ttlc.intuit.com Open in urlscan Pro
2a02:26f0:7100:18d::42e9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGnPghIzer1zfG6IdIgpzd1jDm1LLszdS4WErrySc2GzadORNs4tzgqtavS8HRO...
Effective URL:
https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i...
Submission Tags: falconsandbox
Submission: On April 02 via api (April 2nd 2021, 11:02:38 pm UTC) from US

Summary HTTP 153 Redirects Links 93 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 27 domains to perform 153 HTTP transactions. The main IP is 2a02:26f0:7100:18d::42e9, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is ttlc.intuit.com.
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on August 14th 2020. Valid for: a year.

This is the only time ttlc.intuit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	12.130.158.196 12.130.158.196	21621 (RESPONSYS-2) (RESPONSYS-2)
1 32	2a02:26f0:710... 2a02:26f0:7100:18d::42e9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:211... 2600:9000:211e:4800:9:618e:3dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
11	23.79.129.43 23.79.129.43	16625 (AKAMAI-AS) (AKAMAI-AS)
16	13.226.159.72 13.226.159.72	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:286::2682	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.13.165.209 52.13.165.209	16509 (AMAZON-02) (AMAZON-02)
2	99.86.3.92 99.86.3.92	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.28.237.213 52.28.237.213	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 7	52.30.135.179 52.30.135.179	16509 (AMAZON-02) (AMAZON-02)
1	99.86.3.42 99.86.3.42	16509 (AMAZON-02) (AMAZON-02)
6	54.186.57.15 54.186.57.15	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:710... 2a02:26f0:7100:180::1d6c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	52.17.73.77 52.17.73.77	16509 (AMAZON-02) (AMAZON-02)
1 4	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:7e00:7:f1a3:af00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	52.39.211.108 52.39.211.108	16509 (AMAZON-02) (AMAZON-02)
4	44.235.9.37 44.235.9.37	16509 (AMAZON-02) (AMAZON-02)
1	44.237.0.165 44.237.0.165	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2 2	35.158.49.68 35.158.49.68	16509 (AMAZON-02) (AMAZON-02)
2	44.236.215.203 44.236.215.203	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	104.18.8.110 104.18.8.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	13.226.159.54 13.226.159.54	16509 (AMAZON-02) (AMAZON-02)
2	162.247.243.147 162.247.243.147	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	104.111.224.118 104.111.224.118	16625 (AKAMAI-AS) (AKAMAI-AS)
10	54.69.245.133 54.69.245.133	16509 (AMAZON-02) (AMAZON-02)
2	104.111.247.16 104.111.247.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2.16.186.75 2.16.186.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.14.92.57 23.14.92.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:64:... 2a02:26f0:64::210:6a62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
153	41

1 12.130.158.196 (United States) 1 redirects

ASN21621 (RESPONSYS-2, US)
PTR: e.turbotax.intuit.com

e.turbotax.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a02:26f0:7100:18d::42e9 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

ttlc.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4800:9:618e:3dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.websdk.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.79.129.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-129-43.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.226.159.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-72.dus51.r.cloudfront.net

master.reactcomponents.lc.a.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:286::2682 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s2.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.13.165.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-165-209.us-west-2.compute.amazonaws.com

shtaxonomyservice.api.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shcontentservice.api.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.3.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-92.fra6.r.cloudfront.net

uxfabric.intuitcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.237.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-237-213.eu-central-1.compute.amazonaws.com

collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.30.135.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-42.fra6.r.cloudfront.net

segment.intuitcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.186.57.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-57-15.us-west-2.compute.amazonaws.com

experimentation.us.api.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:180::1d6c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

turbotax.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.73.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-73-77.eu-west-1.compute.amazonaws.com

turbotax.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.181.18.61 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

sci.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7e00:7:f1a3:af00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.sjwoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.39.211.108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-211-108.us-west-2.compute.amazonaws.com

live-community.platform.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.235.9.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-9-37.us-west-2.compute.amazonaws.com

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.0.165 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-0-165.us-west-2.compute.amazonaws.com

shcontentservice.api.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.49.68 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-49-68.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.236.215.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-215-203.us-west-2.compute.amazonaws.com

trinity.platform.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.110 (United States)

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-54.dus51.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.224.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-118.deploy.static.akamaitechnologies.com

assets.intuitcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.69.245.133 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-245-133.us-west-2.compute.amazonaws.com

shdynamicads.api.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logging.api.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.247.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-16.deploy.static.akamaitechnologies.com

digitalasset.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.75 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-75.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.14.92.57 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-14-92-57.deploy.static.akamaitechnologies.com

kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::210:6a62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

684dd307.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	intuit.com 3 redirects e.turbotax.intuit.com ttlc.intuit.com cdn.websdk.intuit.com master.reactcomponents.lc.a.intuit.com shtaxonomyservice.api.intuit.com experimentation.us.api.intuit.com turbotax.intuit.com sci.intuit.com live-community.platform.intuit.com shcontentservice.api.intuit.com trinity.platform.intuit.com shdynamicads.api.intuit.com digitalasset.intuit.com logging.api.intuit.com	2 MB
11	tiqcdn.com tags.tiqcdn.com	84 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	10 KB
9	demdex.net 1 redirects dpm.demdex.net turbotax.demdex.net	12 KB
8	google.de www.google.de	1 KB
8	google.com 2 redirects www.google.com	2 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net	1 KB
4	facebook.com www.facebook.com	418 B
4	eum-appdynamics.com col.eum-appdynamics.com	2 KB
4	facebook.net connect.facebook.net	168 KB
4	intuitcdn.net uxfabric.intuitcdn.net segment.intuitcdn.net assets.intuitcdn.net	94 KB
3	googletagmanager.com www.googletagmanager.com	70 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	802 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	go-mpulse.net s2.go-mpulse.net c.go-mpulse.net	52 KB
1	akstat.io 684dd307.akstat.io	356 B
1	appdynamics.com cdn.appdynamics.com	19 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	reson8.com ds.reson8.com	204 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	887 B
1	bing.com 1 redirects c.bing.com	389 B
1	googleadservices.com www.googleadservices.com	14 KB
1	sjwoe.com www.sjwoe.com	415 B
1	tealiumiq.com collect.tealiumiq.com	511 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
1	googleapis.com ajax.googleapis.com	33 KB
153	27

	Domain	Requested by
32	ttlc.intuit.com	1 redirects ttlc.intuit.com s2.go-mpulse.net
16	master.reactcomponents.lc.a.intuit.com	ttlc.intuit.com master.reactcomponents.lc.a.intuit.com
11	tags.tiqcdn.com	ttlc.intuit.com tags.tiqcdn.com
8	logging.api.intuit.com	ttlc.intuit.com
8	www.google.de	ttlc.intuit.com
8	www.google.com	2 redirects ttlc.intuit.com
8	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
7	dpm.demdex.net	1 redirects ttlc.intuit.com
6	experimentation.us.api.intuit.com	ttlc.intuit.com
4	www.facebook.com	ttlc.intuit.com connect.facebook.net
4	col.eum-appdynamics.com	ttlc.intuit.com
4	sci.intuit.com	1 redirects ttlc.intuit.com
4	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
3	turbotax.intuit.com	tags.tiqcdn.com ttlc.intuit.com
3	www.googletagmanager.com	ttlc.intuit.com tags.tiqcdn.com www.googletagmanager.com
2	digitalasset.intuit.com
2	shdynamicads.api.intuit.com	ttlc.intuit.com
2	bam-cell.nr-data.net	js-agent.newrelic.com ttlc.intuit.com
2	idsync.rlcdn.com	2 redirects
2	trinity.platform.intuit.com	ttlc.intuit.com
2	pm.w55c.net	2 redirects
2	shcontentservice.api.intuit.com	ttlc.intuit.com
2	live-community.platform.intuit.com	ttlc.intuit.com
2	turbotax.demdex.net	tags.tiqcdn.com ttlc.intuit.com
2	uxfabric.intuitcdn.net	ttlc.intuit.com uxfabric.intuitcdn.net
2	shtaxonomyservice.api.intuit.com	ttlc.intuit.com
1	684dd307.akstat.io	s2.go-mpulse.net
1	fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	assets.intuitcdn.net	ttlc.intuit.com
1	cdn.appdynamics.com	ttlc.intuit.com
1	js-agent.newrelic.com	ttlc.intuit.com
1	ds.reson8.com	ttlc.intuit.com
1	cms.analytics.yahoo.com	1 redirects
1	c.bing.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.sjwoe.com	ttlc.intuit.com
1	segment.intuitcdn.net	ttlc.intuit.com
1	collect.tealiumiq.com	ttlc.intuit.com
1	c.go-mpulse.net	s2.go-mpulse.net
1	s2.go-mpulse.net	ttlc.intuit.com
1	maxcdn.bootstrapcdn.com	ttlc.intuit.com
1	ajax.googleapis.com	ttlc.intuit.com
1	cdn.websdk.intuit.com	ttlc.intuit.com
1	e.turbotax.intuit.com	1 redirects
153	48

This site contains links to these domains. Also see Links.

Domain
turbotax.intuit.com
accounts-tax.intuit.com
blog.turbotax.intuit.com
support.turbotax.intuit.com
myturbotax.intuit.com
shopping.turbotax.intuit.com
shop.turbotax.intuit.com
share.turbotax.intuit.com
intuittaxandfinancialcenter.com
turbotax.intuit.ca
turbo.intuit.com
www.mint.com
quickbooks.intuit.com
payroll.intuit.com
proconnect.intuit.com
www.intuit.com
security.intuit.com

Subject Issuer	Validity	Valid
ttlc.intuit.com DigiCert Secure Site ECC CA-1	`2020-08-14` - `2021-11-13`	a year	crt.sh
*.websdk.intuit.com DigiCert SHA2 Secure Server CA	`2020-07-30` - `2021-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.lc.a.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-01` - `2021-12-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
s2.go-mpulse.net R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
*.sbfinance.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-16` - `2022-03-21`	a year	crt.sh
uxfabric.intuitcdn.net DigiCert SHA2 Secure Server CA	`2020-08-18` - `2021-11-15`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
segment.intuitcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-04` - `2021-11-08`	a year	crt.sh
experimentation.us.api.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-06` - `2021-12-14`	a year	crt.sh
turbotax.intuit.com DigiCert SHA2 Extended Validation Server CA	`2020-06-30` - `2021-06-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
sci.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-18` - `2021-12-19`	a year	crt.sh
www.sjwoe.com Amazon	`2021-02-12` - `2022-03-13`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.prod.push.a.intuit.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-11-23`	a year	crt.sh
*.eum-appdynamics.com DigiCert SHA2 Secure Server CA	`2020-05-10` - `2021-07-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
trinity.platform.intuit.com DigiCert SHA2 Secure Server CA	`2020-07-28` - `2021-08-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.appdynamics.com DigiCert SHA2 Secure Server CA	`2020-05-17` - `2021-07-22`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.intuitcdn.net DigiCert SHA2 Secure Server CA	`2020-02-11` - `2021-05-12`	a year	crt.sh
*.intuit.ca DigiCert TLS RSA SHA256 2020 CA1	`2021-02-01` - `2022-02-08`	a year	crt.sh
digitalasset.intuit.com DigiCert SHA2 Secure Server CA	`2020-09-11` - `2021-09-22`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Frame ID: F18600A9E9E5F4DC5687959831523F80
Requests: 133 HTTP requests in this frame

Frame: https://s2.go-mpulse.net/boomerang/DDQ82-KFSJD-QETP5-X7HFM-YQSHT
Frame ID: 6E519DAD42A08FFAA727175BA80948B4
Requests: 4 HTTP requests in this frame

Frame: https://turbotax.demdex.net/dest5.html?d_nsid=0
Frame ID: AC8A6D961032DB6AF16D41E42FC1E11E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGnPghIzer1zfG6IdIgpzd1jDm1LLszdS4WErrySc2G... HTTP 302
https://ttlc.intuit.com/questions/2579942-i-received-a-turbotax-email-or-text-message-addressed-to-a... HTTP 301
https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addresse... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

153
Requests

100 %
HTTPS

42 %
IPv6

27
Domains

48
Subdomains

41
IPs

5
Countries

2641 kB
Transfer

8810 kB
Size

24
Cookies

93 Outgoing links

These are links going to different origins than the main page.

