activate-qa.hrblock.com Open in urlscan Pro
20.98.172.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://activate-qa.hrblock.com/
Submission: On July 14 via automatic, source certstream-suspicious (July 14th 2022, 4:26:25 pm UTC) — Scanned from DE

Summary HTTP 56 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 56 HTTP transactions. The main IP is 20.98.172.92, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is activate-qa.hrblock.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 3rd 2021. Valid for: a year.

This is the only time activate-qa.hrblock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	20.98.172.92 20.98.172.92	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a02:26f0:480... 2a02:26f0:480:287::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 5	34.241.126.16 34.241.126.16	16509 (AMAZON-02) (AMAZON-02)
1	15.197.170.101 15.197.170.101	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.46 143.204.89.46	16509 (AMAZON-02) (AMAZON-02)
2	18.193.139.53 18.193.139.53	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.92.5 52.85.92.5	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:e400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.251.55.29 34.251.55.29	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	79.125.52.138 79.125.52.138	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:215... 2600:9000:2156:e400:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.84.251.161 20.84.251.161	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:3c01::f0... 2600:3c01::f03c:91ff:fe79:43b	63949 (LINODE-AP...) (LINODE-AP Linode)
4	13.69.106.212 13.69.106.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.165.136.37 52.165.136.37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
56	23

15 20.98.172.92 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

activate-qa.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:287::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.241.126.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-126-16.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.170.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: af7be9a1b07df2d35.awsglobalaccelerator.com

mp-hrbcomlnp.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-46.fra50.r.cloudfront.net

sdk.hrb.magicpixel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.139.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-139-53.eu-central-1.compute.amazonaws.com

collection.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.92.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-5.ham50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.55.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-29.eu-west-1.compute.amazonaws.com

hrblock.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.52.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-52-138.eu-west-1.compute.amazonaws.com

hrblock.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:e400:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.84.251.161 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

orp-external-proxy-qa.hrblock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c01::f03c:91ff:fe79:43b (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)

jsonip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.165.136.37 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a3dvbdsuclassets.z19.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	hrblock.com activate-qa.hrblock.com mp-hrbcomlnp.hrblock.com — Cisco Umbrella Rank: 120910 smetrics.hrblock.com — Cisco Umbrella Rank: 104531 orp-external-proxy-qa.hrblock.com	3 MB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 509	118 KB
6	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 213 hrblock.demdex.net — Cisco Umbrella Rank: 119457	9 KB
4	windows.net a3dvbdsuclassets.z19.web.core.windows.net — Cisco Umbrella Rank: 502537
4	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 679	850 B
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 432	138 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 995 api2.branch.io — Cisco Umbrella Rank: 584	25 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 943 s.tribalfusion.com — Cisco Umbrella Rank: 2571	1005 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 223	1 KB
2	decibelinsight.net collection.decibelinsight.net — Cisco Umbrella Rank: 7871	74 KB
1	jsonip.com jsonip.com — Cisco Umbrella Rank: 24038	411 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 489	489 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 399	265 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 365	98 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 830	457 B
1	omtrdc.net hrblock.tt.omtrdc.net — Cisco Umbrella Rank: 119535	721 B
1	app.link app.link — Cisco Umbrella Rank: 1710	593 B
1	magicpixel.io sdk.hrb.magicpixel.io — Cisco Umbrella Rank: 115289	61 KB
1	gstatic.com www.gstatic.com	145 KB
1	google.com www.google.com — Cisco Umbrella Rank: 17	966 B
56	20

	Domain	Requested by
15	activate-qa.hrblock.com	activate-qa.hrblock.com
6	cdn.cookielaw.org	activate-qa.hrblock.com cdn.cookielaw.org
5	dpm.demdex.net	1 redirects activate-qa.hrblock.com
4	a3dvbdsuclassets.z19.web.core.windows.net
4	dc.services.visualstudio.com	activate-qa.hrblock.com
4	assets.adobedtm.com	activate-qa.hrblock.com assets.adobedtm.com
2	orp-external-proxy-qa.hrblock.com	activate-qa.hrblock.com
2	cm.g.doubleclick.net	2 redirects
2	api2.branch.io	cdn.branch.io activate-qa.hrblock.com
2	collection.decibelinsight.net	activate-qa.hrblock.com
1	jsonip.com	activate-qa.hrblock.com
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	match.adsrvr.org	activate-qa.hrblock.com
1	idsync.rlcdn.com	activate-qa.hrblock.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	hrblock.tt.omtrdc.net	assets.adobedtm.com
1	smetrics.hrblock.com	assets.adobedtm.com
1	hrblock.demdex.net	assets.adobedtm.com
1	app.link	cdn.branch.io
1	cdn.branch.io	activate-qa.hrblock.com
1	sdk.hrb.magicpixel.io	activate-qa.hrblock.com
1	mp-hrbcomlnp.hrblock.com	activate-qa.hrblock.com
1	www.gstatic.com	www.google.com
1	www.google.com	activate-qa.hrblock.com
56	26

This site contains links to these domains. Also see Links.

