urlscan.io logo urlscan.io
SecurityTrails logo

community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com Open in urlscan Pro
52.40.15.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/
Effective URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Submission: On July 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 28 HTTP transactions. The main IP is 52.40.15.135, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 9th 2019. Valid for: a year.
This is the only time community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 52.40.15.135 16509 (AMAZON-02)
3 13.224.102.68 16509 (AMAZON-02)
4 18.195.42.228 16509 (AMAZON-02)
3 13.224.102.71 16509 (AMAZON-02)
1 2 34.247.192.223 16509 (AMAZON-02)
1 104.18.13.242 13335 (CLOUDFLAR...)
1 52.50.67.81 16509 (AMAZON-02)
1 184.28.112.237 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 172.217.23.162 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
28 15
2    52.40.15.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-15-135.us-west-2.compute.amazonaws.com
community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
3    13.224.102.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-68.zrh50.r.cloudfront.net
dqjghx1vau0u.cloudfront.net
4    18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
3    13.224.102.71 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-71.zrh50.r.cloudfront.net
d2gcv4sxt84gxu.cloudfront.net
2    34.247.192.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-192-223.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    104.18.13.242 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    52.50.67.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-67-81.eu-west-1.compute.amazonaws.com
turbotax.demdex.net
1    184.28.112.237 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-28-112-237.deploy.static.akamaitechnologies.com
lib.intuitcdn.net
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f2.1e100.net
www.googleadservices.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
4 www.facebook.com
4 nexus.ensighten.com community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
nexus.ensighten.com
3 connect.facebook.net nexus.ensighten.com
3 d2gcv4sxt84gxu.cloudfront.net community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
3 dqjghx1vau0u.cloudfront.net community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
2 www.google.de
2 googleads.g.doubleclick.net nexus.ensighten.com
2 dpm.demdex.net 1 redirects community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
2 community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com 1 redirects
1 www.googleadservices.com nexus.ensighten.com
1 www.googletagmanager.com nexus.ensighten.com
1 lib.intuitcdn.net nexus.ensighten.com
1 turbotax.demdex.net nexus.ensighten.com
1 cdn.resonate.com nexus.ensighten.com
28 14

This site contains links to these domains. Also see Links.

Domain
quickbooks.intuit.com
d3jg9injz3pyqf.cloudfront.net
security.intuit.com
Subject Issuer Validity Valid
*.community.intuit.ca
DigiCert SHA2 Secure Server CA		 2019-09-09 -
2020-12-05		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-05-26 -
2021-05-26		 a year crt.sh
lib.intuitcdn.net
GeoTrust RSA CA 2018		 2020-03-19 -
2021-06-18		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Frame ID: 6507E48BD51390A9D314ABFD42CED176
Requests: 28 HTTP requests in this frame

Frame: https://turbotax.demdex.net/dest5.html?d_nsid=1
Frame ID: BDFA1906E2B964410E58B63990FAD284
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/ HTTP 301
    https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

28
Requests

96 %
HTTPS

36 %
IPv6

12
Domains

14
Subdomains

15
IPs

4
Countries

691 kB
Transfer

2269 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/ HTTP 301
    https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=1&ts=1593641055153 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=1&ts=1593641055153

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request profile-ca-en
community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/
Redirect Chain
  • https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/
  • https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.15.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-15-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6f3c7a0946a760dd39488119681cda017e68af7d7e5673becd1eb328e326d6e1
Security Headers
Name Value
X-Frame-Options