URL: https://turbotax.intuit.com/
Title: Go to TurboTax

Search URL Search Domain Scan URL

URL: https://accounts-tax.intuit.com/signup.html?offering_id=Intuit.cto.lc.ttlc&redirect_url=https%3A%2F%2Fidfedprdpf.intuit.com%2Fidp%2FstartSSO.ping%3FPartnerSpId%3Dturbotaxcommunity.com&referer=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&locale=en-us
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-tools/
Title: Tax Tools

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/
Title: TurboTax Live

Search URL Search Domain Scan URL

URL: https://blog.turbotax.intuit.com/
Title: TurboTax Blog

Search URL Search Domain Scan URL

URL: https://support.turbotax.intuit.com/contact
Title: contact us

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/corp/guarantees/
Title: TurboTax guarantees

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/best-tax-software/secure-online-tax-prep/
Title: TurboTax security and fraud protection

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/irs-forms/
Title: Tax forms included with TurboTax

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/en-espanol/
Title: TurboTax en español

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/self-employment-taxes/
Title: Self-Employed tax center

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-expert-network/
Title: Tax Expert Network

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-reform/
Title: Tax reform center

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/refund-advance
Title: Tax Refund Advance

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/e-file-taxes/
Title: E-file taxes online

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/coronavirus/
Title: Coronavirus and your taxes

Search URL Search Domain Scan URL

URL: https://blog.turbotax.intuit.com/self-employed-coronavirus-relief-center/
Title: Self Employed COVID-19 Relief

Search URL Search Domain Scan URL

URL: https://blog.turbotax.intuit.com/unemployment-benefits/
Title: Unemployment Benefits and Taxes

Search URL Search Domain Scan URL

URL: https://myturbotax.intuit.com/
Title: TurboTax login

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/compare/online/
Title: Compare TurboTax products

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/free-edition.jsp
Title: Free Edition tax filing

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/deluxe.jsp
Title: Deluxe to maximize tax deductions

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/premier.jsp
Title: Premier investment & rental property taxes

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/self-employed.jsp
Title: Self-employed taxes

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/military-edition.jsp
Title: Military tax filing discount

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works.htm
Title: How TurboTax Live Works

Search URL Search Domain Scan URL

URL: https://shopping.turbotax.intuit.com/app/downloads/
Title: TurboTax CD/download login

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/compare/desktop/
Title: Compare CD/download products

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/cd-download/
Title: All CD/download products

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/cd-download/order-status/
Title: Check order status

Search URL Search Domain Scan URL

URL: https://shop.turbotax.intuit.com/advantage/
Title: TurboTax Advantage Program

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/small-business-taxes/
Title: TurboTax Business for corps

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/past-years-products/
Title: Products for previous tax years

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/mobile/
Title: All TurboTax mobile. apps

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/mobile-apps/turbotax.jsp
Title: Official TurboTax mobile app

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-tools/calculators/taxcaster/
Title: TaxCaster refund estimate app

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/itsdeductible/
Title: ItsDeductible donation tracker app

Search URL Search Domain Scan URL

URL: https://support.turbotax.intuit.com/contact/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://support.turbotax.intuit.com/products/advantage/
Title: TurboTax Advantage support

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-tools/wheres-my-refund/
Title: Where's My Refund

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/irs-tax-extensions/
Title: File an IRS tax extension

Search URL Search Domain Scan URL

URL: https://accounts-tax.intuit.com/index.html?redirect_url=https%3A%2F%2Fquarterly-payment.tax.intuit.com%2F%3Ffiling%3Destimatedpayment%26entity%3Dindividual%26state%3Dny
Title: Pay NY estimated taxes

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/stimulus-check/
Title: Stimulus Check Calculator

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-tools/tax-articles-and-tips/
Title: All tax tips and videos

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-tools/calculators/tax-bracket/
Title: Tax bracket calculator

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-tools/efile-status-lookup/
Title: Check e-file status refund tracker

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-tools/calculators/w4/
Title: W-4 withholding calculator

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/tax-tools/calculators/self-employed/
Title: Self-employed expense estimator

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/reviews/
Title: TurboTax customer reviews

Search URL Search Domain Scan URL

URL: https://share.turbotax.intuit.com/turbotax/
Title: TurboTax invite-a-friend discount

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/commercials/super-bowl/
Title: TurboTax Super Bowl commercial

Search URL Search Domain Scan URL

URL: https://intuittaxandfinancialcenter.com/
Title: Intuit Tax & Financial Center

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.ca/tax-software/index.jsp
Title: TurboTax Canada

Search URL Search Domain Scan URL

URL: https://turbo.intuit.com/free-credit-score-report/
Title: TurboTax: Free Credit Score

Search URL Search Domain Scan URL

URL: https://www.mint.com/
Title: Mint budget tracker

Search URL Search Domain Scan URL

URL: https://quickbooks.intuit.com/
Title: Accounting software

Search URL Search Domain Scan URL

URL: https://payroll.intuit.com/
Title: Payroll

Search URL Search Domain Scan URL

URL: https://quickbooks.intuit.com/payments/
Title: QuickBooks Payments

Search URL Search Domain Scan URL

URL: https://proconnect.intuit.com/?s_cid=TT.com_MoreProds-Footer_ProTaxSoftware
Title: Professional tax software

Search URL Search Domain Scan URL

URL: https://quickbooks.intuit.com/accountants/?s_cid=TT.com_MoreProds-Footer_ProAcctgsoftware
Title: Professional accounting software

Search URL Search Domain Scan URL

URL: https://www.intuit.com/
Title: More from Intuit

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/atlanta-georgia-cpa-ea/
Title: Tax Experts for Atlanta

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/baltimore-maryland-cpa-ea/
Title: Tax Experts for Baltimore

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/boston-massachusetts-cpa-ea/
Title: Tax Experts for Boston

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/charlotte-north-carolina-cpa-ea/
Title: Tax Experts for Charlotte

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/chicago-illinois-cpa-ea/
Title: Tax Experts for Chicago

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/cleveland-ohio-cpa-ea/
Title: Tax Experts for Cleveland

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/dallas-texas-cpa-ea/
Title: Tax Experts for Dallas

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/denver-colorado-cpa-ea/
Title: Tax Experts for Denver

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/detroit-michigan-cpa-ea/
Title: Tax Experts for Detroit

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/fort-worth-texas-cpa-ea/
Title: Tax Experts for Fort Worth

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/houston-texas-cpa-ea/
Title: Tax Experts for Houston

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/las-vegas-nevada-cpa-ea/
Title: Tax Experts for Las Vegas

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/los-angeles-california-cpa-ea/
Title: Tax Experts for Los Angeles

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/miami-florida-cpa-ea/
Title: Tax Experts for Miami

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/minneapolis-minnesota-cpa-ea/
Title: Tax Experts for Minneapolis

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/new-york-new-york-cpa-ea/
Title: Tax Experts for New York

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/oakland-california-cpa-ea/
Title: Tax Experts for Oakland

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/orlando-florida-cpa-ea/
Title: Tax Experts for Orlando

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/philadelphia-pennsylvania-cpa-ea/
Title: Tax Experts for Philadelphia

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/phoenix-arizona-cpa-ea/
Title: Tax Experts for Phoenix

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/portland-oregon-cpa-ea/
Title: Tax Experts for Portland

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/raleigh-north-carolina-cpa-ea/
Title: Tax Experts for Raleigh

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/sacramento-california-cpa-ea/
Title: Tax Experts for Sacramento

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/saint-louis-missouri-cpa-ea/
Title: Tax Experts for St. Louis

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/san-diego-california-cpa-ea/
Title: Tax Experts for San Diego

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/san-francisco-cpa-ea/
Title: Tax Experts for San Francisco

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/san-jose-california-cpa-ea/
Title: Tax Experts for San Jose

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/seattle-washington-cpa-ea/
Title: Tax Experts for Seattle

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/tampa-florida-cpa-ea/
Title: Tax Experts for Tampa

Search URL Search Domain Scan URL

URL: https://turbotax.intuit.com/personal-taxes/online/live/how-it-works/washington-district-columbia-cpa-ea/
Title: Tax Experts for Washington D.C.

Search URL Search Domain Scan URL

URL: https://security.intuit.com/index.php/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGnPghIzer1zfG6IdIgpzd1jDm1LLszdS4WErrySc2GzadORNs4tzgqtavS8HROzfKyuzgWEzczeoEzeNRVXtpKX%3DSWCRTRUST&_ei_=ElJfWaqGQRMA-CQTCRJqaHd-RPpD3QBIS4-6Vv69jN9GSAvNKHwUU8NqU0VcBlyNic04qjcbG5LBPvK3oRWixOP6KHOdx-DhGeeRmLcpTa_MpCJpYj4-Wowk8ppeseIZPkZmNipO9rp69ne3kie3pyxkf5_bXHYEzZURaOAk3Os36WBXIS5fMhFWNOJ2ppOGGasp0IGPOibljsAvwAtYukzqOzA5xG5DlRzSh5Pg2RPRlA1t. HTTP 302
https://ttlc.intuit.com/questions/2579942-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry HTTP 301
https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=0&ts=1617404541633 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=0&ts=1617404541633

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?label=HttKCPnogIYBEOnehsAD&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/939634537/?label=HttKCPnogIYBEOnehsAD&guid=ON&script=0&is_vtc=1&random=1810093542 HTTP 302
https://www.google.de/pagead/1p-user-list/939634537/?label=HttKCPnogIYBEOnehsAD&guid=ON&script=0&is_vtc=1&random=1810093542&ipr=y

Request Chain 99

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?random=1617404542312&cv=9&fst=1617404542312&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/939634537/?random=1617404542312&cv=9&fst=1617404400000&num=1&fmt=3&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&is_vtc=1&random=3506238939&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/939634537/?random=1617404542312&cv=9&fst=1617404400000&num=1&fmt=3&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&is_vtc=1&random=3506238939&resp=GooglemKTybQhCsO&ipr=y

Request Chain 103

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=dtzXNi6f1LssO25

Request Chain 105

https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s27901810879042?AQB=1&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&j=1.8.5&t=03/3/2021%2001:02:22%206%20-120&ch=Live%20Community&c5=Customer%20Care&c6=Live%20Community&c7=LC&c34=en&c36=websdk-preprod&c42=9b0a8426-667f-46aa-9196-f9d33de46f66&c43=bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a&c49=26399&h5=6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351&pageName=%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399%20Live%20Community&v12=event_message&topicId:%20=event_page_topic_id&c19=board&v19=event_properties_path_current_name&v2=Screen&v3=Screen%20View&c15=No%20Referrer&v25=%7C%7C%7C%7C&v29=element_id&v30=element_text&v31=element_context&v43=ty19_1141&h2=true&r=No%20Referrer&AQE=1 HTTP 302
https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s27901810879042?AQB=1&pccr=true&vidn=3033D13F0688A08F-40000720D0BEFCDB&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&j=1.8.5&t=03/3/2021%2001:02:22%206%20-120&ch=Live%20Community&c5=Customer%20Care&c6=Live%20Community&c7=LC&c34=en&c36=websdk-preprod&c42=9b0a8426-667f-46aa-9196-f9d33de46f66&c43=bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a&c49=26399&h5=6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351&pageName=%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399%20Live%20Community&v12=event_message&topicId:%20=event_page_topic_id&c19=board&v19=event_properties_path_current_name&v2=Screen&v3=Screen%20View&c15=No%20Referrer&v25=%7C%7C%7C%7C&v29=element_id&v30=element_text&v31=element_context&v43=ty19_1141&h2=true&r=No%20Referrer&AQE=1

Request Chain 119

https://idsync.rlcdn.com/365868.gif?partner_uid=53086904919967204770870513395947614908 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTMwODY5MDQ5MTk5NjcyMDQ3NzA4NzA1MTMzOTU5NDc2MTQ5MDgQABoNCP7EnoMGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=459d4debf0867f40f850cf5062de00ff2229ee8fcf6119c9251eb2c8f541b67ab0da87c991749652

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTMwODY5MDQ5MTk5NjcyMDQ3NzA4NzA1MTMzOTU5NDc2MTQ5MDg= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKNiGduPhnBsDN08g0BeWSQ&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 121

https://c.bing.com/c.gif?uid=53086904919967204770870513395947614908&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=23108B0338BA693E0C019B0E396868B5

Request Chain 124

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=53086904919967204770870513395947614908&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-9ZN8ZgZE2pH.F0ydZwTEQuB8GttfDov2wII-~A

Request Chain 141

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p6ru8tjaf HTTP 302
https://kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 142

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p6ru8tjaf HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net/eum/results.txt

153 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 26399 Show response
ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/
Redirect Chain

https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGnPghIzer1zfG6IdIgpzd1jDm1LLszdS4WErrySc2GzadORNs4tzgqtavS8HROzfKyuzgWEzczeoEzeNRVXtpKX%3DSWCRTRUST&_ei_=ElJfWaqGQRMA-CQTCRJqaHd-RPpD...
https://ttlc.intuit.com/questions/2579942-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

203 KB
48 KB

1606ms
1605ms

Document
text/html

2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 0af1bb3ed579807451a7ec8225415f3595dc1ced0b32aa38833844d286190b17

Request headers

:method: GET
:authority: ttlc.intuit.com
:scheme: https
:path: /community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _session_id=NkN3R0ZhRTlBeS8wdDRJell1Yys2bDE2dmh3dUV5NWovZVBZZUJDVjRqaXJIYUlpRjN5dUxzVHhhYnRFcTl0MEJ3MVdsbWZjYjBFYklQZExWbTdmQm1IMCtLcVlPZm0vZy9tMkpDL004Zk5BVGRpcyt4WEowZVk3RHlhUDFKWHpCVm44SjNVRWVEdGE2ME5yVi93d2ZSYjRFc2tadm4vbmU2SUJVTnFXVUlFTWRGaWpxTkN2Ym9lMS93N1V0REZESmI5bWRDUDFnNmdYdW9ZM0xVSnZCaXR1SUhoelNMeUhYelhxOWlibmNJOTdYdGljMG5tdTQ2aU1JeEIyd2h2bTVwNWF5T2dHdUNLRXNkc3E0M3V0ZTVtTWpHR3ZvbjRhSHZlZHRlWDRIa1lhRG9MUTFPS3FOcFRrcnVpeFFOU2NoRmYrd1JBSWsrSVpYRThGTzhWU3ZBPT0tLTZ1QXlYelJOdkI2U3dEUDhUbndpbHc9PQ%3D%3D--02ddb67f6ec8bbdaed54d8246254a964e0222e03; AKA_A2=A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html;charset=UTF-8
server: Apache
x-mapping-status: mapping complete: success-Mapping found for en-us
x-mapping-action: No redirect required.
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, private
x-akamai-transformed: 9 - 0 pmb=mRUM,2
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 02 Apr 2021 23:02:20 GMT
set-cookie: AWSALB=MULTOnxX5jtYSpMbZ5Xpf37pT6gq/hAbxtEC3ykzGzlbJ9JBPIxmMSkYh90wCqzdMscRylubkgyUhM0RpW/ty252czZn7qWEV9FlQ7HyXJlrfZOpqyeIWUvQxjBf; Expires=Fri, 09 Apr 2021 23:02:19 GMT; Path=/ AWSALBCORS=MULTOnxX5jtYSpMbZ5Xpf37pT6gq/hAbxtEC3ykzGzlbJ9JBPIxmMSkYh90wCqzdMscRylubkgyUhM0RpW/ty252czZn7qWEV9FlQ7HyXJlrfZOpqyeIWUvQxjBf; Expires=Fri, 09 Apr 2021 23:02:19 GMT; Path=/; SameSite=None; Secure LiSESSIONID=1D62EB2699D87C4B49E6370646FDF6AF; Path=/; Secure; HttpOnly LithiumUserInfo=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ LithiumUserSecure=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ LithiumVisitor=~2iotCRSZVs9HvxFPe~9eFdikEAEbRtM61ED-7aX011XK7bwP_aimzwnKFjyV4Ane2mKAJFDqoBi-bZYpq_Msb3PoWOWF0oHNdglSUjCw..; Expires=Mon, 31-Mar-2031 23:02:19 GMT; Path=/; HttpOnly
server-timing: cdn-cache; desc=MISS edge; dur=897 origin; dur=231
link: <https://ttlc.intuit.com/community/s/html/assets/fonts/AvenirNext-W05-Rg_web.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://ttlc.intuit.com/community/s/html/assets/fonts/AvenirNext-W05-Demi_web.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://ttlc.intuit.com/community/s/html/assets/fonts/fontawesome-webfont.woff2?v=4.3.0>;rel="preload";as="font";type="font/woff2";crossorigin