Domain
onetrust.com

Subject Issuer	Validity	Valid
activate-qa.hrblock.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-03`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
mp-hrbcomlnp.hrblock.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.hrb.magicpixel.io Amazon	`2022-07-04` - `2023-08-02`	a year	crt.sh
*.decibelinsight.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-14` - `2022-12-14`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.hrblock.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-01` - `2023-05-02`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
orp-external-proxy-qa.hrblock.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-22` - `2022-07-22`	a year	crt.sh
jsonip.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2022-06-22` - `2023-06-22`	a year	crt.sh
*.web.core.windows.net Microsoft RSA TLS CA 01	`2022-05-15` - `2023-05-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://activate-qa.hrblock.com/
Frame ID: A7AAA51C5BB053EDC982F80591763D86
Requests: 49 HTTP requests in this frame

Frame: https://hrblock.demdex.net/dest5.html?d_nsid=0
Frame ID: 7AAE22C757C6A51077355C39D3945824
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

H&R Block Software DownloadBack ButtonSearch IconFilter Icon

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

56
Requests

93 %
HTTPS

40 %
IPv6

20
Domains

26
Subdomains

23
IPs

5
Countries

3188 kB
Transfer

8703 kB
Size

29
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1657815979027 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1657815979027

Request Chain 29

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjE5NTEwODIyOTY1NzIxNjE0MzE4MDk4ODk1MTEzMTY0NTU5MzE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjE5NTEwODIyOTY1NzIxNjE0MzE4MDk4ODk1MTEzMTY0NTU5MzE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPMSeqL6lX4DhRLJNLljDnQ&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 33

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=gWsA4INqBbKaO1Do1TtJ5IJgUOeabVe1h294bFTq

Request Chain 34

https://a.tribalfusion.com/i.match?p=b13&u=21951082296572161431809889511316455931&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=21951082296572161431809889511316455931&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
activate-qa.hrblock.com/ 2 KB
1 KB 412ms
133ms Document
text/html 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 62c8bdd618b1623f0228784d5199082101d802f99005e1c0dbbd84924d349600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 873
Content-Type: text/html
Date: Thu, 14 Jul 2022 16:26:18 GMT
ETag: "e03596be136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Powered-By: ASP.NET

GET
H2 200 launch-ENc839e85c1857439f954d6f36b8f61a5f-staging.min.js Show response
assets.adobedtm.com/f6306126288b/e9e814d2f623/ 477 KB
115 KB 168ms
121ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/f6306126288b/e9e814d2f623/launch-ENc839e85c1857439f954d6f36b8f61a5f-staging.min.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 91aef0048acc04b668d8683578755fdd50f7182af64ecbcf4722dcb7755bffe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 16:26:18 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 20:44:42 GMT
server: AkamaiNetStorage
etag: "a86139a57b1f1f3570685e13b8995e98:1656621882.508202"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://activate-qa.hrblock.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Jul 2022 16:26:18 GMT

GET
H/1.1 200
OK runtime-es2015.js Show response
activate-qa.hrblock.com/ 9 KB
3 KB 134ms
134ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/runtime-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3df8e1240f03417b9ea9abcacf772a98e03fbabeeb4ab84b7f834e055c33e7a7

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:18 GMT
Content-Encoding: gzip
ETag: "9ffaa8be136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3103

GET
H/1.1 200
OK polyfills-es2015.js Show response
activate-qa.hrblock.com/ 156 KB
44 KB 407ms
272ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/polyfills-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b8582b996a563b823534b080e3b2f214cf2468fe4294476c9cbb0001f4774b35

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:19 GMT
Content-Encoding: gzip
ETag: "5c299cbe136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44997

GET
H/1.1 200
OK styles-es2015.js Show response
activate-qa.hrblock.com/ 14 KB
5 KB 369ms
128ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/styles-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cbfec994c4f48d8850487986b14274c36092138bca955bd9fa59f004f3af074c

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:19 GMT
Content-Encoding: gzip
ETag: "7a18a4be136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5033

GET
H/1.1 200
OK vendor-es2015.js Show response
activate-qa.hrblock.com/ 4 MB
1 MB 533ms
290ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/vendor-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 17d864cae737382059ad1d9c3e2a9122934cbbc19ecc572216e42b7dd817b40e

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:19 GMT
Content-Encoding: gzip
ETag: "d3ddb6be136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK main-es2015.js Show response
activate-qa.hrblock.com/ 337 KB
84 KB 558ms
309ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/main-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d9a3fc2c2e5c195d3aa8d3c4c0872df032c64e200c31ad3a25761b056c3c3678

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:19 GMT
Content-Encoding: gzip
ETag: "07a88be136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
966 B 42ms
16ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c00d3d7d0edda8d5399a49c32c7fc8a0359ff30bf2ddb8f9ba3cbdd183862c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Thu, 14 Jul 2022 16:26:18 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 14:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 14:26:09 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1657815979027
https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1657815979027

1 KB
1 KB

39ms
39ms

XHR
application/json

34.241.126.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1657815979027

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/

Protocol

HTTP/1.1

Server

34.241.126.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-126-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cb75e1654cc1d313b71545eaff9edae382bef894a01244d65e77badc566474f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-09e5d4995.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: WXJ7P73jQsQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://activate-qa.hrblock.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 635
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v036-0459dd4f0.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://activate-qa.hrblock.com
X-TID: opxuJsAKQF8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&d_nsid=0&ts=1657815979027
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 33 KB
12 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f6306126288b/e9e814d2f623/launch-ENc839e85c1857439f954d6f36b8f61a5f-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 22:18:26 GMT
server: AkamaiNetStorage
etag: "85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://activate-qa.hrblock.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12243
expires: Thu, 14 Jul 2022 17:26:19 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f6306126288b/e9e814d2f623/launch-ENc839e85c1857439f954d6f36b8f61a5f-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 22:18:27 GMT
server: AkamaiNetStorage
etag: "9355415074dbdbd216a19b61ce931ab2:1642630707.219535"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://activate-qa.hrblock.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1599
expires: Thu, 14 Jul 2022 17:26:19 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 25 KB
9 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f6306126288b/e9e814d2f623/launch-ENc839e85c1857439f954d6f36b8f61a5f-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 22:18:27 GMT
server: AkamaiNetStorage
etag: "72152d82739a20813d7490454a0d252e:1642630707.464895"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://activate-qa.hrblock.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8755
expires: Thu, 14 Jul 2022 17:26:19 GMT

