |
1 redirects
2021.hrblockonline.ca
service-cas.hrblockonline.ca |
| 4 | www.googletagmanager.com |
2021.hrblockonline.ca
service-cas.hrblockonline.ca |
| 3 | www.google.ca |
www.googletagmanager.com
service-cas.hrblockonline.ca |
| 3 | bat.bing.com |
2021.hrblockonline.ca
bat.bing.com service-cas.hrblockonline.ca |
| 3 | www.googleadservices.com |
1 redirects
2021.hrblockonline.ca
www.googletagmanager.com |
| 3 | www.google-analytics.com |
2021.hrblockonline.ca
www.googletagmanager.com www.google-analytics.com |
| 2 | www.facebook.com |
service-cas.hrblockonline.ca
|
| 2 | connect.facebook.net |
2021.hrblockonline.ca
connect.facebook.net |
| 2 | www.redditstatic.com |
2021.hrblockonline.ca
www.googletagmanager.com |
| 2 | googleads.g.doubleclick.net |
www.googletagmanager.com
2021.hrblockonline.ca www.googleadservices.com |
| 2 | heapanalytics.com |
2021.hrblockonline.ca
service-cas.hrblockonline.ca |
| 2 | cdn.heapanalytics.com |
2021.hrblockonline.ca
service-cas.hrblockonline.ca |
| 1 | adservice.google.com |
10488595.fls.doubleclick.net
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | alb.reddit.com |
service-cas.hrblockonline.ca
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
service-cas.hrblockonline.ca
|
| 1 | ekr.zdassets.com |
2021.hrblockonline.ca
|
| 1 | www.gstatic.com |
2021.hrblockonline.ca
|
| 1 | d.impactradius-event.com |
2021.hrblockonline.ca
|
| 1 | static.zdassets.com |
2021.hrblockonline.ca
static.zdassets.com |
| 1 | apps3.ams-sga.cra-arc.gc.ca |
2021.hrblockonline.ca
|
| 1 | ams-sga.cra-arc.gc.ca | 1 redirects |
| 1 | unpkg.com |
2021.hrblockonline.ca
|
| 95 | 27 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| myblock.hrblockonline.ca |
| 2021.hrblockonline.ca |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.hrblockonline.ca Go Daddy Secure Certificate Authority - G2 |
2021-09-21 - 2022-10-23 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-02 - 2022-07-01 |
a year | crt.sh |
| cdn.heapanalytics.com Amazon |
2021-08-28 - 2022-09-26 |
a year | crt.sh |
| ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2021-07-08 - 2022-07-07 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| *.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA |
2021-12-10 - 2023-01-06 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| heapanalytics.com Amazon |
2021-12-09 - 2023-01-06 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| www.googleadservices.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-05 - 2022-04-02 |
6 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| *.googleadservices.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| www.bing.com Microsoft RSA TLS CA 01 |
2021-12-22 - 2022-06-22 |
6 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-11-11 - 2022-02-09 |
3 months | crt.sh |
| *.reddit.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-05 - 2022-04-02 |
6 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| *.google.ca GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient
Frame ID: E29C09F361DA12C58FDA456CCA0514FA
Requests: 84 HTTP requests in this frame
Frame:
https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T
Frame ID: 9CF7DA8DA9CC9BA79097BD8D946F8967
Requests: 2 HTTP requests in this frame
Frame:
https://10488595.fls.doubleclick.net/activityi;dc_pre=CI3h2tKY4fUCFWKHgwgdriwJRg;src=10488595;type=retar0;cat=fl-re00;ord=331189549;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F
Frame ID: C321BBCC5B926EA8C7FC2B89B2D0B106
Requests: 1 HTTP requests in this frame
Frame:
https://10488595.fls.doubleclick.net/activityi;dc_pre=CNf929KY4fUCFcP6hwod_AoMNg;src=10488595;type=retar0;cat=fl-re00;ord=9090583970795;gtm=2wg1v0;auiddc=1626391383.1643810859;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F
Frame ID: 1EB06329C6CD1246D8FE60249FF2F8C6
Requests: 1 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js
Frame ID: 7BE68B4CCA053ACEE9B1F0B3059CA8AF
Requests: 2 HTTP requests in this frame
Frame:
https://www.googletagmanager.com/ns.html?id=GTM-P77LF8T
Frame ID: 559E88AF8D2CE502F8B327395F2EA045
Requests: 2 HTTP requests in this frame
Frame:
https://10488595.fls.doubleclick.net/activityi;dc_pre=CJL8j9OY4fUCFU6zhwodQdsBCA;src=10488595;type=retar0;cat=fl-re00;ord=2122837608;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F
Frame ID: FF667067A142FD6C162C2A9F5137BEE7
Requests: 1 HTTP requests in this frame
Frame:
https://10488595.fls.doubleclick.net/activityi;dc_pre=COq9ktOY4fUCFRaEhwodgrsNLQ;src=10488595;type=retar0;cat=fl-re00;ord=2756801888085;gtm=2wg1v0;auiddc=1626391383.1643810859;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient
Frame ID: 605DFA91E9F9299C8C625012936CDD8B
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Sign In - H&R Block CanadaPage URL History Show full URLs
- https://2021.hrblockonline.ca/ Page URL
-
https://service-cas.hrblockonline.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=DIY21&scope=open...