Redirect headers

content-type: text/html; charset=utf-8
server: Apache/2.4.10 (Debian)
status: 301 Moved Permanently
x-frame-options
location: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
cache-control: no-cache
x-request-id: adc64ba9-ac0b-46d1-9f4e-b99a51e2a1d7
x-runtime: 0.015375
content-length: 209
date: Fri, 02 Apr 2021 23:02:19 GMT
set-cookie: _session_id=NkN3R0ZhRTlBeS8wdDRJell1Yys2bDE2dmh3dUV5NWovZVBZZUJDVjRqaXJIYUlpRjN5dUxzVHhhYnRFcTl0MEJ3MVdsbWZjYjBFYklQZExWbTdmQm1IMCtLcVlPZm0vZy9tMkpDL004Zk5BVGRpcyt4WEowZVk3RHlhUDFKWHpCVm44SjNVRWVEdGE2ME5yVi93d2ZSYjRFc2tadm4vbmU2SUJVTnFXVUlFTWRGaWpxTkN2Ym9lMS93N1V0REZESmI5bWRDUDFnNmdYdW9ZM0xVSnZCaXR1SUhoelNMeUhYelhxOWlibmNJOTdYdGljMG5tdTQ2aU1JeEIyd2h2bTVwNWF5T2dHdUNLRXNkc3E0M3V0ZTVtTWpHR3ZvbjRhSHZlZHRlWDRIa1lhRG9MUTFPS3FOcFRrcnVpeFFOU2NoRmYrd1JBSWsrSVpYRThGTzhWU3ZBPT0tLTZ1QXlYelJOdkI2U3dEUDhUbndpbHc9PQ%3D%3D--02ddb67f6ec8bbdaed54d8246254a964e0222e03; path=/; HttpOnly AKA_A2=A; expires=Sat, 03-Apr-2021 00:02:19 GMT; path=/; domain=intuit.com; secure; HttpOnly
server-timing: cdn-cache; desc=MISS edge; dur=952 origin; dur=47
link: <https://ttlc.intuit.com/community/s/html/assets/fonts/AvenirNext-W05-Rg_web.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://ttlc.intuit.com/community/s/html/assets/fonts/AvenirNext-W05-Demi_web.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://ttlc.intuit.com/community/s/html/assets/fonts/fontawesome-webfont.woff2?v=4.3.0>;rel="preload";as="font";type="font/woff2";crossorigin

GET
H2 200 AvenirNext-W05-Rg_web.ttf
ttlc.intuit.com/community/s/html/assets/fonts/ 105 KB
106 KB 9ms
7ms Font
font/ttf 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/fonts/AvenirNext-W05-Rg_web.ttf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 0d871ec5528cfbb1f6b74230fb929f07f69b36540605378bb7cc2caf74648886

Request headers

Origin: https://ttlc.intuit.com
Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
last-modified: Tue, 21 Aug 2018 23:15:29 GMT
server: Apache
etag: W/"108012-1534893329000"
content-type: font/ttf
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 108012

GET
H2 200 AvenirNext-W05-Demi_web.ttf
ttlc.intuit.com/community/s/html/assets/fonts/ 105 KB
105 KB 14ms
12ms Font
font/ttf 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/fonts/AvenirNext-W05-Demi_web.ttf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 3a42914dc0ca7c39c7138a47526051c907c4dd8b1e3cc3e7de9a452a0f4c5c55

Request headers

Origin: https://ttlc.intuit.com
Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
last-modified: Tue, 21 Aug 2018 23:15:29 GMT
server: Apache
etag: W/"107228-1534893329000"
content-type: font/ttf
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 107228

GET
H2 200 fontawesome-webfont.woff2
ttlc.intuit.com/community/s/html/assets/fonts/ 55 KB
56 KB 14ms
13ms Font
font/woff2 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://ttlc.intuit.com
Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 08:03:06 GMT
server: Apache
etag: W/"56780-1617177786000-gzip"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 56777

GET
H2 200 AvenirNext-W05-Rg_web.ttf
ttlc.intuit.com/community/s/html/assets/fonts/ 105 KB
106 KB 13ms
12ms Stylesheet
font/ttf 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/fonts/AvenirNext-W05-Rg_web.ttf
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 7712a2d7c98bd0504bf7bde1bce16135049fc991e8ccc1f52264a1aabdf3c8c2

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
last-modified: Tue, 21 Aug 2018 23:15:29 GMT
server: Apache
etag: W/"108012-1534893329000"
content-type: font/ttf
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 108012

GET
H2 200 AvenirNext-W05-Demi_web.ttf
ttlc.intuit.com/community/s/html/assets/fonts/ 105 KB
105 KB 17ms
17ms Stylesheet
font/ttf 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/fonts/AvenirNext-W05-Demi_web.ttf
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 40b89ed70711af5c4e6722ab30db28649817fb00dde07cbd32bba18468ca3c2f

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
last-modified: Tue, 21 Aug 2018 23:15:29 GMT
server: Apache
etag: W/"107228-1534893329000"
content-type: font/ttf
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 107228

GET
H2 200 fontawesome-webfont.woff2
ttlc.intuit.com/community/s/html/assets/fonts/ 55 KB
56 KB 17ms
17ms Stylesheet
font/woff2 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 473842579288c04e865ecfa63ae67a45d6e9a0871c9cf2aea4db32637cf7bbb8

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 08:03:06 GMT
server: Apache
etag: W/"56780-1617177786000-gzip"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 56777

GET
H2 200 turbotax_support.css
ttlc.intuit.com/community/s/skins/4826905/ed76ec61c2d1e8848ac2607d548cadca/ 3 MB
309 KB 273ms
273ms Stylesheet
text/css 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/skins/4826905/ed76ec61c2d1e8848ac2607d548cadca/turbotax_support.css
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 1c52bdb2a8fa74f8f35c0c6a0840099562b4c5abf1822d6e83dcef94e66c3d12

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 18:52:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: s-maxage=20281
server-timing: cdn-cache; desc=MISS, edge; dur=155, origin; dur=102
expires: Sat, 02 Apr 2022 23:02:20 GMT

GET
H2 200 cdc_lib_min_latest.js Show response
cdn.websdk.intuit.com/js/ 79 KB
24 KB 43ms
8ms Script
application/javascript 2600:9000:211e:4800:9:618e:3dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4800:9:618e:3dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 834571cb12366c2e2fc7a5a2cfdeede8ef1bc62d8f89a8b4a3fb344ace35b457

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 21:13:52 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2016 17:32:08 GMT
server: AmazonS3
age: 6509
etag: W/"c470f09a790387c406bbff0b1b51ac41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be625.cloudfront.net (CloudFront)
cache-control: max-age=18000, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 4IV6F9Dq3hb0fYw7EH2L2GHZhr70awvx_tP9HfQWwMcN8gmGKLi7WA==

GET
H2 200 cust-adrum.js Show response
ttlc.intuit.com/community/s/html/assets/js/ 47 KB
16 KB 344ms
341ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/js/cust-adrum.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 9271314f6c34b62c2d3d28ac2bc904aae601540806ef2151ac7cc04bbe339159

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Thu, 03 Dec 2020 01:45:05 GMT
server: Apache
etag: W/"47888-1606959905000"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
server-timing: cdn-cache; desc=MISS, edge; dur=139, origin; dur=187
accept-ranges: bytes
content-length: 15266

GET
H2 200 w.min.0.5.6.js Show response
ttlc.intuit.com/community/s/html/assets/scripts/ 34 KB
12 KB 316ms
315ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/scripts/w.min.0.5.6.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 19c1ea785a0e5a8abdf8185cb814ef4a26ac676a5a4e38382fdb53768da9cd7d

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 23:49:04 GMT
server: Apache
etag: W/"35146-1607384944000"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
server-timing: cdn-cache; desc=MISS, edge; dur=189, origin; dur=109
accept-ranges: bytes
content-length: 12023

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 08:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311126
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:36:54 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 123 KB
39 KB 113ms
35ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40af74053a73378fc6264469e7296eba7859af8182ff5dd14e336d499fa7ac1a

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 15:34:15 GMT
server: AkamaiNetStorage
etag: "dc996dc0e23c1c6fb6c9fcc7f800691f:1616513655.162498"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 39229
expires: Fri, 02 Apr 2021 23:07:21 GMT

GET
H2 200 bundle.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 474 KB
139 KB 118ms
32ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6fbd40578c2b8ad857ed65e16db04eab8435a27232a1572672c6c91f9b92543

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:17:02 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67519
etag: W/"b60b91d032aa6378b743197c33812b0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: LEA9uD2NouyVn1xXK8jqaytxmhpqiG08H9CtEoQOJlqkFAoljWy-Og==

GET
H2 200 fetch.umd.js Show response
ttlc.intuit.com/community/s/html/@B162191D4110A80494460268F9D2CFFD/assets/scripts/ 14 KB
4 KB 432ms
431ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/@B162191D4110A80494460268F9D2CFFD/assets/scripts/fetch.umd.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Tue, 14 May 2019 19:18:01 GMT
server: Apache
etag: W/"14805-1557861481000"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=MISS, edge; dur=131, origin; dur=282
accept-ranges: bytes
content-length: 3926

GET
H2 200 lia-scripts-head-min.js Show response
ttlc.intuit.com/community/scripts/129B3FAC03679C8B82A528EDDD4E9DDC/ 12 KB
5 KB 230ms
229ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/scripts/129B3FAC03679C8B82A528EDDD4E9DDC/lia-scripts-head-min.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: a3916cd66d5e390f6ee87027c579891ec1c9ce0e4e8e2d17a83f26b0da929452

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 02:34:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=14738
server-timing: cdn-cache; desc=MISS, edge; dur=137, origin; dur=72
content-length: 4163
expires: Sat, 02 Apr 2022 23:02:20 GMT

GET
H2 200 lia-scripts-head-min.js Show response
ttlc.intuit.com/community/scripts/D60EB96AE5FF670ED274F16ABB044ABD/ 4 KB
2 KB 227ms
226ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/scripts/D60EB96AE5FF670ED274F16ABB044ABD/lia-scripts-head-min.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: dd160737ff99d0b3796fc177f5b10d9121a67ba4865abfcff00294fc5538def0

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 02:34:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=14738
server-timing: cdn-cache; desc=MISS, edge; dur=133, origin; dur=70
content-length: 1494
expires: Sat, 02 Apr 2022 23:02:20 GMT

GET
H2 200 ttl-logo.png
ttlc.intuit.com/community/s/html/@E825D61E78DF039EFFBDA1BC8D0D365D/assets/turbotaxsupport/ 4 KB
4 KB 20ms
17ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/@E825D61E78DF039EFFBDA1BC8D0D365D/assets/turbotaxsupport/ttl-logo.png
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 4a02c879007c89c7af319d38acad3a1d9363b4835c3764d79d2a515ab5b573c2

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Wed, 15 May 2019 19:10:29 GMT
server: Apache
etag: W/"4081-1557947429000"
content-type: image/png
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 4081

GET
H2 200 turbo-logo.png
ttlc.intuit.com/community/s/html/@BD081D61F27AE833471A0D4902B955EA/assets/header/ 4 KB
4 KB 21ms
18ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/@BD081D61F27AE833471A0D4902B955EA/assets/header/turbo-logo.png
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 528df5df27add736ef3cf47c286e51cae74cc86751a032a3dfe93e9318b9d440

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Wed, 19 Dec 2018 01:50:36 GMT
server: Apache
etag: W/"4016-1545184236000"
content-type: image/png
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 4016

GET
H2 200 lock.png
ttlc.intuit.com/community/s/html/@3384D7F9B6B9AAA338273ECDFCACA3D1/assets/ 409 B
604 B 23ms
21ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/@3384D7F9B6B9AAA338273ECDFCACA3D1/assets/lock.png
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: fbc562b23385ed991d866d53bf897906d81a2bc7e90810eb8ebda4b2ba323ccb