GET
H2 200 idl-staging.js Show response
mp-hrbcomlnp.hrblock.com/idl/hrb/ 155 B
453 B 345ms
107ms Script
application/javascript 15.197.170.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp-hrbcomlnp.hrblock.com/idl/hrb/idl-staging.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.170.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: af7be9a1b07df2d35.awsglobalaccelerator.com
Software: /
Resource Hash: 7e07970f6d667755ae7086a89387ad757c17486f6c1fe0c12ca1c76373570b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
access-control-allow-credentials: true
content-length: 155
vary: Origin
content-type: application/javascript; charset=utf8

GET
H2 200 fyhAl4WCL-staging.js Show response
sdk.hrb.magicpixel.io/ 337 KB
61 KB 85ms
14ms Script
application/javascript 143.204.89.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.hrb.magicpixel.io/fyhAl4WCL-staging.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-46.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fb1506cd07cb5d7764111e0b4b9716f4dacfaf98f064c9dbc1ced6f2eb847aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:45:09 GMT
content-encoding: gzip
last-modified: Mon, 04 Jul 2022 18:51:09 GMT
server: AmazonS3
age: 56471
etag: W/"9fe0c07664f4b50b9e44b65b8329ecb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: m0DxDGnx0HqK-1w8yN3bmdxpGMbiAcNIUKVC0L0yBvaBRyt7V9aiJw==

GET
H/1.1 200
OK di.js Show response
collection.decibelinsight.net/i/13948/332429/ 174 KB
68 KB 37ms
9ms Script
text/javascript 18.193.139.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collection.decibelinsight.net/i/13948/332429/di.js

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.139.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-139-53.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e0c37585a3e1115c90636b9e8bd30c4f776762dba4d5f6e3309d1f6530311547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:19 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
ETag: W/000076214-181FD885452
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, max-age=5400
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 77ms
35ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4m3LBpuQ5au3un+sbdTm6g==
age: 14391
vary: Accept-Encoding
content-length: 6922
x-ms-lease-status: unlocked
last-modified: Wed, 13 Jul 2022 02:50:07 GMT
server: cloudflare
etag: 0x8DA647A65424036
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cc1edbd2-401e-015e-4c65-966db0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72ab9e8d7f0323c7-ZRH

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 80 KB
24 KB 50ms
14ms Script
text/javascript 52.85.92.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-5.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98d88c9c14899a2617220b7f86f5c28268cd0767b5f7949555d56db54e3e1bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: fM8Z53_eWVCahoEwRnQCnXyBnxwSdQv4
content-encoding: gzip
last-modified: Tue, 24 May 2022 00:59:33 GMT
server: AmazonS3
age: 65
etag: "397f318ec9812ef60d1660a626ada5a1"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Thu, 14 Jul 2022 16:25:15 GMT
x-amz-cf-pop: HAM50-C1
content-length: 24121
x-amz-cf-id: tGXmjqXEM73GW3x3mtD-LT0qAyanQL7uxAZ5bRoouy9R-KwOPAZZzQ==

GET
H2 200 _r Show response
app.link/ 91 B
593 B 196ms
165ms Script
text/javascript 2600:9000:2156:e400:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.62.0&branch_key=key_test_pg9CD7mzedZFaysVFFPYunlcwrgVhrNP&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

6ca3dcad7d61e6227b67bf407f3bcc311a4d510105777e2f0b93e120f4e76048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA50-C1
etag: W/"5b-ejVzxenc09tVJnoYROkWocteaGQ"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: pIdMgOSohGe0XdtuSx14BEuHSvkjynBMQkmaUduYC-z7PRJikpuR0w==

GET
H2 200 68d1a37f-2d10-4455-8ba9-25a43e6967b1-test.json Show response
cdn.cookielaw.org/consent/68d1a37f-2d10-4455-8ba9-25a43e6967b1-test/ 4 KB
2 KB 96ms
69ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/68d1a37f-2d10-4455-8ba9-25a43e6967b1-test/68d1a37f-2d10-4455-8ba9-25a43e6967b1-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e52f32c138bcb2c7445f665e710f4cc43e0884c753a5873bda5f6eaf37ad78ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: hugCvXm+rj6pvzfmmLzq9g==
content-length: 1516
x-ms-lease-status: unlocked
last-modified: Thu, 02 Jun 2022 13:30:16 GMT
server: cloudflare
etag: 0x8DA449C07DDD0FD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bbd8ead1-a01e-0110-529e-97a855000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 72ab9e8dda6023af-ZRH