HTTP 302
https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Heap
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- heap-\d+\.js
Impact
(Affiliate programs)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- d\.impactradius-event\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /recaptcha/api\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://myblock.hrblockonline.ca/forgot-username?lang=en&clientId=diy21
Title: username
Title: username
Search URL Search Domain Scan URL
URL: https://myblock.hrblockonline.ca/forgot-password?lang=en&clientId=diy21
Title: password
Title: password
Search URL Search Domain Scan URL
URL: https://2021.hrblockonline.ca/#/provide-your-email?lang=en
Title: I want to create an account
Title: I want to create an account
Search URL Search Domain Scan URL
URL: https://2021.hrblockonline.ca/#/guest-login?lang=en
Title: try the software first
Title: try the software first
Search URL Search Domain Scan URL
URL: https://myblock.hrblockonline.ca/dashboard?lang=en&clientId=diy21
Title: See all available years
Title: See all available years
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://2021.hrblockonline.ca/ Page URL
-
https://service-cas.hrblockonline.ca/cas/oidc/authorize?response_type=id_token%20token&client_id=DIY21&scope=openid%20profile%20profile_hrbAuth&redirect_uri=https://2021.hrblockonline.ca/%23/callback&state=8yAEGIFXQp65AozbcAyhtfqv93ShJGx3&nonce=z64zw1rsMorITqgg&googleDeviceId=&locale=en
HTTP 302
https://service-cas.hrblockonline.ca/cas/login?service=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3DDIY21%26redirect_uri%3Dhttps%253A%252F%252F2021.hrblockonline.ca%252F%2523%252Fcallback%26response_type%3Did_token%2Btoken%26googleDeviceId%3D%26client_name%3DCasOAuthClient Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/cra.js HTTP 302
- https://apps3.ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/cra.js
- https://www.googleadservices.com/pagead/conversion/1032405859/?url=https%3A%2F%2F2021.hrblockonline.ca%2F&guid=ON&script=0&data= HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/?url=https%3A%2F%2F2021.hrblockonline.ca%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=K5D6YbO2B5iYoPMPiIqy-A0&random=1007655787&sscte=1&crd=
- https://10488595.fls.doubleclick.net/activityi;src=10488595;type=retar0;cat=fl-re00;ord=331189549;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F HTTP 302
- https://10488595.fls.doubleclick.net/activityi;dc_pre=CI3h2tKY4fUCFWKHgwgdriwJRg;src=10488595;type=retar0;cat=fl-re00;ord=331189549;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F
- https://10488595.fls.doubleclick.net/activityi;src=10488595;type=retar0;cat=fl-re00;ord=9090583970795;gtm=2wg1v0;auiddc=1626391383.1643810859;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F HTTP 302
- https://10488595.fls.doubleclick.net/activityi;dc_pre=CNf929KY4fUCFcP6hwod_AoMNg;src=10488595;type=retar0;cat=fl-re00;ord=9090583970795;gtm=2wg1v0;auiddc=1626391383.1643810859;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F
- https://www.googleadservices.com/pagead/conversion/1032405859/?url=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F&guid=ON&script=0&data= HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/?url=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=LJD6YemAA8He_gTr6qbwBw&random=726567000&sscte=1&crd=CNCksQI HTTP 302
- https://www.google.com/pagead/1p-conversion/1032405859/?url=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=726567000&sscte=1&crd=CNCksQI&is_vtc=1&ocp_id=LJD6YemAA8He_gTr6qbwBw&cid=CAQSKQCNIrLMaCWa3iwTTp4tD4hpkXHrnxehdeXMpYq_EdK66Yj3O4WSPXqf&random=1760455165 HTTP 302
- https://www.google.ca/pagead/1p-conversion/1032405859/?url=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=726567000&sscte=1&crd=CNCksQI&is_vtc=1&ocp_id=LJD6YemAA8He_gTr6qbwBw&cid=CAQSKQCNIrLMaCWa3iwTTp4tD4hpkXHrnxehdeXMpYq_EdK66Yj3O4WSPXqf&random=1760455165&ipr=y&prhg=0
- https://10488595.fls.doubleclick.net/activityi;src=10488595;type=retar0;cat=fl-re00;ord=2122837608;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F HTTP 302
- https://10488595.fls.doubleclick.net/activityi;dc_pre=CJL8j9OY4fUCFU6zhwodQdsBCA;src=10488595;type=retar0;cat=fl-re00;ord=2122837608;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F
- https://10488595.fls.doubleclick.net/activityi;src=10488595;type=retar0;cat=fl-re00;ord=2756801888085;gtm=2wg1v0;auiddc=1626391383.1643810859;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient HTTP 302