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Mon, 22 Jun 2020 18:53:36 GMT
server: Apache
etag: W/"409-1592852016000"
content-type: image/png
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 409

GET
H2 200 flag-usa.png
ttlc.intuit.com/community/s/html/@74841411433036A409356071E9BD9C55/assets/flags/ 1 KB
1 KB 24ms
21ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/@74841411433036A409356071E9BD9C55/assets/flags/flag-usa.png
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 834ceb44b392fc0764073691d4d6caaa1573f91391c3d229014bf0384be01fd3

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Wed, 15 May 2019 19:10:29 GMT
server: Apache
etag: W/"1201-1557947429000"
content-type: image/png
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1201

GET
H2 200 flag-canada.png
ttlc.intuit.com/community/s/html/@1648DB1CEC71F5BBE96C3AE2548AF929/assets/flags/ 1 KB
1 KB 27ms
24ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/@1648DB1CEC71F5BBE96C3AE2548AF929/assets/flags/flag-canada.png
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 3a88826572c9341ffc7c06a19498f36f865a27fea897afc7c74ba89b2eb01e20

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Wed, 15 May 2019 19:10:29 GMT
server: Apache
etag: W/"1196-1557947429000"
content-type: image/png
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1196

GET
H2 200 false
ttlc.intuit.com/community/image/serverpage/image-id/1051i155BD130B5DC7064/image-dimensions/70x70/image-coordinates/0%2C0%2C276%2C276/constrain-image/ 5 KB
6 KB 215ms
213ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/image/serverpage/image-id/1051i155BD130B5DC7064/image-dimensions/70x70/image-coordinates/0%2C0%2C276%2C276/constrain-image/false?v=v2
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: d59bfa1017bf1d1265b5eb9ca2de67b76cc0b098dc00ce79f3a905934b937b3a

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Sat, 11 Jan 2020 19:28:53 GMT
server: Apache
content-type: image/png;charset=UTF-8
cache-control: max-age=900
content-disposition: inline; filename="TT_Symbol_RGB_Pos.png"; filename*=UTF-8''TT_Symbol_RGB_Pos.png
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=36
content-length: 5478
expires: Sat, 02 Apr 2022 23:02:21 GMT

GET
H2 200 VerticalAd_TurboTax.png
ttlc.intuit.com/community/s/html/assets/ 63 KB
63 KB 28ms
26ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/assets/VerticalAd_TurboTax.png
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: ac16f9008f40d162b186d669420d38b7247624c8b8757ef5555fbf64a76e65b3

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Mon, 22 Jun 2020 18:53:36 GMT
server: Apache
etag: W/"64518-1592852016000"
content-type: image/png
cache-control: max-age=7200
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 64518

GET
H2 200 logo-intuit.png
ttlc.intuit.com/community/s/html/assets/ 3 KB
3 KB 30ms
28ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/assets/logo-intuit.png
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: a9373a0da531c93b8a7a9972f579088217ae05ba74dc9399998104301bdca8d7

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Mon, 22 Jun 2020 18:53:36 GMT
server: Apache
etag: W/"3315-1592852016000"
content-type: image/png
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 3315

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 28ms
13ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://ttlc.intuit.com
Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 1999956
cdn-cachedat: 2021-03-10 20:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09366bd0d300002bf2a1323000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 67571f626a1708cd2b82c3c33c0cf8a7
cf-ray: 639daf2e19592bf2-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 analytics.bundle.js Show response
ttlc.intuit.com/community/s/html/assets/scripts/ 26 KB
9 KB 209ms
208ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/assets/scripts/analytics.bundle.js?1617404540.095
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 1161f4a146d05a3c69a7c08af2dbb15bd5cac9d79af9ebea7a0cf79f53abaf71

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 20:48:56 GMT
server: Apache
etag: W/"26816-1617050936000"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
server-timing: cdn-cache; desc=MISS, edge; dur=127, origin; dur=74
accept-ranges: bytes
content-length: 8351

GET
H2 200 ohh_utils.bundle.js Show response
ttlc.intuit.com/community/s/html/@461F791CD6163297ECEF137E3755D9A8/assets/scripts/ 13 KB
5 KB 263ms
262ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/s/html/@461F791CD6163297ECEF137E3755D9A8/assets/scripts/ohh_utils.bundle.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: c2c6e76ab66c0c1bd397a52922d2f11d8bbe8322529fd8b279c990210094a058

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 20:48:56 GMT
server: Apache
etag: W/"13069-1617050936000"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=MISS, edge; dur=146, origin; dur=109
accept-ranges: bytes
content-length: 4278

GET
H2 200 lia-scripts-angularjs-min.js Show response
ttlc.intuit.com/community/scripts/2302698ED357F19B5FC9C26F59580BC3/ 172 KB
60 KB 282ms
278ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/scripts/2302698ED357F19B5FC9C26F59580BC3/lia-scripts-angularjs-min.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 978db21c78891ff042054afe2d113d2a4560bbe311a844ff48f45ce0c51e22d9

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 02:34:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=14738
server-timing: cdn-cache; desc=MISS, edge; dur=165, origin; dur=105
content-length: 61046
expires: Sat, 02 Apr 2022 23:02:21 GMT

GET
H2 200 lia-scripts-angularjsModules-min.js Show response
ttlc.intuit.com/community/scripts/248D33F972373949BEFF4BE33ACADDD3/ 42 KB
16 KB 234ms
230ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/scripts/248D33F972373949BEFF4BE33ACADDD3/lia-scripts-angularjsModules-min.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 25b5c2f7e35f7483c90a02373aa8460b78bacae376aac871dd7a93f0230e7d6e

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 02:32:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=14758
server-timing: cdn-cache; desc=MISS, edge; dur=140, origin; dur=80
content-length: 15185
expires: Sat, 02 Apr 2022 23:02:21 GMT

GET
H2 200 lia-scripts-common-min.js Show response
ttlc.intuit.com/community/scripts/2D1302FD813A575FBF63E0856DEC89F3/ 348 KB
97 KB 236ms
232ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/scripts/2D1302FD813A575FBF63E0856DEC89F3/lia-scripts-common-min.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: d52055c2ded905e257f1c814a5120ca5e7521dead997ddc31185b305594a6926

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 02:34:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=14738
server-timing: cdn-cache; desc=MISS, edge; dur=133, origin; dur=88
expires: Sat, 02 Apr 2022 23:02:21 GMT

GET
H2 200 lia-scripts-body-min.js Show response
ttlc.intuit.com/community/scripts/22DB4A25D86CED4D2721DD919B5DC79B/ 44 KB
12 KB 239ms
235ms Script
text/javascript 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ttlc.intuit.com/community/scripts/22DB4A25D86CED4D2721DD919B5DC79B/lia-scripts-body-min.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: d886db0b90693040ec0b41bdc4334088859c250df390cbff4f8fb2c415a15b98

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 02:33:30 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=14746
server-timing: cdn-cache; desc=MISS, edge; dur=148, origin; dur=74
content-length: 11989
expires: Sat, 02 Apr 2022 23:02:21 GMT

GET
H2 200 DDQ82-KFSJD-QETP5-X7HFM-YQSHT Show response
s2.go-mpulse.net/boomerang/ Frame 6E51 202 KB
51 KB 86ms
7ms Script
application/javascript 2a02:26f0:6c00:286::2682
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.go-mpulse.net/boomerang/DDQ82-KFSJD-QETP5-X7HFM-YQSHT
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::2682 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: br
last-modified: Wed, 03 Mar 2021 16:42:07 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
DATA 200
OK truncated
/ 284 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6014a0b99cbc64aa4e295a3d082301b5882142ce288609e58961641682288f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 views.svg
ttlc.intuit.com/community/s/html/assets/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/assets/views.svg
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/s/skins/4826905/ed76ec61c2d1e8848ac2607d548cadca/turbotax_support.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: d2fc3fc956f16451ca97ede80eb13c8d7ef7af6c26791ce8ef8b964865e2678a

Request headers

Referer: https://ttlc.intuit.com/community/s/skins/4826905/ed76ec61c2d1e8848ac2607d548cadca/turbotax_support.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 18:53:36 GMT
server: Apache
etag: W/"2428-1592852016000-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7200
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 987

OPTIONS
H2 200 graphql
shtaxonomyservice.api.intuit.com/ Frame 0
0 544ms
169ms Preflight 52.13.165.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shtaxonomyservice.api.intuit.com/graphql
Protocol: H2
Server: 52.13.165.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-13-165-209.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-sh-ecosystem,x-sh-locale
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-length: 0
server: nginx
intuit_tid: 1-6067a27e-13fe459744d02a1762465ec0
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-headers: date,content-length,expires,vary,origin,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,fragment-location,content-type,connection,if-match,cache-control,x-sh-ecosystem,x-sh-locale,intuit_tid,pragma,accept,x-requested-with,content-location,content-range,etag,intuit_originalurl

GET
H2 200 af-community-components0.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 43 KB
16 KB 33ms
31ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components0.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 376dca83e30fd6db57f67f805c956ba87ca21bdbf4d8ac890d67a721c021e425

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:17:04 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67518
etag: W/"ff69c0387b4fe6ec3428d62831537932"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: GzZ_SP-5BZYs_QuQSHojdPkJ9Kj3aSX9nKB9pIKwftcmADn6Jh-DVA==

GET
H2 200 af-community-components1.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 71 KB
25 KB 31ms
29ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components1.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1241695c84f1ce0b9a6fc2a4c6d48b7dfdccd4e324838fd0e76870cd4a85173

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:17:04 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67518
etag: W/"eb8255256f261ab53fac22b4f452030c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: wG1SpD3LwWZL5vK4WHnSzbDE5lWCtTiMOmtXxs-uYwIRXWZiziCUGg==

GET
H2 200 af-community-components30.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 19 KB
6 KB 29ms
28ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components30.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed7974cf323e4514537010c5b946e1b5f61721b398754453e7620783b51b55da

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:17:04 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67518
etag: W/"4f705d796211a040c8c0cc2ae7e6b848"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: pVs_OzzzjmpyCU4brW8ceJJtZgs4TLdmUC7vybg4-nF2ng0iNGBxog==

POST
H2 200 graphql Show response
shtaxonomyservice.api.intuit.com/ 52 KB
5 KB 228ms
228ms Fetch
application/json 52.13.165.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shtaxonomyservice.api.intuit.com/graphql

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.165.209 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-165-209.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

782f31cdee675e1edffe563b35441d3b4e7d0d7a8c6068c21f34d662de45dd44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept: */*
Referer: https://ttlc.intuit.com/
authorization: Intuit_APIKey intuit_apikey=prdakyresXR0sv5vKgCHFs8x5wCVPWcbeNuOnlIW, intuit_apikey_version=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-sh-ecosystem: ctg
x-sh-locale: en-us
content-type: application/json

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
age: 57714
etag: W/"cf72-u/13BMllHLYWbn7oirW/2wk8vS0"
strict-transport-security: max-age=15552000
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: date,content-length,expires,vary,origin,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,fragment-location,content-type,connection,if-match,cache-control,x-sh-ecosystem,x-sh-locale,intuit_tid,pragma,accept,x-requested-with,content-location,content-range,etag,intuit_originalurl
x-cache-hit: true
x-amzn-trace-id: Root=1-6067a27e-3fea04d56736a5bd65583726
intuit_tid: 1-6067a27e-3fea04d56736a5bd65583726
access-control-allow-credentials: true
x-spanid: 93a6898f-e469-41e7-80c6-812341a74890

GET
H2 200 track-event-lib-init.min.js Show response
uxfabric.intuitcdn.net/analytics/prod/ 9 KB
5 KB 91ms
22ms Script
application/javascript 99.86.3.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://uxfabric.intuitcdn.net/analytics/prod/track-event-lib-init.min.js

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/s/html/assets/scripts/analytics.bundle.js?1617404540.095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-92.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

357853121db51bb05c3c1038a7c099109e07fd80a53f426310ac4c30da4a1fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82206
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Apr 2021 00:09:49 GMT
server: AmazonS3
etag: W/"a1b3141e6541c65d14730f69460530a8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: MQ0yE4f8O5vvhDf71g_HEWLq6cG1WmxlxIVxXiFvT52QumSt2xfT8g==

GET
H2 204 148895495360_1617404540095.gif
ttlc.intuit.com/community/s/beacon/ 0
696 B 366ms
366ms Image
image/gif 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/beacon/148895495360_1617404540095.gif
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Fri, 02 Nov 2007 00:36:01 GMT
server: Apache
content-type: image/gif
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server-timing: cdn-cache; desc=MISS, edge; dur=264, origin; dur=95
expires: Thu, 22 Jan 1976 08:28:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 6E51 1 KB
1 KB 48ms
35ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=DDQ82-KFSJD-QETP5-X7HFM-YQSHT&d=ttlc.intuit.com&t=5391348&v=1.632.0&if=&sl=0&si=2ebpjrtdnvv-qqylbx&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=644510
Requested by: Host: s2.go-mpulse.net
URL: https://s2.go-mpulse.net/boomerang/DDQ82-KFSJD-QETP5-X7HFM-YQSHT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0c5cc14a85aade089cc2bf31fa81e973afb8d1ce3bb196728f3c079ac5c2d05e

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 23:02:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 732

POST
H2 200 event Show response
collect.tealiumiq.com/ 0
511 B 76ms
25ms XHR
application/json 52.28.237.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/event
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.237.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-237-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
x-serverid: uconnect_i-0b91e65a2fc047e2a
x-tid: 017894d2baaf00a56dd9d0fe28d800072008f06a00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: intuit:main:2:event
x-region: eu-central-1
pragma: no-cache
vary: Origin
content-type: application/json
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-ulver: 56b30a878fb40dac8cdd976d5c8f7c0bbda4a726-SNAPSHOT
x-uuid: ac28433c-9e42-4d20-908b-336e79aa80fa
expires: Fri, 02 Apr 2021 23:02:21 GMT