Request headers

:method
GET
:authority
community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
:scheme
https
:path
/profile-ca-en
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_session_id=dGVxekRMeXdYWlZ4bGkzcC9lekxZbWFHYVV4QndPMXBHTWdnNkRNVlppa1RvcFBsSmp2dHIwYnQraDJaaitMcHFxblRHMSswZFdSRDlqMVlycWhnUUthWHhUR1g3aEdZd0VrczBwaFY4bFhTdDFEVmZ3MjZpdStWTGh4b1Q3cWVWdWQrRXc0MHc4VXVaLzV6MTBpWHp3PT0tLUxnMXRsa0ZYencyQU9FUEVxMncyK0E9PQ%3D%3D--f1aea816461ef4ccb48df106aebd60d7b5229466
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
410 410 Gone
date
Wed, 01 Jul 2020 22:04:14 GMT
content-type
text/html; charset=utf-8
x-frame-options
cache-control
no-cache
x-request-id
fa66724e-dcbf-4eb5-b227-87040d949eb7
x-runtime
0.010243
set-cookie
_session_id=U0Ivb0VLci9PV25aYjZoOVViMXZ1TS9YZzlNWU1tVS9XQTVTcklqUjNXQ1VDSzI2a0ZCSDA5K3EzOFlsSW82c3Y1SEtaVTFIVGZ3S2ZvU1FsamhIY25HcWRwOStyNUl0Y1lPRjkwalVQN2JlT3R0QjBCYjUzYVZkclBaS1JnQXNZTFJUVkNTOSt0VFNxamlDc3pURmlaN0trVyt3U0t3TmdoVTdrVHRqZzIwd2tJRTFVQ2p1b0NFa1Z5SnIyb1NCeEFLUEZGc1BFUmhFTlBwRUl2WkZqRDN6WUdPTkxHV1lOanNYTzNwQmhrST0tLXN4T0d4c3k0UTZqbXlaUmRGZFVxYmc9PQ%3D%3D--3072e95179bec2ea66fa490513d5dba72152044f; path=/; HttpOnly
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

status
301 301 Moved Permanently
date
Wed, 01 Jul 2020 22:04:14 GMT
content-type
text/html; charset=utf-8
location
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
x-frame-options
cache-control
no-cache
x-request-id
239c99e3-3da8-421a-8af9-2e9cad1acffe
x-runtime
0.016256
set-cookie
_session_id=dGVxekRMeXdYWlZ4bGkzcC9lekxZbWFHYVV4QndPMXBHTWdnNkRNVlppa1RvcFBsSmp2dHIwYnQraDJaaitMcHFxblRHMSswZFdSRDlqMVlycWhnUUthWHhUR1g3aEdZd0VrczBwaFY4bFhTdDFEVmZ3MjZpdStWTGh4b1Q3cWVWdWQrRXc0MHc4VXVaLzV6MTBpWHp3PT0tLUxnMXRsa0ZYencyQU9FUEVxMncyK0E9PQ%3D%3D--f1aea816461ef4ccb48df106aebd60d7b5229466; path=/; HttpOnly
vary
Accept-Encoding
content-encoding
gzip
ttlc_lithium-2846e6f92206a2492cf502d0e11fcd234b137d065e37e450bd6aad78e18f68fa.css
dqjghx1vau0u.cloudfront.net/assets/bs4/themes/ 		299 KB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dqjghx1vau0u.cloudfront.net/assets/bs4/themes/ttlc_lithium-2846e6f92206a2492cf502d0e11fcd234b137d065e37e450bd6aad78e18f68fa.css
Requested by
Host: community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-68.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4461a8df3994cc8b646cc66810baea064f60106e4a14e6de539d432de092f90a

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 01 Jul 2020 14:51:41 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 23 Jun 2020 22:59:25 GMT
Server
AmazonS3
Age
25955
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
Cache-Control
max-age=1314000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
fDIfwsO1Ppi6ChRM0ZplgObQ03LLA5iXm30Vc7Hmk9k6DPV61wrwjg==
Bootstrap.js
nexus.ensighten.com/turbotax/ttlc-prod/ 		422 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Requested by
Host: community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
130aad484d568467e575b58d370c0ea5376f190b29be23a17e289b38d76540df

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Jun 2020 21:56:51 GMT
server
nginx
etag
W/"5ee2a8a3-698d1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
original.png
d2gcv4sxt84gxu.cloudfront.net/uploads/logos/23/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/uploads/logos/23/original.png?1588186434
Requested by
Host: community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-71.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4741a96bb0a7803595bf551711850c1e67719cf100e19b6d01cf00fc749da559