- https://10488595.fls.doubleclick.net/activityi;dc_pre=COq9ktOY4fUCFRaEhwodgrsNLQ;src=10488595;type=retar0;cat=fl-re00;ord=2756801888085;gtm=2wg1v0;auiddc=1626391383.1643810859;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Fservice-cas.hrblockonline.ca%252Fcas%252Foauth2.0%252FcallbackAuthorize%253Fclient_id%253DDIY21%2526redirect_uri%253Dhttps%25253A%25252F%25252F2021.hrblockonline.ca%25252F%252523%25252Fcallback%2526response_type%253Did_token%252Btoken%2526googleDeviceId%253D%2526client_name%253DCasOAuthClient
95 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
2021.hrblockonline.ca/ |
2 KB 965 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
optimizely.browser.umd.min.js
unpkg.com/@optimizely/optimizely-sdk@3.0.1/dist/ |
84 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.bundle.css
2021.hrblockonline.ca/ |
6 MB 310 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle.css
2021.hrblockonline.ca/ |
2 B 262 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
newrelic.cfc05ddb.js
2021.hrblockonline.ca/js/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
heap.865e08db.js
2021.hrblockonline.ca/js/ |
734 B 690 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script_env.a32058b0.js
2021.hrblockonline.ca/js/ |
644 B 602 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendors.0c1e9865.chunk.js
2021.hrblockonline.ca/js/ |
2 MB 514 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.72870fb6.chunk.js
2021.hrblockonline.ca/js/ |
144 B 398 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.4b36920b.js
2021.hrblockonline.ca/js/ |
10 MB 2 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
heap-3605585590.js
cdn.heapanalytics.com/js/ |
111 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cra.js
apps3.ams-sga.cra-arc.gc.ca/gol-ged/awsc/tdd/auth/pub/js/ Redirect Chain
|
5 KB 6 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
245 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ns.html
www.googletagmanager.com/ Frame 9CF7 |
697 B 512 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
A1327526-4c1f-4d69-8e68-900d5e31e37e1.js
d.impactradius-event.com/ |
41 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
915 B 996 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
HEAD H2 |
jwks
service-cas.hrblockonline.ca/cas/oidc/ |
0 382 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
features
2021.hrblockonline.ca/hrbweb/api/optimizely/ |
3 KB 738 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-logo-120px.png
2021.hrblockonline.ca/assets/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading_final_Mobile.gif
2021.hrblockonline.ca/assets/ |
37 KB 38 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading_final_Normal.gif
2021.hrblockonline.ca/assets/ |
90 KB 90 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
2021.hrblockonline.ca/assets/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Noto_Sans_400.woff
2021.hrblockonline.ca/assets/ |
19 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
h
heapanalytics.com/ |
37 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login
service-cas.hrblockonline.ca/cas/ Redirect Chain
|
10 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/ Frame 9CF7 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
activityi;dc_pre=CI3h2tKY4fUCFWKHgwgdriwJRg;src=10488595;type=retar0;cat=fl-re00;ord=331189549;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F
10488595.fls.doubleclick.net/ Frame C321 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ |
353 KB 139 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ebae772f-ef23-4c48-8d02-4268cf19a8c5
ekr.zdassets.com/compose/ |
433 B 995 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CNf929KY4fUCFcP6hwod_AoMNg;src=10488595;type=retar0;cat=fl-re00;ord=9090583970795;gtm=2wg1v0;auiddc=1626391383.1643810859;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F
10488595.fls.doubleclick.net/ Frame 1EB0 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.js
www.redditstatic.com/ads/ |
23 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
bat.js
bat.bing.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fbevents.js
connect.facebook.net/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
web-widget-framework-c89f2cabb37233fdb333.js
static.zdassets.com/web_widget/latest/ Frame 7BE6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