HEAD
H2 200 js
www.googletagmanager.com/gtag/ 0
0 32ms
14ms Fetch
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: br
last-modified: Fri, 02 Apr 2021 21:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 02 Apr 2021 23:02:21 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=0&ts=1617404541633
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=0&ts=1617404541633

1 KB
1 KB

39ms
38ms

XHR
application/json

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=0&ts=1617404541633

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4a776655a1c2be774bbfbb66737c930c3f461fcef6ff7f1251a21cd951e58e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-v123-076c6af6e.edge-irl1.demdex.com 5.80.7.20210304103356 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: R5xuk5q4Qp8=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://ttlc.intuit.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 628
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://ttlc.intuit.com
X-TID: yyo/9+JrTkI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=0&ts=1617404541633
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 settings Show response
segment.intuitcdn.net/v1/projects/VY6EkJSdqwrIqsYI4FcEmPxYjt4GlgNM/ 9 KB
3 KB 89ms
23ms Fetch
application/json 99.86.3.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.intuitcdn.net/v1/projects/VY6EkJSdqwrIqsYI4FcEmPxYjt4GlgNM/settings
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-42.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88fb2375cbb2171ef82dc7579033954bb9fd406bcc19dd2913429e0917dbb743

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DsV3oFqvWmgtqsJv6aPR3ENOPtsbyPU3
content-encoding: gzip
etag: "50cb21e9401164237a5c40ac9a4dfe3a"
age: 4691
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2722
access-control-allow-origin: *
last-modified: Thu, 01 Apr 2021 01:55:04 GMT
server: AmazonS3
date: Fri, 02 Apr 2021 21:44:10 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront), 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA53-C1, FRA6-C1
accept-ranges: bytes
x-amz-cf-id: m9xMjctdxfk9Jb8dGAPoOIlx8coqR74CTibSMYm7S3ju_cdsvy_v0w==

GET
H2 200 track-event-lib.min.js Show response
uxfabric.intuitcdn.net/analytics/202104010001/ 184 KB
53 KB 28ms
27ms Script
application/javascript 99.86.3.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://uxfabric.intuitcdn.net/analytics/202104010001/track-event-lib.min.js

Requested by

Host: uxfabric.intuitcdn.net
URL: https://uxfabric.intuitcdn.net/analytics/prod/track-event-lib-init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-92.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

af115766e8e0f3141725ca1b2a7f9ec30e04b8e919084ef3fe260c8a1d843264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168628
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Apr 2021 00:05:25 GMT
server: AmazonS3
etag: W/"449418c8f5712aca44a805db16d0597b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: ajwD0RF7TUi8fI7SwJ3E8Pt2hR2T18_rigNdYKLKndcUXSAdmC3ZmQ==

GET
H2 200 af-community-components2.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 18 KB
6 KB 31ms
30ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components2.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd6c69e8a06cf6860d63b6bee6fd46bfcdc1a25a1bd1d4942a9470b74f4e8746

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:33:34 GMT
content-encoding: br
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 73728
etag: W/"67e8a30884704ff920f96c99eb1bdc1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: cj8HHexGLmnsBNIsGQdf5SYSaYQv18y5fYe_c_oUOGT-M_65dY1pBQ==

GET
H2 200 af-community-components3.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 72 KB
21 KB 38ms
37ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components3.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f28da91146bc2771e2ea61f3e2f347e8c59aa68662e2b268f0210817cebc746e

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:33:34 GMT
content-encoding: br
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 73728
etag: W/"e566ef13ec87e8e594abf7d94d9e471a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: i4tyiIFkn5RlOev4-c99AxuHguEqmNF28woUlhkkU0QMFVZUrk-KqA==

GET
H2 200 af-community-componentsvendors~sh-view~sh-view-stateless~sh-vote.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 51 KB
17 KB 30ms
29ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-componentsvendors~sh-view~sh-view-stateless~sh-vote.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb07ae198c91c65179763e0e392bfe0953ee1090164e6623f936b5c5155f08b8

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:19:42 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67360
etag: W/"b607a7233a85bb8800ad8be0db3f64f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: eaJubvpcOxITps1f7OZzx0rHdGWbQKS86zAd6h30LX5D51-5zcC4VQ==

GET
H2 200 af-community-componentssh-view.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 729 KB
191 KB 37ms
37ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-componentssh-view.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 000370ef7ad3a2d6769bd4f216a54e9a9d76bb5e64764c7c25a16ceff40e9ff9

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:19:42 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67360
etag: W/"3806ceae1835a5dd6a80d19ad4360430"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: FrGc6T2mGOhzexnJMb1N7MMx-kaHBjn4NyII_VmvI3sqU2JthWaAuQ==

OPTIONS
H2 200 track
experimentation.us.api.intuit.com/ Frame 0
0 553ms
180ms Preflight
application/json 54.186.57.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://experimentation.us.api.intuit.com/track
Protocol: H2
Server: 54.186.57.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-57-15.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 26cf108c-9c60-484b-b7cb-2098f6ee9afb
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: dLZTwGjRPHcFzug=
access-control-allow-methods: OPTIONS,POST
access-control-max-age: 864000
access-control-allow-credentials: false

OPTIONS
H2 200 /
experimentation.us.api.intuit.com/ Frame 0
0 545ms
174ms Preflight
application/json 54.186.57.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://experimentation.us.api.intuit.com/
Protocol: H2
Server: 54.186.57.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-57-15.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 53d30245-d751-48b0-bbe2-a1cc7ae4453d
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: dLZTwF6fvHcF3ig=
access-control-allow-methods: OPTIONS,POST
access-control-max-age: 864000
access-control-allow-credentials: false

GET
H2 200 af-community-componentssh-dynamic-ads.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 315 KB
71 KB 31ms
31ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-componentssh-dynamic-ads.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2291037ed7b37671692c5c9739dd261acd42a01b9a7830aca4f47a57e8fe802d

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:33:34 GMT
content-encoding: br
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 73728
etag: W/"28959a50f4978643b3fb7ac2e892911f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: vSn46GEXT2OgICscIoaDH1alfKEkQdZQSlhNGDzY_7ArakPAejS3VA==

POST
H2 200 track Show response
experimentation.us.api.intuit.com/ 33 B
287 B 194ms
194ms XHR
application/json 54.186.57.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://experimentation.us.api.intuit.com/track
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.57.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-57-15.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6edf572fc78fcfa4b2ccaeee5402478f1f4d356360426ca89f5cff36d00a5bec

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
x-amzn-requestid: fd807858-21d6-41f5-973c-fa1973eb2def
content-type: application/json
access-control-allow-origin: https://ttlc.intuit.com
x-amzn-trace-id: Root=1-6067a27e-10a2164f2eef9e5d31a95e5d;Sampled=1
access-control-allow-credentials: true
x-amz-apigw-id: dLZTxG29vHcF3YQ=
content-length: 33

POST
H2 200 / Show response
experimentation.us.api.intuit.com/ 11 KB
11 KB 229ms
229ms XHR
application/json 54.186.57.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://experimentation.us.api.intuit.com/
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.57.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-57-15.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 297395563701884c2a4a7a5744e129531f825805a13330980069646cc23f87bb

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
x-amzn-requestid: 7b3ddb1c-9e08-4f09-8a0b-b9820ec80dcb
content-type: application/json
access-control-allow-origin: https://ttlc.intuit.com
x-amzn-trace-id: Root=1-6067a27e-50a200025ddd1e1d735dbf68;Sampled=1
access-control-allow-credentials: true
x-amz-apigw-id: dLZTxH7svHcF2bw=
content-length: 11181

GET
H2 200 utag.2.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 41 KB
14 KB 35ms
34ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.2.js?utv=ut4.47.202103082244
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 18a8d47dab2287801bb5adfbda89c94a44f2e9e19aa18732095a31405f8047f3

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 22:44:24 GMT
server: AkamaiNetStorage
etag: "c7be5ef2f0577d702f702eaa2da96c2b:1615243464.033185"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 13958
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 5 KB
2 KB 31ms
30ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.7.js?utv=ut4.47.202103082129
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91b5232f547d2f25ac82504615e7aedac2ff2fa2710232ad07dd2521c9ded49c

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 21:29:30 GMT
server: AkamaiNetStorage
etag: "457d9b003fca7e41a8f7182f739b4652:1615238970.766301"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1690
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
H2 200 utag.8.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 21 KB
7 KB 33ms
32ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.8.js?utv=ut4.47.202103082129
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 03ce333ac7dbd1a8817888429f834995f018b2b3be7626ef755fb1ccd597bd77

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 21:29:33 GMT
server: AkamaiNetStorage
etag: "3460fd8e215904bdbf0f3b132813aeba:1615238973.323689"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 7127
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
H2 200 utag.9.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 21 KB
7 KB 38ms
37ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.9.js?utv=ut4.47.202103082129
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dc9b0977dbbc5ef9fb66a9a41d0d57a6b7e513423a2b087b19c6cd5618e7eac5

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 21:29:27 GMT
server: AkamaiNetStorage
etag: "fc460f33f30809c5ed7d6dc24905256c:1615238967.686331"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 7105
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
H2 200 utag.10.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 3 KB
2 KB 32ms
31ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.10.js?utv=ut4.47.202103082129
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 43659796471646ef131904815850c23c62076edeb135059b390b33ec351f555a

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 21:29:24 GMT
server: AkamaiNetStorage
etag: "4142ffd1697b190192e9ba65be786f8a:1615238964.221173"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1503
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
H2 200 utag.11.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 11 KB
4 KB 38ms
37ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.11.js?utv=ut4.47.202103082129
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b79dbb25945f1812cd5e8a81114bdfa7970cadad4c788e301a9bcdff0a6b58c6

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 21:29:29 GMT
server: AkamaiNetStorage
etag: "9a0be035cd4e4e698510d46c10abb66b:1615238969.9395"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3673
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
H2 200 utag.12.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 12 KB
4 KB 38ms
38ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.12.js?utv=ut4.47.202103231534
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fdfa50fd0355566fd18c03de7fe9f8aba89b77c88cf4637e5337b7a45c19b150

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 15:34:14 GMT
server: AkamaiNetStorage
etag: "ebbc8f103009d2b6fbff29626aecb5d5:1616513654.686566"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3756
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
H2 200 utag.13.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 11 KB
4 KB 40ms
39ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.13.js?utv=ut4.47.202103082129
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 47d633289413d5f54c7fbb87429d2ef26824d890143ac829e2893b5af348c05e

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 21:29:31 GMT
server: AkamaiNetStorage
etag: "0b05a652a75d13298b075362af173cce:1615238971.617931"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3611
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
H2 200 utag.14.js Show response
tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/ 4 KB
2 KB 40ms
39ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.14.js?utv=ut4.47.202103082129
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f4fa5843f2583596a041247b48ca8c0418c3d1e342259125202b49e9cba90ae3

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 21:29:25 GMT
server: AkamaiNetStorage
etag: "f79831f536cbf2570c35c4f31bc95c6e:1615238965.074696"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1667
expires: Sat, 17 Apr 2021 23:02:21 GMT

GET
DATA 200
OK truncated
/ 667 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 tag.js Show response
turbotax.intuit.com/proxy/t/cj/tags/11007/ 19 KB
6 KB 113ms
13ms Script
application/javascript 2a02:26f0:7100:180::1d6c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbotax.intuit.com/proxy/t/cj/tags/11007/tag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:180::1d6c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 34032744e34a56a7691fee28be213da6b000f28fb873af3487a23c296f0effd6

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: br
last-modified: Sat, 27 Mar 2021 20:34:47 GMT
server: Akamai Resource Optimizer
x-amz-cf-pop: ARN1-C1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1800
content-length: 5687
x-amz-cf-id: rc9eevXVk25uZCm-c_pkobYFdgG505eZw3LtGzTU71Vpo3k52_Rfow==
x-request-id: de88c698-8f3b-11eb-8c4f-d53ff157f1ea

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23784
x-fb-rlafr: 0
pragma: public
x-fb-debug: /hvHhgKJh8zKsOo9Vtd/PBTElR0T4Xa+WOJmO7N8/wrMpWZwLrmUbGleku5uJ1NKYYGbcsvlb8SoKEsgtnw+Yw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 02 Apr 2021 23:02:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 38ms
25ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-939634537

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb223e9cd1d0a60de1b9500a388fa42ec7e9121d5e6ac51b65aac9a154efefdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35784
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Apr 2021 23:02:22 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/939634537/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?label=HttKCPnogIYBEOnehsAD&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/939634537/?label=HttKCPnogIYBEOnehsAD&guid=ON&script=0&is_vtc=1&random=1810093542
https://www.google.de/pagead/1p-user-list/939634537/?label=HttKCPnogIYBEOnehsAD&guid=ON&script=0&is_vtc=1&random=1810093542&ipr=y

42 B
154 B

21ms
21ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939634537/?label=HttKCPnogIYBEOnehsAD&guid=ON&script=0&is_vtc=1&random=1810093542&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/939634537/?label=HttKCPnogIYBEOnehsAD&guid=ON&script=0&is_vtc=1&random=1810093542&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 22ms
21ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=intuit/cg-ttlc/202103231534&cb=1617404541986
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:21 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 02 Apr 2021 23:12:21 GMT

GET
H2 200 af-community-components44.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 17 KB
5 KB 35ms
34ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components44.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6181b16b6a6c479553b8a200fee15ea54725750db5866001f90df5693ed9cb0a