GET
H/1.1 200
OK dest5.html Show response
hrblock.demdex.net/ Frame 7AAE 7 KB
3 KB 147ms
32ms Document
text/html 34.251.55.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hrblock.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f6306126288b/e9e814d2f623/launch-ENc839e85c1857439f954d6f36b8f61a5f-staging.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.55.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-55-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://activate-qa.hrblock.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcscanary-prod-irl1-1-v041-0ca641738.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: m+ozMVtRTzM=
content-encoding: gzip
date: Thu, 14 Jul 2022 16:26:19 GMT
last-modified: Thu, 30 Jun 2022 14:36:36 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.hrblock.com/ 48 B
513 B 89ms
18ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.hrblock.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=A78D3BC75245AD7C0A490D4D%40AdobeOrg&mid=15118720071815408661410660436110596982&ts=1657815979227

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f6306126288b/e9e814d2f623/launch-ENc839e85c1857439f954d6f36b8f61a5f-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

5b604c37ed4971fabd33c3a30cf5b8c862a237758cbea758f05897432c7c469e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activate-qa.hrblock.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-69c8d8cc76-jqfkd
vary: Origin
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://activate-qa.hrblock.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

POST
H2 200 delivery Show response
hrblock.tt.omtrdc.net/rest/v1/ 350 B
721 B 136ms
43ms XHR
application/json 79.125.52.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hrblock.tt.omtrdc.net/rest/v1/delivery?client=hrblock&sessionId=21b860426ea044f686841d02330e11d4&version=2.8.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/f6306126288b/e9e814d2f623/launch-ENc839e85c1857439f954d6f36b8f61a5f-staging.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.52.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-52-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 952315e0b774154f9d4d91cbf86425d327cea99fbdd9375a9b32492eae0aa1e7

Request headers

Referer: https://activate-qa.hrblock.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://activate-qa.hrblock.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: ca1cbd046118ea9076e3f5158cd03e10

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 86ms
49ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://activate-qa.hrblock.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 72ab9e8e89090225-ZRH
access-control-allow-headers: Content-Type

POST
H2 200 open Show response
api2.branch.io/v1/ 276 B
636 B 239ms
186ms XHR
application/json 2600:9000:2156:e400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6bf42904e41b0abc30692a10f51e44593dacbea433ba0dc4a911c0c8c35f06fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://activate-qa.hrblock.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 0a7fa24ab72947b0a637b3683c2cbac6-2022071416
content-length: 276
x-amz-cf-id: UGVEtgtnByhXwXr8PxXrVThI4xC1MTz7xss5xiEAQ58FaFQ4hgKd8A==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 26ms
26ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bh9exWOPGIwRshWljrtlEw==
age: 23221087
vary: Accept-Encoding
content-length: 79698
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:43:00 GMT
server: cloudflare
etag: 0x8D89735260901BC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 73bec284-d01e-0098-476c-c456d9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72ab9e8ed93123c7-ZRH

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/68d1a37f-2d10-4455-8ba9-25a43e6967b1-test/44058be7-4c49-477a-8fd4-45c2d8345ce5/ 72 KB
16 KB 68ms
68ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/68d1a37f-2d10-4455-8ba9-25a43e6967b1-test/44058be7-4c49-477a-8fd4-45c2d8345ce5/en.json

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b694e7af08ac782fc0ef77178925cb24582fa4c06207982e54cf789835cda09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: SkWluaH1bhlFERNOh5V2pw==
content-length: 15863
x-ms-lease-status: unlocked
last-modified: Thu, 02 Jun 2022 13:30:20 GMT
server: cloudflare
etag: 0x8DA449C0A36AE05
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c916c919-701e-0112-679e-97aaaf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 72ab9e8f4d3c23af-ZRH

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame 7AAE 0
98 B 49ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=21951082296572161431809889511316455931
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 13 KB
3 KB 57ms
57ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W9e0YobmEbvdB0V9OmpQkw==
vary: Accept-Encoding
content-length: 3329
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:50 GMT
server: cloudflare
etag: 0x8D89735209A34D6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 72f0d23b-e01e-00fd-579d-95e784000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72ab9e8fbe4423af-ZRH

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ 46 KB
11 KB 51ms
51ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcCenter.json

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 16:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ydfMbMpHX/N/aS5YhkXXwQ==
vary: Accept-Encoding
content-length: 11336
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:53 GMT
server: cloudflare
etag: 0x8D89735220FDD9F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc15414a-201e-0101-2065-969f4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72ab9e8fbe4623af-ZRH

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPMSeqL6lX4DhRLJNLljDnQ&google_cver=1
dpm.demdex.net/ Frame 7AAE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjE5NTEwODIyOTY1NzIxNjE0MzE4MDk4ODk1MTEzMTY0NTU5MzE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjE5NTEwODIyOTY1NzIxNjE0MzE4MDk4ODk1MTEzMTY0NTU5MzE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPMSeqL6lX4DhRLJNLljDnQ&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

35ms
34ms

Image
image/gif

34.241.126.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPMSeqL6lX4DhRLJNLljDnQ&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/