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 01 Jul 2020 20:07:31 GMT
Via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 29 Apr 2020 18:53:56 GMT
Server
AmazonS3
Age
7005
ETag
"9e7fea1605f00bd8c6a1db3a15402a8f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Length
3551
X-Amz-Cf-Id
ibqQLX25zpwKbbVMBxKNSQpzF6EMAWQOfiC5bqJIiCvqCZQmDzwJXg==
Expires
Thu, 29 Apr 2021 00:17:37 GMT
original.png
d2gcv4sxt84gxu.cloudfront.net/uploads/logo_mobile/23/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/uploads/logo_mobile/23/original.png?1497554502
Requested by
Host: community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-71.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ccd9f96a2cbd80046731b28066fb86569cc2787f4ccc217f95795375b2c26ee

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 01 Jul 2020 22:04:16 GMT
Via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
Last-Modified
Thu, 15 Jun 2017 19:21:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ZRH50-C1
ETag
"1d6020a8c5929ca6603de9df7f15e878"
X-Cache
Miss from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3684
X-Amz-Cf-Id
ggs04x6gYsd_RPgH0bVGONTwWnunVEHLPc945nzWF4A8t8wj8Kypqw==
Expires
Tue, 12 Jun 2018 16:55:09 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=1&ts=1593641055153
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=1&ts=1593641055153
953 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=1&ts=1593641055153
Requested by
Host: community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-192-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ac781ef3503d15367812c17cdf5562cd4a0f08824efd6807a128df3acb0ed9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v074-071f255bf.edge-irl1.demdex.com 5.73.2.20200611122118 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
SywkR5b0Quw=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
518
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
X-TID
GUrKfpgWTyc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=1&ts=1593641055153
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
original.jpg
d2gcv4sxt84gxu.cloudfront.net/uploads/welcome_banners/66/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/uploads/welcome_banners/66/original.jpg?1508268133
Requested by
Host: community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-71.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb8f0087e27b6c9644e4ce01426f27e3397acbc6c264ae5debc0d39e8dc417a9

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 01 Jul 2020 22:04:16 GMT
Via
1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
Last-Modified
Tue, 17 Oct 2017 19:22:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ZRH50-C1
ETag
"8451317dfb5c9f85bbb4a73a2331a1b9"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63217
X-Amz-Cf-Id
jCT0e5iEc__6MRd2lhWm863KPoTL23BUQjCvPop03jsWFmW2nrfzPg==
Expires
Fri, 12 Oct 2018 03:24:30 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f104a65314b7b2852297f06b83269afeee3d8c58da1e04ff994574be632b2b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AvenirLT-Light-d8b3711c52fb39a1313238eef08511f5a8362eae67a2738d8eb5f68e5c6bcec3.woff
dqjghx1vau0u.cloudfront.net/assets/Avenir/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dqjghx1vau0u.cloudfront.net/assets/Avenir/AvenirLT-Light-d8b3711c52fb39a1313238eef08511f5a8362eae67a2738d8eb5f68e5c6bcec3.woff
Requested by
Host: community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-68.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8b3711c52fb39a1313238eef08511f5a8362eae67a2738d8eb5f68e5c6bcec3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dqjghx1vau0u.cloudfront.net/assets/bs4/themes/ttlc_lithium-2846e6f92206a2492cf502d0e11fcd234b137d065e37e450bd6aad78e18f68fa.css
Origin
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com

Response headers

Date
Wed, 01 Jul 2020 20:07:31 GMT
Via
1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
7005
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
23937
Last-Modified
Tue, 23 Jun 2020 23:02:57 GMT
Server
AmazonS3
ETag
"693c005640feb86d03d82ae90177ec71"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=1314000
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
1FflYMb2ug8NH1eW2eMeJOGnh0YQ--423ar08EPOpc-kxw36SkWP5Q==
AvenirLT-Roman-6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424.woff
dqjghx1vau0u.cloudfront.net/assets/Avenir/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dqjghx1vau0u.cloudfront.net/assets/Avenir/AvenirLT-Roman-6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424.woff
Requested by
Host: community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
URL: https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-68.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dqjghx1vau0u.cloudfront.net/assets/bs4/themes/ttlc_lithium-2846e6f92206a2492cf502d0e11fcd234b137d065e37e450bd6aad78e18f68fa.css
Origin
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com