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:33:36 GMT
content-encoding: br
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 73727
etag: W/"2c7334447c7390786bf93650921b63dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: v4dzqgtjoFCfBNDyC5-g9fymBYB2FW84-KpZ1EstTcCbCjxXI37WXw==

GET
H2 200 af-community-components66.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 4 KB
2 KB 33ms
33ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components66.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3797f648709bce752797cbea013e68584cf5caeff0f5d526b5034df37bff83a

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:33:36 GMT
content-encoding: br
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 73727
etag: W/"fdfbebdbd451f6df109fd85e89e6d158"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: S2wwrnrisyEWwEydqAASJ9UgEcM-wQZadSjIYfUQbzwlEYuGnT5w_w==

GET
H/1.1 200
OK Cookie set dest5.html Show response
turbotax.demdex.net/ Frame AC8A 7 KB
3 KB 146ms
35ms Document
text/html 52.17.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://turbotax.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/intuit/cg-ttlc/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.73.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-73-77.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: turbotax.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ttlc.intuit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=53086904919967204770870513395947614908
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ttlc.intuit.com/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 10 Mar 2021 16:02:29 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=53086904919967204770870513395947614908;Path=/;Domain=.demdex.net;Expires=Wed, 29-Sep-2021 23:02:22 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: zikj1rlUTYQ=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
sci.intuit.com/ 48 B
512 B 131ms
33ms XHR
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sci.intuit.com/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=969430F0543F253D0A4C98C6%40AdobeOrg&mid=53235629449399422800890013952783392361&ts=1617404542024

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6925a9a6a136da72d98d02747d4ddbcc7b0f98854b63278481785e6914f2c09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-fd4497967-6v7ps
vary: Origin
x-c: main-1451.Ibee288.M0-486
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://ttlc.intuit.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK event Show response
turbotax.demdex.net/ 1 KB
2 KB 156ms
43ms XHR
application/json 52.17.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://turbotax.demdex.net/event?d_dil_ver=9.5&_ts=1617404541986

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.73.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-73-77.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6745582d96b501e8443240e173177f66b7d42e300def32edc1bb42a496f2323b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v090-0527b83e9.edge-irl1.demdex.com 5.80.7.20210304103356 5ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2+ccOMR5SHQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://ttlc.intuit.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1297
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 af-community-components5.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 33 KB
8 KB 33ms
31ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components5.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29c65c105154bcef795bdbb7039ede3f5fe58d51d2fbcb6a96419afe632088c9

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:19:48 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67355
etag: W/"81a9a11a957b3c3d68ccab41a0ad80f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Q768uA9DLQt2Syxh4v8JR8uQMYcH2bVLGT__lgWxfbBJ4PbwizR5aQ==

GET
H2 200 af-community-components8.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 22 KB
5 KB 30ms
28ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components8.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6520e880cc583c21a86491a2b8ae898e19d4e6d5375ebae83ef8a4f51ed70f70

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:19:48 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67355
etag: W/"d0cf0d053de0c3bcad1180c0db844ed7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: JjqwqTCelZojOFIZzP1TGBRMryTV9LvG4JnWMOhk8dItSQF_4KoujA==

GET
H2 200 af-community-components7.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 16 KB
7 KB 29ms
28ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components7.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b25d20ba70b03f5b500efbc65c2e3249eaac40b49db55ec9304111e6a7f14e61

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:19:48 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67355
etag: W/"a74127784b383f3f13b5be7772beee55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: CXQ4eBm3MXOGkM36XGAIAUzUnNhoRm1L8klarSJUK_vJBmCTrf18mA==

GET
H2 200 af-community-components10.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 29 KB
8 KB 29ms
28ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components10.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2280342f8d650fcd2964c31ec38ea7ca0b48e50652c7e0df1248536d576502a9

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:19:48 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67355
etag: W/"c07282118456dec003eee84ebd81943d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: DIXSe-v-FrfNLr6tjEj3z0Zn35fxWKOecszQQBzIYE_z0MrkHiSvVQ==

GET
H2 200 af-community-components55.js Show response
master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/ 417 KB
99 KB 30ms
29ms Script
application/javascript 13.226.159.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components55.js
Requested by: Host: master.reactcomponents.lc.a.intuit.com
URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-72.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9ac0a64b84619c74caac03950a3c93bf574d0137ed3cbd7daa88899727497cc

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 04:19:48 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 22:56:32 GMT
server: AmazonS3
age: 67355
etag: W/"7831e9128e4e1e9c962dc907b3d46d4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: JMnauV7GLNCFhl48vJZty9_zSx5Fti1PYM3uCWrRvLwUIQ1J29P21Q==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 8ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: v1+IuW25pr2clec9Kn4LssjqtZeKfsz3D+qEMZKUn5GDXD0klziX3jt2jy2PyMPAO0+/7d7l3mEsPTWILlpdWQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 02 Apr 2021 23:02:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 731603736930725 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 58ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/731603736930725?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bcb608889fc1414b5fab7dace9f9c4c872bf8ca001995943fe8fd6e2d6ab8396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: imKLT9RYvSEETkefCwMp10VqN9/QC7757iUJlq+FIPWs2qAG6CF//UNhB9yIh/NG0OKNXwiBCeeaOrm7ebWMYQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 02 Apr 2021 23:02:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 policy Show response
www.sjwoe.com/ 28 B
415 B 45ms
9ms XHR
application/json 2600:9000:2182:7e00:7:f1a3:af00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sjwoe.com/policy
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:7e00:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4bfe3fd63b2ce813a2e3e1252146acf89e82d30222ca39161cf68086449cd64b

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:22:06 GMT
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
age: 74416
x-amzn-requestid: a8cf9ff6-c8a4-46db-b9e3-684c1b532d97
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
x-amzn-trace-id: Root=1-60667fce-133619ba357669f91778c13d;Sampled=0
x-amz-cf-pop: DUS51-C1
x-amz-apigw-id: dIjoSF9_IAMFTEw=
content-length: 28
x-amz-cf-id: sfotqi4IA7xF5b6rG-z03Z3ZiyT-U50GCsOiWSqQPEQuoET9K06-jQ==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 89ms
34ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-939634537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13758
x-xss-protection: 0
server: cafe
etag: 4262303240453495685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 23:02:22 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-956694873&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-939634537

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e55c184e5a9b866db06d78dbd35af460e098b2cc94c048df749bbed39a87e27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35765
x-xss-protection: 0
expires: Fri, 02 Apr 2021 23:02:22 GMT

OPTIONS
H2 200 26399
live-community.platform.intuit.com/v2/tax/external_posts/ Frame 0
0 536ms
173ms Preflight 52.39.211.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-community.platform.intuit.com/v2/tax/external_posts/26399
Protocol: H2
Server: 52.39.211.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-211-108.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lc-community-host
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-length: 0
server: nginx
intuit_tid: 1-6067a27e-3510a02a5e4197324cfdfac9
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT,PATCH
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-headers: x-tto-engine-version,date,content-length,expires,vary,x-lc-community-host,origin,locale,platform,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,fragment-location,content-type,connection,if-match,cache-control,intuit_tid,x-tto-routing-info,pragma,accept,x-requested-with,content-location,content-range,etag,intuit_originalurl,x-intuit-auth-id

GET
H2 200 26399 Show response
live-community.platform.intuit.com/v2/tax/external_posts/ 4 KB
3 KB 600ms
259ms Fetch
application/json 52.39.211.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://live-community.platform.intuit.com/v2/tax/external_posts/26399

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.39.211.108 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-39-211-108.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c78abd43c77a607847b8714889600d8081c3f24d5f90d69818b4c7d508353d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ttlc.intuit.com/
X-LC-Community-Host: ttlc.intuit.com
Authorization: Intuit_APIKey intuit_apikey=prdakyresHepGJuvAqd7JsXkKsKiObN87m3QDvMa, intuit_apikey_version=1.0
Content-Type: application/json

Response headers

date: Fri, 02 Apr 2021 23:02:23 GMT
content-encoding: gzip
etag: W/"34945185819c32e182ec6492b2ab4d87-gzip"
intuit_tid: 1-6067a27f-3e73977b3bf27a662210800e
status: 200 OK
x-lc-documentation-url: https://community-7.pod-1-prod-2.lc-production.lc.a.intuit.com/api/v2/docs
strict-transport-security: max-age=15552000
x-request-id: 0233e149-ec65-4e9d-ba54-ad0c691390db
x-runtime: 0.071484
x-spanid: d99c0fb4-3e8a-4dbc-9f15-e2e623ad657a
server: nginx
x-frame-options
x-amzn-trace-id: Root=1-6067a27f-3e73977b3bf27a662210800e
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: date,x-tto-engine-version,content-length,expires,vary,x-lc-community-host,origin,locale,platform,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,fragment-location,content-type,connection,if-match,cache-control,intuit_*,intuit_tid,x-tto-routing-info,pragma,accept,intuit-*,x-requested-with,content-location,content-range,etag,intuit_originalurl,x-intuit-auth-id
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK error.gif
col.eum-appdynamics.com/eumcollector/ 26 B
466 B 678ms
170ms Image
image/gif 44.235.9.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-AAX-EDT&msg=Assert%20fail%3A%20M50

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.9.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-9-37.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 26
expires: 0

GET
H/1.1 200
OK error.gif
col.eum-appdynamics.com/eumcollector/ 26 B
466 B 679ms
170ms Image
image/gif 44.235.9.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-AAX-EDT&msg=Assert%20fail%3A%20M51

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.9.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-9-37.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 26
expires: 0

POST
H2 200 pageInfo Show response
turbotax.intuit.com/proxy/t/cj/11007/ 68 B
274 B 31ms
17ms XHR
image/png 2a02:26f0:7100:180::1d6c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://turbotax.intuit.com/proxy/t/cj/11007/pageInfo
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:180::1d6c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept: */*
Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
content-type: image/png
access-control-allow-origin: *
cache-control: no-store
content-length: 68
x-amz-cf-id: TvG3O3hGHRWtiYOVUFtSfdYvhHK40qV4-cyBJqLPUNDhvlS2PbASCg==
x-request-id: 7b78ad15-9407-11eb-a50c-b5def8daa650

GET
H2 200 seteventid.png
turbotax.intuit.com/proxy/t/cj/tags/images/undefined/11007/ 68 B
300 B 8ms
7ms Image
image/png 2a02:26f0:7100:180::1d6c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbotax.intuit.com/proxy/t/cj/tags/images/undefined/11007/seteventid.png?hasConsent=false&cjConsent=MHxZfDB8Tnww
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:180::1d6c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
content-type: image/png
cache-control: no-store
content-length: 79
x-amz-cf-id: kt9G_66k4f-68MKj8Ux_O7OkpbiQ-gnHxhV3K-0ZDNXt_VM7TQXQJA==
x-request-id: fe15e1a5-9347-11eb-ad2e-974821b76438

OPTIONS
H2 200 graphql
shcontentservice.api.intuit.com/ Frame 0
0 192ms
170ms Preflight 52.13.165.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shcontentservice.api.intuit.com/graphql
Protocol: H2
Server: 52.13.165.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-13-165-209.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-lc-community-host
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-length: 0
server: nginx
intuit_tid: 1-6067a27e-693320d723785d1a5638be83
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-headers: date,content-length,expires,vary,x-lc-community-host,origin,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,fragment-location,content-type,connection,if-match,cache-control,x-sh-ecosystem,x-sh-locale,intuit_tid,pragma,accept,intuit-plugin-id,x-requested-with,content-location,content-range,etag,intuit_originalurl,x-intuit-auth-id

POST
H2 200 graphql Show response
shcontentservice.api.intuit.com/ 3 KB
2 KB 594ms
259ms Fetch
application/json 44.237.0.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shcontentservice.api.intuit.com/graphql

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.0.165 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-0-165.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

23dda2d6690030f61fca4382739afcf4e482521e6d9a7facbc34418a4c9c7962

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept: */*
Referer: https://ttlc.intuit.com/
authorization: Intuit_APIKey intuit_apikey=prdakyresHepGJuvAqd7JsXkKsKiObN87m3QDvMa,intuit_apikey_version=2.0
X-LC-Community-Host: ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
etag: W/"b90-PeJA5cpyXCItEG5GsvrdzKUTms4"
strict-transport-security: max-age=15552000
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: date,content-length,expires,vary,x-lc-community-host,origin,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,fragment-location,content-type,connection,if-match,cache-control,x-sh-ecosystem,x-sh-locale,intuit_tid,pragma,accept,intuit-plugin-id,x-requested-with,content-location,content-range,etag,intuit_originalurl,x-intuit-auth-id
x-cache-hit: false
x-amzn-trace-id: Root=1-6067a27e-307f4dc85cdedc6a11e6ea3e
intuit_tid: 1-6067a27e-307f4dc85cdedc6a11e6ea3e
access-control-allow-credentials: true
x-spanid: 88a815f5-3364-4c74-bb13-dfcb29f2231d

GET
H2 200 897642630315195 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/897642630315195?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc10c6ac6b8469904c93762e27d44b417bd29817c35c590ad78677c8cc0b30e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: iStsx80olr9jF9gEonKQtaeuZSo9rjqhRvbeE7WD/SaquMi0aZTpY/YuRYR6HazyPvSWQ7ELsELdbOqr+qD96g==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 02 Apr 2021 23:02:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
222 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=731603736930725&ev=PageView&dl=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&rl=&if=false&ts=1617404542297&cd[external_id]=9b0a8426-667f-46aa-9196-f9d33de46f66&cd[extern_id]=9b0a8426-667f-46aa-9196-f9d33de46f66&sw=1600&sh=1200&ud[external_id]=5f4fb7cf9551a6d3a93775f22380eb83eaca8460184f3cde6d25c04e5cbf0ef0&ud[extern_id]=5f4fb7cf9551a6d3a93775f22380eb83eaca8460184f3cde6d25c04e5cbf0ef0&v=2.9.33&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1617404542295.472293371&it=1617404542105&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2f700428b42ca20c0dd9be06aa03fc86&tm=1&rqm=GET

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 02 Apr 2021 23:02:22 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/ 3 KB
1 KB 51ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?random=1617404542308&cv=9&fst=1617404542308&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6442a66a346b33a640dba6203ca4fa44b5a4edb709ccaac5f2d9f09c0f812e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/ 3 KB
1 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?random=1617404542311&cv=9&fst=1617404542311&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_src%3Dweb%3Bxintuit_env%3Dprd%3Btyseason%3Dty20%3Bdatekey%3D20210403&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c8e6561fc6e53af8e4f0d1aaca69297c88f354b2a4e91fcb63930af2a8709d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1187
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/ 3 KB
1 KB 50ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?random=1617404542312&cv=9&fst=1617404542312&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_env%3Dprd%3Bxintuit_src%3Dweb%3Btyseason%3Dty20%3Bdatekey%3D20210403%3Badblock%3D0%3Bbot%3D0&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0bba59386b53f67a581afe6f8eb2b60720713e845da729ef25d23f8be8cceb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/939634537/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939634537/?random=1617404542312&cv=9&fst=1617404542312&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u...
https://www.google.com/pagead/1p-user-list/939634537/?random=1617404542312&cv=9&fst=1617404400000&num=1&fmt=3&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&...
https://www.google.de/pagead/1p-user-list/939634537/?random=1617404542312&cv=9&fst=1617404400000&num=1&fmt=3&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u...