Protocol

HTTP/1.1

Server

34.241.126.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-126-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-0f118980a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: o+aLXBz8SdI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 16:26:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPMSeqL6lX4DhRLJNLljDnQ&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
433 B 227ms
225ms XHR
application/json 2600:9000:2156:e400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://activate-qa.hrblock.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jul 2022 16:26:19 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: a52bf03e4f014782ad9c66305f60c6dc-2022071416
content-length: 28
x-amz-cf-id: iwFilDytOCQvaFL83rTMNYb4EtbMv7C4sUQ-WiQFh5wcil5B_iBrow==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7AAE 70 B
265 B 104ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 16:26:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=1175&&dpuuid=gWsA4INqBbKaO1Do1TtJ5IJgUOeabVe1h294bFTq
dpm.demdex.net/ Frame 7AAE
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=gWsA4INqBbKaO1Do1TtJ5IJgUOeabVe1h294bFTq

42 B
948 B

36ms
36ms

Image
image/gif

34.241.126.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=gWsA4INqBbKaO1Do1TtJ5IJgUOeabVe1h294bFTq

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/

Protocol

HTTP/1.1

Server

34.241.126.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-126-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v041-0ca641738.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vedRQsp/RH0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 16:26:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=gWsA4INqBbKaO1Do1TtJ5IJgUOeabVe1h294bFTq
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 7AAE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=21951082296572161431809889511316455931&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=21951082296572161431809889511316455931&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
956 B

34ms
34ms

Image
image/gif

34.241.126.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

34.241.126.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-126-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hrblock.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-0d8fdc793.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: ei0tTHTeTcA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 16:26:20 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 72ab9e93cb8bcc46-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dpm.demdex.net/ibs:dpid=22054
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK qa.config.json Show response
activate-qa.hrblock.com/assets/ 209 B
602 B 130ms
129ms XHR
application/json 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/assets/qa.config.json
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 80bc906fa4904e09666451f8ef1648c8a34809fe19ec2e01c98dfb50361a24e9

Request headers

accept-language: de-DE,de;q=0.9
Accept: application/json, text/plain, */*
Referer: https://activate-qa.hrblock.com/
Request-Id: |d017b0ec45ef4468add66ef62bb1a23d.4342ee3f65f5443d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "cfcebe136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 278

GET
H/1.1 200
OK c.json Show response
collection.decibelinsight.net/i/13948/332429/ 9 KB
6 KB 1659ms
1658ms XHR
application/json 18.193.139.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collection.decibelinsight.net/i/13948/332429/c.json

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.139.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-139-53.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0187951d04f53506c0f20b574b2f907d5db143da9edd3f0fc9f7ff47e4f9a752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:21 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
ETag: W/000076219-181FD885EAA
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://activate-qa.hrblock.com
Cache-Control: private, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override

GET
H/1.1 200
OK orp-micro-billing-and-payment.js Show response
orp-external-proxy-qa.hrblock.com/BillingAndPayment/ 1 MB
1 MB 595ms
311ms Script
application/javascript 20.84.251.161
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://orp-external-proxy-qa.hrblock.com/BillingAndPayment/orp-micro-billing-and-payment.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.251.161 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.23.0 /
Resource Hash: b63459016f3ada6a951befbc077d1589a21372648a7c37094b75418f5e9f486e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Last-Modified: Wed, 13 Jul 2022 11:56:11 GMT
Server: nginx/1.23.0
Content-MD5: AFoV33NHIZ91KRu7grd7oQ==
ETag: "0x8DA64C6ADF25E53"
Content-Type: application/javascript
x-ms-request-id: 77d10d1d-d01e-006a-1e9e-97b252000000
x-ms-version: 2018-03-28
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1403565

GET
H/1.1 404
Not Found /
orp-external-proxy-qa.hrblock.com/ 0
0 432ms
148ms Font
text/html 20.84.251.161
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://orp-external-proxy-qa.hrblock.com/
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.251.161 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.23.0 /
Resource Hash

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Server: nginx/1.23.0
Content-Type: text/html
Access-Control-Allow-Origin: *
x-envoy-upstream-service-time: 2
Connection: keep-alive
Content-Length: 555
request-context: appId=cid-v1:244efaae-e9f4-42c0-a3d9-372511a5ce0d

GET
H/1.1 200
OK / Show response
jsonip.com/ 110 B
411 B 495ms
163ms XHR
application/json 2600:3c01::f03c:91ff:fe79:43b
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://jsonip.com/

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:3c01::f03c:91ff:fe79:43b Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

Software

nginx/1.20.2 /

Resource Hash

e67a7e84d44211ff6f65014c5b7c9908299e82d9763a222fe692df73e2872148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept: application/json, text/plain, */*
Referer: https://activate-qa.hrblock.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=31536000;
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 27-es2015.js Show response
activate-qa.hrblock.com/ 38 KB
12 KB 304ms
304ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/27-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/runtime-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f99293cbcd7190cae001975d6c20e8524c69bd5951d0f3668a628aa19f44ce7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "365d93bd136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:02 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11459

GET
H/1.1 200
OK common-es2015.js Show response
activate-qa.hrblock.com/ 23 KB
6 KB 299ms
298ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/common-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/runtime-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 13b87315dd08cc7753a40d381c4d0043a369d957537c857a52dbc95fd39b5d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "ca3183be136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5833

GET
H/1.1 200
OK 35-es2015.js Show response
activate-qa.hrblock.com/ 163 KB
13 KB 149ms
147ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/35-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/runtime-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cb0d53ed7effc8ff53848a67247208248d77e6fcf42954e3e1705c52dc3e691c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "8fcde1bd136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:03 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12622

GET
H/1.1 200
OK 17-es2015.js Show response
activate-qa.hrblock.com/ 2 KB
1 KB 130ms
128ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/17-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/runtime-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 10dd44c3a6131ae933c8720a0371815b4b6b923804d9a22e3f8cca06fbc9629f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "8f4164bd136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:02 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 950