Response headers

Date
Wed, 01 Jul 2020 22:04:16 GMT
Via
1.1 01ec1718bcc130455b377ec6b38ad50d.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop
ZRH50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
22878
Last-Modified
Wed, 01 Jul 2020 21:23:43 GMT
Server
AmazonS3
ETag
"5c03aacd879127e5f200ca7fdc2816cc"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=1314000
Accept-Ranges
bytes
X-Amz-Cf-Id
JZmpLAnUB3KnQxCG8ggmkW028HOJrO8zjXkRw5ybpudv0gUISciPyw==
serverComponent.php
nexus.ensighten.com/turbotax/ttlc-prod/ 		326 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/turbotax/ttlc-prod/serverComponent.php?r=415.18034864390876&ClientID=1716&PageID=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d171a162983cfd5a49384fab0e5d49815a3aec3ca5999e5b3a359c34bf82d48c

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 01 Jul 2020 22:04:15 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
326
expires
Wed, 01 Jul 2020 22:04:14 GMT
44732c46f9a234f3db8a01248e8d31d0.js
nexus.ensighten.com/turbotax/ttlc-prod/code/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/turbotax/ttlc-prod/code/44732c46f9a234f3db8a01248e8d31d0.js?conditionId0=423208
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ea458b621693f4d5cad63ee9193ba31d8a0adb62474b87a1750270eeb81abf8c

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:15 GMT
content-encoding
gzip
last-modified
Thu, 11 Jun 2020 21:56:51 GMT
server
nginx
etag
W/"5ee2a8a3-f43e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
analytics.min.js
cdn.resonate.com/analytics.js/v1/101063599/ 		0
203 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/101063599/analytics.min.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
204
strict-transport-security
max-age=15552000
cf-ray
5ac36bf41aaaee13-CDG
cf-request-id
03ae01cc900000ee1358984200000001
Cookie set dest5.html
turbotax.demdex.net/ Frame BDFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://turbotax.demdex.net/dest5.html?d_nsid=1
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.67.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-67-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
turbotax.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=90256576496860704141758204060126909837
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Fri, 26 Jun 2020 16:41:12 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=90256576496860704141758204060126909837;Path=/;Domain=.demdex.net;Expires=Mon, 28-Dec-2020 22:04:15 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
bELNMS4bTl4=
Content-Length
2785
Connection
keep-alive
visitorapi.min.js
lib.intuitcdn.net/libs/adobe/visitorapi/4.4.0/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.intuitcdn.net/libs/adobe/visitorapi/4.4.0/visitorapi.min.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.112.237 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-28-112-237.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
97f1586ac4736e3054ea8b3bd8ad046a0ad085f586553bc69e4af5eb825af987