42 B
66 B

19ms
19ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939634537/?random=1617404542312&cv=9&fst=1617404400000&num=1&fmt=3&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&is_vtc=1&random=3506238939&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/939634537/?random=1617404542312&cv=9&fst=1617404400000&num=1&fmt=3&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&is_vtc=1&random=3506238939&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956694873/ 3 KB
1 KB 50ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956694873/?random=1617404542314&cv=9&fst=1617404542314&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49142cc0a834e58b90c8dc82daceff27b938a9d37aaa153cd987d8d2cb707596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956694873/ 3 KB
1 KB 48ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956694873/?random=1617404542315&cv=9&fst=1617404542315&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_env%3Dprd%3Bxintuit_src%3Dweb%3Btyseason%3Dty20%3Bdatekey%3D20210403%3Badblock%3D0%3Bbot%3D0&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c96f1072c29ef49ac906af6716330dae5b887a6e911c162dcda0f6d31fd8f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1200
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956694873/ 3 KB
1 KB 46ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956694873/?random=1617404542316&cv=9&fst=1617404542316&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

815e316e113b5af50bcebbe6fb95515d6efcd34cd24f73f62c0701cf8b6970b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=dtzXNi6f1LssO25
dpm.demdex.net/ Frame AC8A
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=dtzXNi6f1LssO25

42 B
915 B

36ms
36ms

Image
image/gif

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=dtzXNi6f1LssO25

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://turbotax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-00d61124b.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: g9SpxzwDTYA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 23:02:21 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-032cb6be36f767055@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=dtzXNi6f1LssO25
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ctg-freedom-clickstream Show response
trinity.platform.intuit.com/trinity/v1/ 0
523 B 519ms
171ms XHR
text/plain 44.236.215.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trinity.platform.intuit.com/trinity/v1/ctg-freedom-clickstream
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.215.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-215-203.us-west-2.compute.amazonaws.com
Software: Jetty(9.3.z-SNAPSHOT) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: text/plain; charset=utf-8
Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

intuit_offeringid: Intuit.ldcp.mds.trinity
date: Fri, 02 Apr 2021 23:02:22 GMT
access-control-request-method: GET,POST,OPTIONS
intuit_received_at: 1617404542808
server: Jetty(9.3.z-SNAPSHOT)
intuit_appid: Intuit.ldcp.mds.trinity
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: private, no-cache, no-transform
intuit_tid: d40f7eb9-6c44-4a99-ae56-dca5c740177c
x-application-id: trinity-api-20200728192815-development
access-control-allow-headers: Authorization,X-Forwarded-For,Accept-Language,Content-Type,intuit_tid,intuit_appid,intuit_offeringid,intuit_originatingip,intuit_test,intuit_locale,intuit_country,intuit_iddomain
content-length: 0

GET
H2

200

s27901810879042
sci.intuit.com/b/ss/intuitturbotax/1/H.26/
Redirect Chain

https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s27901810879042?AQB=1&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2F...
https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s27901810879042?AQB=1&pccr=true&vidn=3033D13F0688A08F-40000720D0BEFCDB&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%...

43 B
284 B

34ms
33ms

Image
image/gif

35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s27901810879042?AQB=1&pccr=true&vidn=3033D13F0688A08F-40000720D0BEFCDB&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&j=1.8.5&t=03/3/2021%2001:02:22%206%20-120&ch=Live%20Community&c5=Customer%20Care&c6=Live%20Community&c7=LC&c34=en&c36=websdk-preprod&c42=9b0a8426-667f-46aa-9196-f9d33de46f66&c43=bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a&c49=26399&h5=6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351&pageName=%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399%20Live%20Community&v12=event_message&topicId:%20=event_page_topic_id&c19=board&v19=event_properties_path_current_name&v2=Screen&v3=Screen%20View&c15=No%20Referrer&v25=%7C%7C%7C%7C&v29=element_id&v30=element_text&v31=element_context&v43=ty19_1141&h2=true&r=No%20Referrer&AQE=1

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
x-c: main-1451.Ibee288.M0-486
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 03 Apr 2021 23:02:22 GMT
server: jag
xserver: anedge-fd4497967-h8sks
etag: 3473349806533771264-4621778772557320813
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 01 Apr 2021 23:02:22 GMT

Redirect headers

date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
x-c: main-1451.Ibee288.M0-486
p3p: CP="This is not a P3P policy"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
location: https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s27901810879042?AQB=1&pccr=true&vidn=3033D13F0688A08F-40000720D0BEFCDB&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&j=1.8.5&t=03/3/2021%2001:02:22%206%20-120&ch=Live%20Community&c5=Customer%20Care&c6=Live%20Community&c7=LC&c34=en&c36=websdk-preprod&c42=9b0a8426-667f-46aa-9196-f9d33de46f66&c43=bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a&c49=26399&h5=6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351&pageName=%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399%20Live%20Community&v12=event_message&topicId:%20=event_page_topic_id&c19=board&v19=event_properties_path_current_name&v2=Screen&v3=Screen%20View&c15=No%20Referrer&v25=%7C%7C%7C%7C&v29=element_id&v30=element_text&v31=element_context&v43=ty19_1141&h2=true&r=No%20Referrer&AQE=1
last-modified: Sat, 03 Apr 2021 23:02:22 GMT
server: jag
xserver: anedge-fd4497967-x2bbx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 01 Apr 2021 23:02:22 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/939634537/ 42 B
530 B 34ms
26ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939634537/?random=1617404542308&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=3885287607&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/939634537/ 42 B
66 B 48ms
34ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939634537/?random=1617404542308&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=3885287607&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/939634537/ 42 B
66 B 34ms
26ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939634537/?random=1617404542312&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_env%3Dprd%3Bxintuit_src%3Dweb%3Btyseason%3Dty20%3Bdatekey%3D20210403%3Badblock%3D0%3Bbot%3D0&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=2728761852&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/939634537/ 42 B
66 B 49ms
35ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939634537/?random=1617404542312&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_env%3Dprd%3Bxintuit_src%3Dweb%3Btyseason%3Dty20%3Bdatekey%3D20210403%3Badblock%3D0%3Bbot%3D0&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=2728761852&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/956694873/ 42 B
66 B 36ms
29ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956694873/?random=1617404542316&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=2672814711&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/956694873/ 42 B
66 B 47ms
34ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956694873/?random=1617404542316&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=2672814711&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/939634537/ 42 B
66 B 33ms
26ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939634537/?random=1617404542311&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_src%3Dweb%3Bxintuit_env%3Dprd%3Btyseason%3Dty20%3Bdatekey%3D20210403&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=1797170985&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/939634537/ 42 B
530 B 45ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/939634537/?random=1617404542311&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_src%3Dweb%3Bxintuit_env%3Dprd%3Btyseason%3Dty20%3Bdatekey%3D20210403&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=1797170985&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/956694873/ 42 B
66 B 32ms
27ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956694873/?random=1617404542315&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_env%3Dprd%3Bxintuit_src%3Dweb%3Btyseason%3Dty20%3Bdatekey%3D20210403%3Badblock%3D0%3Bbot%3D0&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=117949675&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/956694873/ 42 B
66 B 44ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956694873/?random=1617404542315&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dpage_view%3Bxintuit_org%3Dttus%3Bxintuit_env%3Dprd%3Bxintuit_src%3Dweb%3Btyseason%3Dty20%3Bdatekey%3D20210403%3Badblock%3D0%3Bbot%3D0&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=117949675&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/956694873/ 42 B
66 B 32ms
27ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956694873/?random=1617404542314&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=3506845093&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/956694873/ 42 B
66 B 45ms
34ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956694873/?random=1617404542314&cv=9&fst=1617404400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&tiba=I%20received%20a%20TurboTax%20email%20or%20text%20message%2C%20addre...&async=1&fmt=3&is_vtc=1&random=3506845093&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=897642630315195&ev=PageView&dl=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&rl=&if=false&ts=1617404542391&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1617404542295.472293371&it=1617404542105&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=5750bc1737384075c9d9161c5fd2726a&tm=1&rqm=GET

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 02 Apr 2021 23:02:22 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=459d4debf0867f40f850cf5062de00ff2229ee8fcf6119c9251eb2c8f541b67ab0da87c991749652
dpm.demdex.net/ Frame AC8A
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=53086904919967204770870513395947614908
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTMwODY5MDQ5MTk5NjcyMDQ3NzA4NzA1MTMzOTU5NDc2MTQ5MDgQABoNCP7EnoMGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=459d4debf0867f40f850cf5062de00ff2229ee8fcf6119c9251eb2c8f541b67ab0da87c991749652

42 B
915 B

36ms
36ms

Image
image/gif

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=459d4debf0867f40f850cf5062de00ff2229ee8fcf6119c9251eb2c8f541b67ab0da87c991749652

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://turbotax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-04217ce60.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: onr4ChbATN0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 02 Apr 2021 23:02:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=459d4debf0867f40f850cf5062de00ff2229ee8fcf6119c9251eb2c8f541b67ab0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEKNiGduPhnBsDN08g0BeWSQ&google_cver=1
dpm.demdex.net/ Frame AC8A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTMwODY5MDQ5MTk5NjcyMDQ3NzA4NzA1MTMzOTU5NDc2MTQ5MDg=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKNiGduPhnBsDN08g0BeWSQ&google_cver=1?gdpr=0&gdpr_consent=

42 B
915 B

36ms
36ms

Image
image/gif

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKNiGduPhnBsDN08g0BeWSQ&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://turbotax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-01e477a11.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Ku8+jTivQBo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKNiGduPhnBsDN08g0BeWSQ&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=23108B0338BA693E0C019B0E396868B5
dpm.demdex.net/ Frame AC8A
Redirect Chain

https://c.bing.com/c.gif?uid=53086904919967204770870513395947614908&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=23108B0338BA693E0C019B0E396868B5

42 B
915 B

36ms
36ms

Image
image/gif

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=23108B0338BA693E0C019B0E396868B5

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://turbotax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0b4addc7b.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: l7UG3tUPQT4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:22 GMT
x-msedge-ref: Ref A: 4B91A5ED16274C5EA8F2BD697DB3DBA7 Ref B: FRAEDGE1318 Ref C: 2021-04-02T23:02:22Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=23108B0338BA693E0C019B0E396868B5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

OPTIONS
H2 200 track
experimentation.us.api.intuit.com/ Frame 0
0 174ms
174ms Preflight
application/json 54.186.57.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://experimentation.us.api.intuit.com/track
Protocol: H2
Server: 54.186.57.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-57-15.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: f2803079-1eb6-42de-845d-7104c812ac36
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: dLZT0HgKvHcF0rQ=
access-control-allow-methods: OPTIONS,POST
access-control-max-age: 864000
access-control-allow-credentials: false

POST
H2 200 track Show response
experimentation.us.api.intuit.com/ 33 B
286 B 193ms
193ms XHR
application/json 54.186.57.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://experimentation.us.api.intuit.com/track
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.57.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-57-15.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6edf572fc78fcfa4b2ccaeee5402478f1f4d356360426ca89f5cff36d00a5bec

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
x-amzn-requestid: 143b5cbb-827a-4401-89ed-32043541ce04
content-type: application/json
access-control-allow-origin: https://ttlc.intuit.com
x-amzn-trace-id: Root=1-6067a27e-32d1b18f5ccdb7e40a631251;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: dLZT2EfLvHcF1vA=
content-length: 33

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame AC8A
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=53086904919967204770870513395947614908&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-9ZN8ZgZE2pH.F0ydZwTEQuB8GttfDov2wII-~A

42 B
915 B

41ms
40ms

Image
image/gif

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-9ZN8ZgZE2pH.F0ydZwTEQuB8GttfDov2wII-~A

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://turbotax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0014e76c8.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: G7WUkGXNSOw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 02 Apr 2021 23:02:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-9ZN8ZgZE2pH.F0ydZwTEQuB8GttfDov2wII-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

POST
H2 200 /
www.facebook.com/tr/ 0
59 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryC8j23XaTmoLdnADx