GET
H/1.1 200
OK 12-es2015.js Show response
activate-qa.hrblock.com/ 97 KB
8 KB 304ms
302ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/12-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/runtime-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8cd72caa071dfa80742febdfc48abc5fd305210de5a96b696ce55b41a3bdd3b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "eb9ee0bc136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:01 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7570

GET
H/1.1 200
OK 7-es2015.js Show response
activate-qa.hrblock.com/ 3 KB
2 KB 267ms
137ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/7-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/runtime-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6ea070232631acec5dad5a9d7d7acadfbf83efc6718cdb2a254cf2eccdfa7cff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "a92893be136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1264

GET
H/1.1 200
OK 57-es2015.js Show response
activate-qa.hrblock.com/ 9 KB
2 KB 164ms
144ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/57-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/runtime-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26216aae793119355eba38c5aeba1f94cb2b92ed3ee2c24d6215c89021440f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "428848be136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:03 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2107

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 287 B
496 B 225ms
225ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8df5d23dcc754ff5495fd49fbea0b8f4b0e7a381dc15de39e5b1a0cc5e66c711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://activate-qa.hrblock.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: B99B4142-DB3D-4E4E-98EA-A6115723B8CD
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 14 Jul 2022 16:26:20 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 287

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 480ms
16ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://activate-qa.hrblock.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 14 Jul 2022 16:26:19 GMT
x-content-type-options: nosniff

GET
H/1.1 200
OK 2-es2015.js Show response
activate-qa.hrblock.com/ 109 KB
10 KB 208ms
207ms Script
application/x-javascript 20.98.172.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://activate-qa.hrblock.com/2-es2015.js
Requested by: Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/runtime-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.98.172.92 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29a76d3a230821ae61558574b11046ee570f958771c5095119099d60751a6c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activate-qa.hrblock.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Content-Encoding: gzip
ETag: "d6d33bbd136ad81:0"
Last-Modified: Tue, 17 May 2022 17:30:01 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9685

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 89ms
16ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://activate-qa.hrblock.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 14 Jul 2022 16:26:19 GMT
x-content-type-options: nosniff

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 287 B
354 B 639ms
639ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: activate-qa.hrblock.com
URL: https://activate-qa.hrblock.com/polyfills-es2015.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8df5d23dcc754ff5495fd49fbea0b8f4b0e7a381dc15de39e5b1a0cc5e66c711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://activate-qa.hrblock.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 38CDB688-8206-4B11-AA45-CC71EED07791
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 14 Jul 2022 16:26:20 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 287

GET
H/1.1 404
The requested content does not exist. Graphik-Semibold-Web.woff
a3dvbdsuclassets.z19.web.core.windows.net//fonts/ 0
0 618ms
124ms Font
text/html 52.165.136.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a3dvbdsuclassets.z19.web.core.windows.net//fonts/Graphik-Semibold-Web.woff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.136.37 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Type: text/html
Access-Control-Allow-Origin: *
x-ms-request-id: 897b7564-f01e-0066-379e-97294b000000
x-ms-version: 2018-03-28
Content-Length: 321

GET
H/1.1 404
The requested content does not exist. Graphik-Regular-Web.woff
a3dvbdsuclassets.z19.web.core.windows.net//fonts/ 0
0 643ms
127ms Font
text/html 52.165.136.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a3dvbdsuclassets.z19.web.core.windows.net//fonts/Graphik-Regular-Web.woff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.136.37 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Type: text/html
Access-Control-Allow-Origin: *
x-ms-request-id: f9c69fc1-c01e-00e6-559e-978ae1000000
x-ms-version: 2018-03-28
Content-Length: 321

GET
H/1.1 404
The requested content does not exist. Graphik-Semibold-Web.woff2
a3dvbdsuclassets.z19.web.core.windows.net//fonts/ 0
0 122ms
122ms Font
text/html 52.165.136.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a3dvbdsuclassets.z19.web.core.windows.net//fonts/Graphik-Semibold-Web.woff2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.136.37 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Type: text/html
Access-Control-Allow-Origin: *
x-ms-request-id: 897b75cf-f01e-0066-189e-97294b000000
x-ms-version: 2018-03-28
Content-Length: 321

GET
H/1.1 404
The requested content does not exist. Graphik-Regular-Web.woff2
a3dvbdsuclassets.z19.web.core.windows.net//fonts/ 0
0 126ms
126ms Font
text/html 52.165.136.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a3dvbdsuclassets.z19.web.core.windows.net//fonts/Graphik-Regular-Web.woff2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.165.136.37 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://activate-qa.hrblock.com/
Origin: https://activate-qa.hrblock.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 16:26:20 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Type: text/html
Access-Control-Allow-Origin: *
x-ms-request-id: f9c6a019-c01e-00e6-279e-978ae1000000
x-ms-version: 2018-03-28
Content-Length: 321