web-widget-talk-sdk-b87d56311b0320842d5d.js
static.zdassets.com/web_widget/latest/ Frame 7BE6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
collect
www.google-analytics.com/j/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
normalize.css
service-cas.hrblockonline.ca/cas/webjars/normalize.css/8.0.1/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-grid.min.css
service-cas.hrblockonline.ca/cas/webjars/bootstrap/4.5.0/css/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
material-components-web.css
service-cas.hrblockonline.ca/cas/webjars/material-components-web/4.0.0/dist/ |
318 KB 318 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
materialdesignicons.css
service-cas.hrblockonline.ca/cas/webjars/mdi__font/5.0.45/css/ |
274 KB 275 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cas.css
service-cas.hrblockonline.ca/cas/css/ |
241 KB 241 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-card-widget.css
service-cas.hrblockonline.ca/cas/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-cas.css
service-cas.hrblockonline.ca/cas/css/ |
552 B 847 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-checkbox.css
service-cas.hrblockonline.ca/cas/css/ |
923 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-errors.css
service-cas.hrblockonline.ca/cas/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-field.css
service-cas.hrblockonline.ca/cas/css/ |
108 B 403 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-login.css
service-cas.hrblockonline.ca/cas/css/ |
848 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-navbar.css
service-cas.hrblockonline.ca/cas/css/ |
922 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-2fa.css
service-cas.hrblockonline.ca/cas/css/ |
326 B 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
es5-shim.js
service-cas.hrblockonline.ca/cas/webjars/es5-shim/4.5.9/ |
83 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css-vars-ponyfill.min.js
service-cas.hrblockonline.ca/cas/webjars/css-vars-ponyfill/2.3.1/dist/ |
22 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
service-cas.hrblockonline.ca/cas/webjars/jquery/3.5.1/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
material-components-web.js
service-cas.hrblockonline.ca/cas/webjars/material-components-web/4.0.0/dist/ |
929 KB 930 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cas.js
service-cas.hrblockonline.ca/cas/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
language-switcher.js
service-cas.hrblockonline.ca/cas/js/ |
862 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-login.js
service-cas.hrblockonline.ca/cas/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb-gtm.js
service-cas.hrblockonline.ca/cas/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js.cookie.min.js
service-cas.hrblockonline.ca/cas/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
heap.js
service-cas.hrblockonline.ca/cas/js/ |
621 B 926 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
heap-init.js
service-cas.hrblockonline.ca/cas/js/ |
149 B 454 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
heap-service.js
service-cas.hrblockonline.ca/cas/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb_logo.svg
service-cas.hrblockonline.ca/cas/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hrb_logo.svg
service-cas.hrblockonline.ca/cas/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v25/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gtm.js
www.googletagmanager.com/ |
245 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ns.html
www.googletagmanager.com/ Frame 559E |
712 B 353 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
heap-3605585590.js
cdn.heapanalytics.com/js/ |
111 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
h
heapanalytics.com/ |
37 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.ca/pagead/1p-conversion/1032405859/ Frame 559E Redirect Chain
|
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
activityi;dc_pre=CJL8j9OY4fUCFU6zhwodQdsBCA;src=10488595;type=retar0;cat=fl-re00;ord=2122837608;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F
10488595.fls.doubleclick.net/ Frame FF66 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activityi;dc_pre=COq9ktOY4fUCFRaEhwodgrsNLQ;src=10488595;type=retar0;cat=fl-re00;ord=2756801888085;gtm=2wg1v0;auiddc=1626391383.1643810859;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Fl...