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
X.BRxU0zq6qst5hRy30G2.UDg8NyaJDH
content-encoding
br
etag
"09b2d3ac69c5528ae67694eeec323175"
x-amz-request-id
031D69EAA1DA7D37
status
200
x-amz-replication-status
COMPLETED
content-length
18114
x-amz-id-2
LvTAE6tW1NgljQSwcW6resjg+h2VVDeBzd7seMcrYK+720x4qvli68ReTlQE3lLwSNoUILgMH8k=
last-modified
Thu, 20 Feb 2020 13:23:06 GMT
server
Akamai Resource Optimizer
date
Wed, 01 Jul 2020 22:04:16 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=9950851
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, DNT
expires
Sun, 25 Oct 2020 02:11:47 GMT
js
www.googletagmanager.com/gtag/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-939634537
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17b4df640c40ac4abd2d94b308e66b495b85b9e2ae371c384bb046e673482840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:16 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33694
x-xss-protection
0
last-modified
Wed, 01 Jul 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Jul 2020 22:04:16 GMT
fbevents.js
connect.facebook.net/en_US/ 		133 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34036
x-xss-protection
0
pragma
public
x-fb-debug
H7JDa5hAOG2rAVunwLag1FFeiIhn0IdRZZep/mm4/i7Dnd/4/9VCEjfGA1PlGtQcNtahBpEm/sdLMeWZfPNyUA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 01 Jul 2020 22:04:16 GMT, Wed, 01 Jul 2020 22:04:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
6d7477548d212c307b2637c64c2e504e65f5ca9d3b77a8ac3616afff75a8b96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11096
x-xss-protection
0
server
cafe
etag
10053623745966112319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Jul 2020 22:04:16 GMT
731603736930725
connect.facebook.net/signals/config/ 		521 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/731603736930725?v=2.9.21&r=stable
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
49130e59a158fe6eff3e142dbe539c08d2a1170bf53a8001c3c0199dcbca9207
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134479
x-xss-protection
0
pragma
public
x-fb-debug
gjJ3C6Lproz+fuTMCFDkByYXe+kgW1Fy/YJ2aqvTGa/J2QqM7hxLOrwNqG/nSe3SZO1IMzcrsgxR1SFSiXtY0w==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 01 Jul 2020 22:04:16 GMT, Wed, 01 Jul 2020 22:04:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
897642630315195
connect.facebook.net/signals/config/ 		521 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/897642630315195?v=2.9.21&r=stable
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d74e38cfaeda8da5b525af70ed19834d20de1c1920b90cb540f4b01fd8c606c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134458
x-xss-protection
0
pragma
public
x-fb-debug
ZPh0SDZ4ZAE4HiHM5a8mqtcGW/rT6ETGwpN2iRr4Oj48FF5n2VRO9tdgg7BhJ8bfga4szUKvt4UsTOXZQBuBLQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 01 Jul 2020 22:04:16 GMT, Wed, 01 Jul 2020 22:04:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=731603736930725&ev=PageView&dl=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en&rl=&if=false&ts=1593641056402&cd[aam_aud]=&cd[aam_aud2]=&sw=1600&sh=1200&v=2.9.21&r=stable&ec=0&o=30&fbp=fb.1.1593641056401.1524687685&it=1593641056320&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:16 GMT, Wed, 01 Jul 2020 22:04:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 01 Jul 2020 22:04:16 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=897642630315195&ev=PageView&dl=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en&rl=&if=false&ts=1593641056404&cd[aam_aud]=&cd[aam_aud2]=&sw=1600&sh=1200&v=2.9.21&r=stable&ec=0&o=30&fbp=fb.1.1593641056401.1524687685&it=1593641056320&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:16 GMT, Wed, 01 Jul 2020 22:04:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 01 Jul 2020 22:04:16 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?random=1593641056421&cv=9&fst=1593641056421&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6o0&sendb=1&ig=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_src%3Dweb%3Bxintuit_env%3Dprd%3Btyseason%3Dty19%3Bdatekey%3D20200702%3Bu33%3D%3Bu34%3D&frm=0&url=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en&tiba=ProFile%20Tax&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