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decibelinsight.net/i/13948/	1970-01-20 13:15:51	Name: da_lid Value: -9BF9863C9A73EA13198EBB99F7A9BA472D\|0\|0\|0
.decibelinsight.net/i/13948/	1970-01-20 04:30:17	Name: da_sid Value: A8CAB50F8E33AE888CDFAA13B5ABF04C9E\|3\|0\|3
.activate-qa.hrblock.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 8f22b602c34dc5441b03805bcb8a0f5916216a0e334fc26cf2323b3f90fd6343
.activate-qa.hrblock.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 8f22b602c34dc5441b03805bcb8a0f5916216a0e334fc26cf2323b3f90fd6343
.hrblock.com/	1970-01-22 00:18:15	Name: sat_track Value: true
.hrblock.com/	1969-12-31 23:59:59	Name: at_check Value: true
.hrblock.com/	1969-12-31 23:59:59	Name: _hrbc_fv Value: yes
.hrblock.com/	1970-01-20 05:13:27	Name: _mp_dbg Value: 460cc69a84b84aba9f672c3dc4f5714e
.demdex.net/	1970-01-20 08:49:27	Name: demdex Value: 21951082296572161431809889511316455931
.hrblock.com/	1969-12-31 23:59:59	Name: AMCVS_A78D3BC75245AD7C0A490D4D%40AdobeOrg Value: 1
.hrblock.com/	1970-01-20 22:01:27	Name: s_ecid Value: MCMID%7C15118720071815408661410660436110596982
.hrblock.com/	1970-01-20 22:02:54	Name: AMCV_A78D3BC75245AD7C0A490D4D%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19188%7CMCMID%7C15118720071815408661410660436110596982%7CMCAAMLH-1658420779%7C6%7CMCAAMB-1658420779%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1657823179s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.3.0
.app.link/	1970-01-20 13:15:51	Name: _s Value: iYtnhrbhxWokFe%2B%2FG0IU5O9JGP%2BZE1xL14lFrpKg5RO6cqaU6O1p9EXR0McvQCF2
.hrblock.com/	1970-01-20 22:04:20	Name: mbox Value: session#21b860426ea044f686841d02330e11d4#1657817840\|PC#21b860426ea044f686841d02330e11d4.37_0#1721060780
.hrblock.com/	1970-02-09 02:17:28	Name: _mpidl Value: %7B%22dId%22%3A%222e371b77-7801-4655-9b0d-b76b7d52f56c%22%2C%22mId%22%3A%22e3d6db87-6721-4ad9-b8d6-ae27f3096256%22%2C%22st%22%3A1%7D
activate-qa.hrblock.com/	1970-01-20 13:15:51	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Jul+14+2022+16%3A26%3A19+GMT%2B0000+(GMT)&version=6.10.0&hosts=&consentId=0047bbc3-735c-4d5d-8c0f-eff4dbbac07a&interactionCount=0&landingPath=https%3A%2F%2Factivate-qa.hrblock.com%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.doubleclick.net/	1970-01-20 13:51:51	Name: IDE Value: AHWqTUnbbebmUsmROUlCD7n2ysZPtmSWiYpRF3u5zX35smaYUDXZxjoG0z7GTeS1eJ8
.dpm.demdex.net/	1970-01-20 08:49:27	Name: dpm Value: 21951082296572161431809889511316455931
.quantserve.com/	1970-01-20 06:39:51	Name: d Value: EIIBDAHOJrmvYA
.quantserve.com/	1970-01-20 14:00:30	Name: mc Value: 62d043ab-b48bb-45947-43e06
.demdex.net/	1970-01-20 08:49:27	Name: dextp Value: 477-1-1657815979400\|771-1-1657815979501\|903-1-1657815979601\|1175-1-1657815979702\|22054-1-1657815979803
activate-qa.hrblock.com/	1970-01-20 13:15:51	Name: ai_user Value: Yc717\|2022-07-14T16:26:20.027Z
activate-qa.hrblock.com/	1970-01-20 04:30:17	Name: ai_session Value: Z+fcp\|1657815980165.8\|1657815980165.8
.tribalfusion.com/	1970-01-20 06:39:51	Name: ANON_ID Value: aAnrejqO2c9U2OqnvebIsIXMBcDAc5tkduyUsCEdWmnvLm3bEBXeD6T6FIWa5umaSDKj6QZam
orp-external-proxy-qa.hrblock.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity-A3Q0QAORPORP-EXTERNAL-PROXY-QACORS Value: b65dae1be52cdc9cb121562bfbbcb073
orp-external-proxy-qa.hrblock.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity-A3Q0QAORPORP-EXTERNAL-PROXY-QA Value: b65dae1be52cdc9cb121562bfbbcb073
.hrblock.com/	1970-01-20 04:30:17	Name: da_sid Value: A8CAB50F8E33AE888CDFAA13B5ABF04C9E\|3\|0\|3
.hrblock.com/	1970-01-20 13:15:51	Name: da_lid Value: 9BF9863C9A73EA13198EBB99F7A9BA472D\|0\|0\|0
.hrblock.com/	1970-01-20 04:30:17	Name: da_intState Value:

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=21951082296572161431809889511316455931 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://orp-external-proxy-qa.hrblock.com/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://a3dvbdsuclassets.z19.web.core.windows.net//fonts/Graphik-Semibold-Web.woff Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
network	error	URL: https://a3dvbdsuclassets.z19.web.core.windows.net//fonts/Graphik-Regular-Web.woff Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
network	error	URL: https://a3dvbdsuclassets.z19.web.core.windows.net//fonts/Graphik-Semibold-Web.woff2 Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
network	error	URL: https://a3dvbdsuclassets.z19.web.core.windows.net//fonts/Graphik-Regular-Web.woff2 Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a3dvbdsuclassets.z19.web.core.windows.net
activate-qa.hrblock.com
api2.branch.io
app.link
assets.adobedtm.com
cdn.branch.io
cdn.cookielaw.org
cm.g.doubleclick.net
collection.decibelinsight.net
dc.services.visualstudio.com
dpm.demdex.net
geolocation.onetrust.com
hrblock.demdex.net
hrblock.tt.omtrdc.net
idsync.rlcdn.com
jsonip.com
match.adsrvr.org
mp-hrbcomlnp.hrblock.com
orp-external-proxy-qa.hrblock.com
pixel.quantserve.com
s.tribalfusion.com
sdk.hrb.magicpixel.io
smetrics.hrblock.com
www.google.com
www.gstatic.com
13.69.106.212
142.250.185.162
143.204.89.46
15.188.95.229
15.197.170.101
18.193.139.53
20.84.251.161
20.98.172.92
2600:3c01::f03c:91ff:fe79:43b
2600:9000:2156:e400:11:f728:3040:93a1
2600:9000:2156:e400:19:9934:6a80:93a1
2606:4700:4400::6812:230b
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:80f::2004
2a00:1450:4001:831::2003
2a02:26f0:480:287::1e80
3.33.220.150
34.241.126.16
34.251.55.29
35.244.174.68
52.165.136.37
52.85.92.5
79.125.52.138
0187951d04f53506c0f20b574b2f907d5db143da9edd3f0fc9f7ff47e4f9a752
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
10dd44c3a6131ae933c8720a0371815b4b6b923804d9a22e3f8cca06fbc9629f
13b87315dd08cc7753a40d381c4d0043a369d957537c857a52dbc95fd39b5d1c
17d864cae737382059ad1d9c3e2a9122934cbbc19ecc572216e42b7dd817b40e
26216aae793119355eba38c5aeba1f94cb2b92ed3ee2c24d6215c89021440f26
29a76d3a230821ae61558574b11046ee570f958771c5095119099d60751a6c2e
3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc
3df8e1240f03417b9ea9abcacf772a98e03fbabeeb4ab84b7f834e055c33e7a7
3fb1506cd07cb5d7764111e0b4b9716f4dacfaf98f064c9dbc1ced6f2eb847aa
5b604c37ed4971fabd33c3a30cf5b8c862a237758cbea758f05897432c7c469e
62c8bdd618b1623f0228784d5199082101d802f99005e1c0dbbd84924d349600
6bf42904e41b0abc30692a10f51e44593dacbea433ba0dc4a911c0c8c35f06fa
6ca3dcad7d61e6227b67bf407f3bcc311a4d510105777e2f0b93e120f4e76048
6ea070232631acec5dad5a9d7d7acadfbf83efc6718cdb2a254cf2eccdfa7cff
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c00d3d7d0edda8d5399a49c32c7fc8a0359ff30bf2ddb8f9ba3cbdd183862c9
7e07970f6d667755ae7086a89387ad757c17486f6c1fe0c12ca1c76373570b52
80bc906fa4904e09666451f8ef1648c8a34809fe19ec2e01c98dfb50361a24e9
8cd72caa071dfa80742febdfc48abc5fd305210de5a96b696ce55b41a3bdd3b5
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df5d23dcc754ff5495fd49fbea0b8f4b0e7a381dc15de39e5b1a0cc5e66c711
91aef0048acc04b668d8683578755fdd50f7182af64ecbcf4722dcb7755bffe7
952315e0b774154f9d4d91cbf86425d327cea99fbdd9375a9b32492eae0aa1e7
98d88c9c14899a2617220b7f86f5c28268cd0767b5f7949555d56db54e3e1bac
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8
b63459016f3ada6a951befbc077d1589a21372648a7c37094b75418f5e9f486e
b694e7af08ac782fc0ef77178925cb24582fa4c06207982e54cf789835cda09a
b8582b996a563b823534b080e3b2f214cf2468fe4294476c9cbb0001f4774b35
cb0d53ed7effc8ff53848a67247208248d77e6fcf42954e3e1705c52dc3e691c
cb75e1654cc1d313b71545eaff9edae382bef894a01244d65e77badc566474f1
cbfec994c4f48d8850487986b14274c36092138bca955bd9fa59f004f3af074c
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4
d9a3fc2c2e5c195d3aa8d3c4c0872df032c64e200c31ad3a25761b056c3c3678
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e0c37585a3e1115c90636b9e8bd30c4f776762dba4d5f6e3309d1f6530311547
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52f32c138bcb2c7445f665e710f4cc43e0884c753a5873bda5f6eaf37ad78ff
e67a7e84d44211ff6f65014c5b7c9908299e82d9763a222fe692df73e2872148
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f99293cbcd7190cae001975d6c20e8524c69bd5951d0f3668a628aa19f44ce7e
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

activate-qa.hrblock.com Open in urlscan Pro 20.98.172.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

93 %HTTPS

40 %IPv6

20 Domains

26 Subdomains

23 IPs

5 Countries

3188 kBTransfer

8703 kBSize

29 Cookies

1 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

activate-qa.hrblock.com Open in urlscan Pro
20.98.172.92 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

93 %
HTTPS

40 %
IPv6

20
Domains

26
Subdomains

23
IPs

5
Countries

3188 kB
Transfer

8703 kB
Size

29
Cookies

56 HTTP transactions
1 data transactions