10488595.fls.doubleclick.net/ Frame 605D Redirect Chain
|
743 B 506 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.js
www.redditstatic.com/ads/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rp.gif
alb.reddit.com/ |
42 B 125 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5257317.js
bat.bing.com/p/action/ |
0 94 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 152 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 451 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
573975276708792
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.google.com/pagead/1p-user-list/1032405859/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.ca/pagead/1p-user-list/1032405859/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 407 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=COq9ktOY4fUCFRaEhwodgrsNLQ;src=10488595;type=retar0;cat=fl-re00;ord=2756801888085;gtm=2wg1v0;auiddc=*;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2Fcas%2Flogin%3Fservice%3Dhttps%253A%25...
adservice.google.com/ddm/fls/z/ Frame 605D |
42 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.ca/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- googleads.g.doubleclick.net
- URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/?url=https%3A%2F%2F2021.hrblockonline.ca%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=K5D6YbO2B5iYoPMPiIqy-A0&random=1007655787&sscte=1&crd=
- Domain
- 10488595.fls.doubleclick.net
- URL
- https://10488595.fls.doubleclick.net/activityi;dc_pre=CI3h2tKY4fUCFWKHgwgdriwJRg;src=10488595;type=retar0;cat=fl-re00;ord=331189549;~oref=https%3A%2F%2F2021.hrblockonline.ca%2F?
- Domain
- bat.bing.com
- URL
- https://bat.bing.com/bat.js
- Domain
- connect.facebook.net
- URL
- https://connect.facebook.net/en_US/fbevents.js
- Domain
- googleads.g.doubleclick.net
- URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032405859/?random=1643810859196&cv=9&fst=1643810859196&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg1v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F2021.hrblockonline.ca%2F&tiba=H%26R%20Block%20Canada%202021&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
- Domain
- static.zdassets.com
- URL
- https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js
- Domain
- static.zdassets.com
- URL
- https://static.zdassets.com/web_widget/latest/web-widget-talk-sdk-b87d56311b0320842d5d.js
- Domain
- www.google-analytics.com
- URL
- https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1299292789&t=pageview&_s=1&dl=https%3A%2F%2F2021.hrblockonline.ca%2F&ul=en-us&de=UTF-8&dt=H%26R%20Block%20Canada%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=1025686708&gjid=845465476&cid=1397524222.1643810859&tid=UA-26465398-1&_gid=617713853.1643810859&_r=1>m=2wg1v0P77LF8T&z=213040884
- Domain
- 10488595.fls.doubleclick.net
- URL
- https://10488595.fls.doubleclick.net/activityi;dc_pre=CJL8j9OY4fUCFU6zhwodQdsBCA;src=10488595;type=retar0;cat=fl-re00;ord=2122837608;~oref=https%3A%2F%2Fservice-cas.hrblockonline.ca%2F?