532a3a56b61eea30147518ce5f5fd7bb4fb86e8353e84a5da8c7d2049770778f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jul 2020 22:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?random=1593641056424&cv=9&fst=1593641056424&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en&tiba=ProFile%20Tax&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/turbotax/ttlc-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e6d77f8f5143715346483c0cc46deadb4f9155c72cc5a13f6d76c1b3ae6143d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jul 2020 22:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/939634537/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/939634537/?random=1593641056421&cv=9&fst=1593640800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6o0&sendb=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_src%3Dweb%3Bxintuit_env%3Dprd%3Btyseason%3Dty19%3Bdatekey%3D20200702%3Bu33%3D%3Bu34%3D&frm=0&url=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en&tiba=ProFile%20Tax&async=1&fmt=3&is_vtc=1&random=3721437277&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jul 2020 22:04:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/939634537/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/939634537/?random=1593641056424&cv=9&fst=1593640800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en&tiba=ProFile%20Tax&async=1&fmt=3&is_vtc=1&random=3614732727&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jul 2020 22:04:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.gif
nexus.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/privacy/v1/b/1.gif?n=0&c=1716&i=6052mx&p=ttlc-prod&d=N4IgbgpgTgzglgewHYgFwgIwDoAMuQA0IA5gIYAuEA7qQJ5ogBMWAzFowOwBshIAxgBs4EJOQCSAEzQYOGLkQAOAVwBGQmAAsAChQ0Ny5AXwC0CqAilE4SGOVJI+ESQy44ArIwC2AD14LSfADWEORoOESeFhAMVBpwlOqhRHwICIHCMGjAAL5EImBw5kieIqHoACrlADIAwrxQEACOShC2magA2qASreTWFIgo6BoGCjCoAPQTVDNYxKnEAiGkxJ72K9BYKZ4TxHbEEwBWMAD8cBIAvACCAOrGAJws91wsACxuLBy85LQK0egwPhQOAKJIgWykKBlDBuR5cV4YdxcTgADjySCkqBhcIRSJYGFeRBgCCUUEcDGsMGg5AAQhAAGYIBq8CHkJTtEACBCkSwgBqkYk2NAdAC6RAkFFIOgM0CFnTFnLgtmFCvO0lhLHhiLcyI4KNy3V6-T6yAYI3IY0mExSSCQED45Cw9ICEBUqUCWDt5AmIgA+gBVADKE3pKggkFEMCwx2+v3+4KBILBEKh6px2uRKPCIBEmOxmtxOvxhPBJLJ8c8SjsJqQAHkVFSoJAoFcWdX2QwuTz6hABch2qLxZLpZQoHLB4rlfKrHmNVqkYwswaQD1bMbBmbRuMpja7Q6nS63WlPSEfUgA8HQ+HSlGY0Qfn8GIDgaC25DoXPC7r7ujZ+m8YwGBEmW5LoJS1J0oyzJEu2HJdry-KCgOCoSnYI6yshRCJCqM5pgWGacPcy6rn0SADKawxblau72o6zqOEeHpehM8DEGRAgwNayD0nABwcPirifJqjw4BwjBuCcYAXMw9zsBgABkUAXBCajRPecZPomr4we+eHzkWjDZrmelfpqHDAaSoEgOBUKQUyangrBnbcghvZIThK7DhQo7jgq2HTtZf74QBODEUaZE1puFrblxtq0QeDHuie3qsexnE2jxfECTgQlcCJYkSVJMlyYpyl2KpsaPgCWnJnYqZYp+GYsIBv4mU1XDmaWlkVlW5F1g20DNq2OlsnBLk9n2vlDmh3kYR5-kTmqDX-gZGBhWuEUbpR0XUcge50YeSXMalpAcbFmUTCi9zcK8jAvDlMIYPchXSVgsmAaVKlLJV8bPkmb71fm+kvFw8g5hibVIq8OAlsS3UUjYEEMvZb6jc53ZEIh-YeahUqzWOmGTmUi1BcDmpcOtpF9VFlo7nt8X0a6R2nidZ0Zbxl3XfCd0sA9bhPS9xUfUpX0OQ+v01QDH4rSDnXGctwU6tDsMgT11aDPWjZDajHboPBE3uQFuPoQT81KsTqqk6ZHWU+uFEgOatPTLM8wIIsvYSFrcCOFG2wTP4xAe7FzbwMgvoCrQDjRpk6lVQmL61bpCtkxgQHg1bGa3W4Fnlgjja0sj0GORQuucuNmNudjRteTKpsBQtluQ0Wqe25t9uOzFMxUHMCxLDyXs+1sCA7AHQc2iHgzhzAkd8NHP2aQnUtNy8BKtcnX5ZznVmVuryCa4N0DDcXaN6+XfKV1NnkzbXl8N7h69NQS2QitkQA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 01 Jul 2020 22:04:17 GMT
cache-control
no-cache, no-store
server
nginx
expires
Wed, 01 Jul 2020 22:04:16 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=731603736930725&ev=Microdata&dl=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en&rl=&if=false&ts=1593641057905&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ProFile%20Tax%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.21&r=stable&ec=1&o=30&fbp=fb.1.1593641056401.1524687685&it=1593641056320&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:17 GMT, Wed, 01 Jul 2020 22:04:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 01 Jul 2020 22:04:17 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=897642630315195&ev=Microdata&dl=https%3A%2F%2Fcommunity-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com%2Fprofile-ca-en&rl=&if=false&ts=1593641057907&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ProFile%20Tax%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.21&r=stable&ec=1&o=30&fbp=fb.1.1593641056401.1524687685&it=1593641056320&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/profile-ca-en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 22:04:17 GMT, Wed, 01 Jul 2020 22:04:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 01 Jul 2020 22:04:17 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ensBootstraps object| Bootstrapper object| ensClientConfig string| tag object| ensLogger boolean| ensBrowserSupported object| testElements object| gateway string| tagName object| aamQueue object| AAMProvider object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor function| handleKeyCancel function| handleKeySave function| saveCookies function| handleTabFocus object| resonateAnalytics string| category object| dataLayer function| gtag function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| e function| DIL