Verdicts & Comments Add Verdict or Comment
67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 undefined| returnExports function| cssVars function| $ function| jQuery object| mdc function| requestGeoPosition function| logGeoLocationError function| showGeoPosition function| preserveAnchorTagOnForm function| reloadLoginPage function| generateUrlWithServiceParameter function| resourceLoadedSuccessfully function| buildPathWithLocale function| getOppositeLocale function| goToEnglishVersion function| goToFrenchVersion function| areCookiesEnabled function| checkCookieForUsername function| setUserNameCookie function| addUsernameCookieOnSubmitListener function| initializeAddUserNameCookieFromParentIframe function| initializeLoginForm function| getUrlParameter function| initializeGtm object| Cookies object| heap function| initializeHeap function| identifyUserWithGAId function| identifyAnonymousUser function| identify function| baseProperty function| passAnonymousDataAsParameter function| baseIdentify function| getUniqueIdentifier function| addPropertyToHeapEventData function| getUrlQueryParameterByName boolean| trackGeoLocation object| googleAnalyticsTrackingId function| jqueryReady object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| rdt object| uetq function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| configArgs number| pixelRatio number| width number| height object| screenSize boolean| isBetaAdvertiser object| labels function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_e582ef30ad23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| service-cas.hrblockonline.ca/cas/ | Name: SESSION Value: Y2M0OGM1OWMtM2M2Ni00MjNhLTk5NjktODNiMzdjMzFmMTIy |
|
| .hrblockonline.ca/ | Name: IR_gbd Value: hrblockonline.ca |
|
| .hrblockonline.ca/ | Name: IR_9098 Value: 1643810859065%7C0%7C1643810859065%7C%7C |
|
| .hrblockonline.ca/ | Name: _hp2_ses_props.3605585590 Value: %7B%22ts%22%3A1643810858917%2C%22d%22%3A%222021.hrblockonline.ca%22%2C%22h%22%3A%22%2F%22%2C%22g%22%3A%22%23%2Fportal-landing-page%22%7D |
|
| .hrblockonline.ca/ | Name: _gcl_au Value: 1.1.1626391383.1643810859 |
|
| service-cas.hrblockonline.ca/ | Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: en |
|
| .service-cas.hrblockonline.ca/ | Name: pac4jCsrfToken Value: 7258b8db-1529-42e9-9a70-a7f4541eb1fd |
|
| .2021.hrblockonline.ca/ | Name: _ga Value: GA1.3.1397524222.1643810859 |
|
| .bing.com/ | Name: MUID Value: 3F290EC4E7626D5B1A3C1FFBE6C86CDA |
|
| .bat.bing.com/ | Name: MR Value: 0 |
|
| .2021.hrblockonline.ca/ | Name: _gid Value: GA1.3.617713853.1643810859 |
|
| .2021.hrblockonline.ca/ | Name: _gat_UA-26465398-1 Value: 1 |
|
| service-cas.hrblockonline.ca/ | Name: hrb.cas.returningUser Value: false |
|
| .hrblockonline.ca/ | Name: _hp2_id.3605585590 Value: %7B%22userId%22%3A%223731814025503550%22%2C%22pageviewId%22%3A%22886962007330488%22%2C%22sessionId%22%3A%228808961637393749%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D |
|
| .service-cas.hrblockonline.ca/ | Name: _ga Value: GA1.3.1365215170.1643810860 |
|
| .service-cas.hrblockonline.ca/ | Name: _gid Value: GA1.3.617774736.1643810860 |
|
| .service-cas.hrblockonline.ca/ | Name: _gat_UA-26465398-1 Value: 1 |
|
| .hrblockonline.ca/ | Name: _rdt_uuid Value: 1643810860083.ca317a6c-8721-4326-9c08-802fe560a7db |
|
| .hrblockonline.ca/ | Name: _uetsid Value: 7b73b100843111ecb0561557ebd2da25 |
|
| .hrblockonline.ca/ | Name: _uetvid Value: 7b73ccd0843111ec9371d3d209120f8a |
|
| .hrblockonline.ca/ | Name: _fbp Value: fb.1.1643810860194.1960993841 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnSvjnM77WWKACrQ5m8xr9sSg-WTBOkxOFTiOTNgZ3bo7WjbkRRP_SqLKpUP0k |
|
| .facebook.com/ | Name: fr Value: 0oYvGQYCk5d2RVpcN..Bh-pAs...1.0.Bh-pAs. |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=3153600; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10488595.fls.doubleclick.net
2021.hrblockonline.ca
adservice.google.com
alb.reddit.com
ams-sga.cra-arc.gc.ca
apps3.ams-sga.cra-arc.gc.ca
bat.bing.com
cdn.heapanalytics.com
connect.facebook.net
d.impactradius-event.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heapanalytics.com
service-cas.hrblockonline.ca
static.zdassets.com
stats.g.doubleclick.net
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
10488595.fls.doubleclick.net
bat.bing.com
connect.facebook.net
googleads.g.doubleclick.net
static.zdassets.com
www.google-analytics.com
104.18.70.113
13.225.214.23
142.250.65.226
142.250.65.230
151.101.1.140
198.103.206.25
198.103.206.32
20.99.133.72
2606:4700::6810:7daf
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::2008
2607:f8b0:4006:820::2003
2607:f8b0:4006:823::200e
2607:f8b0:4023:1404::9a
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::396
35.186.249.72
52.7.202.11
028770d8e28eaaf0f884bb6d47d193bdbfaa508b01be9ada17357e1d719f4ec0
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
0891b6a62b86c8469ee74b3ac442cf739db0e341d9ed1d992bc1b2f1fc37b90e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ebb5f23935ba97d6452d8dd3a5b1c0de72fa09c76ea1be7a6b106f189844d0b
1ff8d34ed8c7d30550864936a761d7ce500712956d63becbe7484401d188cad4
2670ab6235d643c1b8c31504677a38226fcc526e89222081efe80b723a3a83b3
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2e49f51414ed48f0fb31a2439f80f525b8d9b97ef4e83d204014fb8bd8aba5eb
34dc8e702d908415029f26bc8dc4a5edf4cd0f04f4f168510015f0e17f2bb72c
3a98751fcf0beb9eaa5d12e21c1f01e7c013e58412e218496141e8e9df11bd57
41e698bcd9356a6881170dcbd9f8b3e4adcdc0989c6ddc359630473fc1ea4b4e
42d304e989993e7006513cfd263ab40607f025bcad8367f2d8d09108dcc28cdc
48d4722d58f4b343ea74c4329743e940d1656b3d63c5850606ed7623d335cc7a
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
58b863a4c10da17158c40c29f542890d3b51542fd3d9172a74ef75c53a030258
598a54c0e2c0d7a4bc96e65fc4952e719fb140d5b2890254e5aa0f10fca0c739
5ad27a6010b18e293c065996299fabae7a01c588556e4284c8a6cc72ca03f767
5fc21462803f9d1a092c18bd1033a79bf7c103a1b2b1523fa751555fa8ac7dfc
627957be995ccc2a2e395ad49e98c006ffacd19fc1f53c25efd6046a0d895451
70ace91f3a0f1c8388daed852a861462cdf17215deb8c2218bf5ffc5111b970e
72f095d70b0d69330ac73c3cb4108e9f3afa9bb6828a928d550b1812dbc88ac6
73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7db45d5fa6ef1dec7a3b2c130149cb24f5dfa71931fd4cb6e0098cafa00cafc2
7fe7903ce2632538c46cc0b5fdcadbbb8c2ee7434930e5cd851593c5624dd88a
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
918f41a215ef25488db4e189a3a2fbc3b4cda000cf549a8aef9eab217d49f09b
93bc415ce79ebb9fc35e1c85fa2c348118ef967470bcbcadcca775aaf2c474c0
94e930950d5878f513802a3a816e57048fff5bedb5143c7cb5fedabc0e5c8d36
95ca1871162b789cd3847ecb496beb5dd599319a579f060337fa62cbb1a30dfd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3be6766fb3ee35065a83ad718f4b8e5d468b0192d3b0fd47b7ba67c38f09e84
a6bc7064ba4ee4012c9966da722c995788c908ec2a549a2cd49f0d9fd8a64c76
ab9fdb993022e9fa0c2e50488d716186aecc5526ee20bbe3f24d0adbd77a1996
ad68b6241297a314650de9e3173f2f370752f87e0b18daac25ca359f8f907f8e
b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8
b7fc55ab62b81eb54ae01de81fee15005fc4f62859ad8c050d6eb1275c8525b7
baa149cfca28ea70ccc424d5e526768f8177d7c2153ad2b6c0dd76693b66794a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5aa56daca3e7d743828c64d97907d99fd6640053b5c0c6f408e3d0f46bca03
c1e279bee114c2272eb9f8ff3308da07e074126423a9ebacd6323f29f6638532
c30e5c1b433c1d5e6361a77d705395d24a53a5714d5c5af413f54f7c12079811
d0600eaff93b83bb20b36bb35f5c36e6caf21e830e04a2f07ce18b5007292ec2
d457629713189b3990e0c3bbaf455bde6bbd1700d166be53e3def7794b5e85da
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df1275a6cea0c3a9988a4dbddbcea37780815660295262af7dbcc15f53b0b45f
df6a536d081942353bf948100efbb6e718fb71eea29341eab26343b09d98814e
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e14bda4aa379c1a777ca28e1038247e8650ebea9f5a3a58e85a566722cc53079
e216f49acdbe944b8034d0323ac03cb1562adb6d3cbc767bebe81ea56e1da603
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2d589aec5c4ca7d4589d2a4ff620648dced60870bfedbe15d104fa2abe15c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b