5 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 477-1-1593641055576|771-1-1593641055677|30646-1-1593641055777|57282-1-1593641055878
.demdex.net/ Name: demdex
Value: 90256576496860704141758204060126909837
.intuit.com/ Name: AMCV_969430F0543F253D0A4C98C6%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C18445%7CMCMID%7C90107994887415337871741552672934541656%7CMCAAMLH-1594245855%7C6%7CMCAAMB-1594245855%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1593648255s%7CNONE%7CvVersion%7C4.3.0
.intuit.com/ Name: AMCVS_969430F0543F253D0A4C98C6%40AdobeOrg
Value: 1
community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com/ Name: _session_id
Value: U0Ivb0VLci9PV25aYjZoOVViMXZ1TS9YZzlNWU1tVS9XQTVTcklqUjNXQ1VDSzI2a0ZCSDA5K3EzOFlsSW82c3Y1SEtaVTFIVGZ3S2ZvU1FsamhIY25HcWRwOStyNUl0Y1lPRjkwalVQN2JlT3R0QjBCYjUzYVZkclBaS1JnQXNZTFJUVkNTOSt0VFNxamlDc3pURmlaN0trVyt3U0t3TmdoVTdrVHRqZzIwd2tJRTFVQ2p1b0NFa1Z5SnIyb1NCeEFLUEZGc1BFUmhFTlBwRUl2WkZqRDN6WUdPTkxHV1lOanNYTzNwQmhrST0tLXN4T0d4c3k0UTZqbXlaUmRGZFVxYmc9PQ%3D%3D--3072e95179bec2ea66fa490513d5dba72152044f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.resonate.com
community-23.pod-2-prod-2.lc-shared-production.lc.a.intuit.com
connect.facebook.net
d2gcv4sxt84gxu.cloudfront.net
dpm.demdex.net
dqjghx1vau0u.cloudfront.net
googleads.g.doubleclick.net
lib.intuitcdn.net
nexus.ensighten.com
turbotax.demdex.net
www.facebook.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.18.13.242
13.224.102.68
13.224.102.71
172.217.23.162
18.195.42.228
184.28.112.237
2a00:1450:4001:806::2008
2a00:1450:4001:818::2003
2a00:1450:4001:819::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.247.192.223
52.40.15.135
52.50.67.81
0ccd9f96a2cbd80046731b28066fb86569cc2787f4ccc217f95795375b2c26ee
0f104a65314b7b2852297f06b83269afeee3d8c58da1e04ff994574be632b2b2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
130aad484d568467e575b58d370c0ea5376f190b29be23a17e289b38d76540df
17b4df640c40ac4abd2d94b308e66b495b85b9e2ae371c384bb046e673482840
3d74e38cfaeda8da5b525af70ed19834d20de1c1920b90cb540f4b01fd8c606c
4461a8df3994cc8b646cc66810baea064f60106e4a14e6de539d432de092f90a
4741a96bb0a7803595bf551711850c1e67719cf100e19b6d01cf00fc749da559
49130e59a158fe6eff3e142dbe539c08d2a1170bf53a8001c3c0199dcbca9207
4e6d77f8f5143715346483c0cc46deadb4f9155c72cc5a13f6d76c1b3ae6143d
532a3a56b61eea30147518ce5f5fd7bb4fb86e8353e84a5da8c7d2049770778f
6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424
6d7477548d212c307b2637c64c2e504e65f5ca9d3b77a8ac3616afff75a8b96e
6f3c7a0946a760dd39488119681cda017e68af7d7e5673becd1eb328e326d6e1
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
97f1586ac4736e3054ea8b3bd8ad046a0ad085f586553bc69e4af5eb825af987
ac781ef3503d15367812c17cdf5562cd4a0f08824efd6807a128df3acb0ed9ba
bb8f0087e27b6c9644e4ce01426f27e3397acbc6c264ae5debc0d39e8dc417a9
d171a162983cfd5a49384fab0e5d49815a3aec3ca5999e5b3a359c34bf82d48c
d8b3711c52fb39a1313238eef08511f5a8362eae67a2738d8eb5f68e5c6bcec3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea458b621693f4d5cad63ee9193ba31d8a0adb62474b87a1750270eeb81abf8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629