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 02 Apr 2021 23:02:22 GMT
content-type: text/plain
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 204 adb-ext.gif
ds.reson8.com/ Frame AC8A 0
204 B 87ms
36ms Image
text/plain 104.18.8.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/adb-ext.gif?puid=53086904919967204770870513395947614908

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://turbotax.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:22 GMT
vary: Accept-Encoding
server: cloudflare
cf-request-id: 09366bd7b500001fd2cca6f000000001
cf-ray: 639daf391a381fd2-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 89ms
28ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: DQBP5F9F5JS7YNEW
x-cache: HIT
content-length: 11777
x-amz-id-2: FVXg+AVnRXpg5FQr+SF/pThU/leQLF+WNEpdaO1CL+iLua/z4ohS/dyyLXoMlsVR4BDZQ3cHQSY=
x-served-by: cache-fra19181-FRA
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1617404543.940297,VS0,VE0
date: Fri, 02 Apr 2021 23:02:22 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3152

GET
H2 200 adrum-ext.18b6b3ec105ee15f14ef7c382e15f446.js Show response
cdn.appdynamics.com/ 47 KB
19 KB 86ms
31ms Script
application/javascript 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.18b6b3ec105ee15f14ef7c382e15f446.js
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/s/html/assets/js/cust-adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 6619ba77a7043416a164874dcacbf5ca4a6b53746f720c8c62c56d1832599307

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 04:10:12 GMT
content-encoding: gzip
age: 1277530
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 21 Dec 2017 23:37:57 GMT
server: nginx/1.16.1
etag: W/"5a3c45d5-bbee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: neV01lOqSulPBSm2kF5iEoYPg9vafNHeYa2sdWM3nXgGfVheN2YUUg==

POST
H2 200 /
www.facebook.com/tr/ 0
34 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx18CE9G0kF3VayHa

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 02 Apr 2021 23:02:22 GMT
content-type: text/plain
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK 90ec53e80f Show response
bam-cell.nr-data.net/1/ 57 B
652 B 184ms
143ms Script
text/javascript 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/90ec53e80f?a=198190945&v=1208.49599aa&to=M1BRYEAEWBVYURYLWAoaZFFQSmIHSVcRFkUdZVJTV19wCUtHDzZYFFxQZFMCUw%3D%3D&rst=5796&ck=1&ref=https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399&ap=201&be=3524&fe=5701&dc=4692&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1617404537163,%22n%22:0,%22f%22:1906,%22dn%22:1906,%22dne%22:1906,%22c%22:1906,%22ce%22:1906,%22rq%22:1906,%22rp%22:3512,%22rpe%22:3517,%22dl%22:3515,%22di%22:4689,%22ds%22:4692,%22de%22:4773,%22dc%22:5702,%22l%22:5702,%22le%22:5704%7D,%22navigation%22:%7B%7D%7D&fp=4301&fcp=4301&at=HxdGFggeFA1afA0GUjBMQ1EQXxQAVkAXDxoGWlJGVkcaRF9AAw9SLVERDgNRDl4AB1ZbAlcDAxgQDlUzSlcQK1NGDx4FHkddBWlTBQd5BVhWFghHcAlLRw82WBRcUGRTAlNEFRAJAXoLV1pYV0cMRF9TDhFSRhkRX1EnWRIbCEAEVghGVhYeR10FbUpAWBVUUwUFV1QDUhRRVlsDSQELBgFIDwcKBk9UU1BRBFcGXVQFXwpAThUPVn1bVgB/AhsIQApSCEUeVUARXwVVVxFAG0ZeUGZXFkIwC2MXB0UdFwkWYSB6I3pmQgFYCkNWRkEEQg9WXEwRWAhDVlAeRVU5XlcNPVsNW1hHbQ1CC1UeQgFoCVBHVW0XWQRWRhFCcTZ6fhRfAEUVWFUHERczfXZmd0VfAgQNQB9K&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 23:02:23 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 639daf39cdd51ea5-AMS
cf-request-id: 09366bd82200001ea5728ee000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 avenir-500.woff2
assets.intuitcdn.net/fonts/ 32 KB
33 KB 102ms
28ms Font
font/woff2 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.intuitcdn.net/fonts/avenir-500.woff2
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/s/skins/4826905/ed76ec61c2d1e8848ac2607d548cadca/turbotax_support.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-118.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a496f0a5fc51aac0cac43be7e4c6a81425194480f138a7a97e895071fd628260

Request headers

Origin: https://ttlc.intuit.com
Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:23 GMT
x-amz-request-id: C9TWCWJF34XM7Q51
content-length: 33240
x-amz-id-2: H+KggpQHpHJihVuIQ8jymSpDVG8ozx6JoEnEbCxWkUs4OQlxR01IIIz/CXp7ggJ9ORJZT8cCPB0=
last-modified: Wed, 07 Aug 2019 21:23:45 GMT
server: AmazonS3
etag: "433d4bcf95a373b63ba59713a2167d42"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Sep 2021 23:02:23 GMT

GET
H2 200 audience Show response
shdynamicads.api.intuit.com/v1/ 279 B
932 B 219ms
218ms Fetch
application/json 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shdynamicads.api.intuit.com/v1/audience?segmentId=&tag=

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-245-133.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

69d0b4563392238501011c3781519f5c3cbe018aeea6ebf37210f99bb5348574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ttlc.intuit.com/
X-LC-Community-Host: ttlc.intuit.com
Authorization: Intuit_APIKey intuit_apikey=prdakyresuiD5yquoBGOctj69NlX78zG0QS71QBP, intuit_apikey_version=1.0
Content-Type: application/json

Response headers

date: Fri, 02 Apr 2021 23:02:23 GMT
server: nginx
x-amzn-trace-id: Root=1-6067a27f-247534286cea08b8031e33a8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: x-tto-engine-version,date,content-length,expires,vary,x-lc-community-host,origin,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,fragment-location,content-type,connection,if-match,cache-control,intuit_*,intuit_tid,x-tto-routing-info,pragma,accept,intuit-*,x-requested-with,content-location,content-range,etag,intuit_originalurl
access-control-allow-credentials: true
intuit_tid: 1-6067a27f-247534286cea08b8031e33a8
strict-transport-security: max-age=15552000
x-spanid: dce47e71-34a5-415c-a4e3-153d4de55e23

OPTIONS
H2 200 audience
shdynamicads.api.intuit.com/v1/ Frame 0
0 528ms
170ms Preflight 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shdynamicads.api.intuit.com/v1/audience?segmentId=&tag=
Protocol: H2
Server: 54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-245-133.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lc-community-host
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:23 GMT
content-length: 0
server: nginx
intuit_tid: 1-6067a27f-09d95b150f05c52a517cab2d
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-headers: x-tto-engine-version,date,content-length,expires,vary,x-lc-community-host,origin,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,fragment-location,content-type,connection,if-match,cache-control,intuit_tid,x-tto-routing-info,pragma,accept,x-requested-with,content-location,content-range,etag,intuit_originalurl

GET
H2 200 ttl-logo.png
ttlc.intuit.com/community/s/html/@E825D61E78DF039EFFBDA1BC8D0D365D/assets/turbotaxsupport/ 4 KB
4 KB 10ms
9ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/@E825D61E78DF039EFFBDA1BC8D0D365D/assets/turbotaxsupport/ttl-logo.png
Requested by: Host: s2.go-mpulse.net
URL: https://s2.go-mpulse.net/boomerang/DDQ82-KFSJD-QETP5-X7HFM-YQSHT
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 4a02c879007c89c7af319d38acad3a1d9363b4835c3764d79d2a515ab5b573c2

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:23 GMT
last-modified: Wed, 15 May 2019 19:10:29 GMT
server: Apache
etag: W/"4081-1557947429000"
content-type: image/png
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 4081

GET
H2 200 lock.png
ttlc.intuit.com/community/s/html/@3384D7F9B6B9AAA338273ECDFCACA3D1/assets/ 409 B
604 B 10ms
9ms Image
image/png 2a02:26f0:7100:18d::42e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttlc.intuit.com/community/s/html/@3384D7F9B6B9AAA338273ECDFCACA3D1/assets/lock.png
Requested by: Host: s2.go-mpulse.net
URL: https://s2.go-mpulse.net/boomerang/DDQ82-KFSJD-QETP5-X7HFM-YQSHT
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::42e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: fbc562b23385ed991d866d53bf897906d81a2bc7e90810eb8ebda4b2ba323ccb

Request headers

Referer: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:23 GMT
last-modified: Mon, 22 Jun 2020 18:53:36 GMT
server: Apache
etag: W/"409-1592852016000"
content-type: image/png
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 409

POST
H/1.1 200
OK adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAX-EDT/ 0
439 B 842ms
338ms XHR
text/html 44.235.9.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAX-EDT/adrum

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.9.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-9-37.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:24 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 0
expires: 0

POST
H2 200 ctg-freedom-clickstream Show response
trinity.platform.intuit.com/trinity/v1/ 0
522 B 170ms
170ms XHR
text/plain 44.236.215.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trinity.platform.intuit.com/trinity/v1/ctg-freedom-clickstream?last_iac_request_rt=521&last_sc_request_rt=71
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.215.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-215-203.us-west-2.compute.amazonaws.com
Software: Jetty(9.3.z-SNAPSHOT) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: text/plain; charset=utf-8
Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

intuit_offeringid: Intuit.ldcp.mds.trinity
date: Fri, 02 Apr 2021 23:02:24 GMT
access-control-request-method: GET,POST,OPTIONS
intuit_received_at: 1617404544124
server: Jetty(9.3.z-SNAPSHOT)
intuit_appid: Intuit.ldcp.mds.trinity
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: private, no-cache, no-transform
intuit_tid: 43d15f22-6d11-4697-b2c6-3938f5be47ce
x-application-id: trinity-api-20200728192815-development
access-control-allow-headers: Authorization,X-Forwarded-For,Accept-Language,Content-Type,intuit_tid,intuit_appid,intuit_offeringid,intuit_originatingip,intuit_test,intuit_locale,intuit_country,intuit_iddomain
content-length: 0

GET
H2 200 s09843367858247
sci.intuit.com/b/ss/intuitturbotax/1/H.26/ 43 B
333 B 35ms
34ms Image
image/gif 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s09843367858247?AQB=1&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&j=1.8.5&t=03/3/2021%2001:02:24%206%20-120&ch=Live%20Community&c5=Customer%20Care&c7=LC&c36=websdk-preprod&c42=9b0a8426-667f-46aa-9196-f9d33de46f66&c43=bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a&c49=26399&h5=da772038-5a32-46f0-85e9-7340f207e143-1617404544024&pageName=%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399%20Live%20Community&v12=event_message&topicId:%20=event_page_topic_id&c14=26399%3E&h2=true&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 23:02:24 GMT
x-content-type-options: nosniff
x-c: main-1451.Ibee288.M0-486
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 03 Apr 2021 23:02:24 GMT
server: jag
xserver: anedge-fd4497967-bpc6w
etag: 3473349810732728320-4621960998893287093
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 01 Apr 2021 23:02:24 GMT

GET
H2 200 default.jpg
digitalasset.intuit.com/IMAGE/A46Ij6EX9/ 136 KB
136 KB 152ms
32ms Image
image/jpeg 104.111.247.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digitalasset.intuit.com/IMAGE/A46Ij6EX9/default.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.247.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-247-16.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3df5caa4eb716ac9ead0437e7d095b442fef0810bfaecafddaf5f41a7d52b117

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-unique-id: 6083-1617394554.746-10.114.61.33-3634
strict-transport-security: max-age=15552000
server: nginx
x-amzn-trace-id: Root=1-60677b7a-0ae3de8d2fe194eb65e5fab6
content-type: image/jpeg
date: Fri, 02 Apr 2021 23:02:24 GMT
intuit_tid: 1-60677b7a-0ae3de8d2fe194eb65e5fab6
content-length: 139155
x-spanid: 8c6fa548-be7b-4482-bd07-ec0e6805216e

GET
H2 200 default_300x50.jpg
digitalasset.intuit.com/IMAGE/A9VNRUHln/ 20 KB
21 KB 187ms
67ms Image
image/jpeg 104.111.247.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digitalasset.intuit.com/IMAGE/A9VNRUHln/default_300x50.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.247.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-247-16.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

492c6fc48eb5457cd7f2a015363877346e5dad3b80b310234e4a96f8b828f9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-unique-id: 6080-1617359671.963-10.114.61.215-3248
strict-transport-security: max-age=15552000
server: nginx
x-amzn-trace-id: Root=1-6066f337-28f26ae1034905bd5153649b
content-type: image/jpeg
date: Fri, 02 Apr 2021 23:02:24 GMT
intuit_tid: 1-6066f337-28f26ae1034905bd5153649b
content-length: 20987
x-spanid: b344100d-666a-495a-90af-00b1e126fc05

GET
H/1.1

200
OK

results.txt Show response
kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net/eum/ Frame 6E51
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p6ru8tjaf
https://kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

82ms
21ms

XHR
text/plain

23.14.92.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.14.92.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-92-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 23:02:24 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Fri, 02 Apr 2021 23:02:24 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net/eum/ Frame 6E51
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p6ru8tjaf
https://fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

48ms
6ms

XHR
text/plain

2a02:26f0:64::210:6a62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:64::210:6a62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 23:02:24 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net/eum/results.txt
Date: Fri, 02 Apr 2021 23:02:24 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

POST
H/1.1 204
No Content /
684dd307.akstat.io/ 0
356 B 64ms
50ms Other
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd307.akstat.io/

Requested by

Host: s2.go-mpulse.net
URL: https://s2.go-mpulse.net/boomerang/DDQ82-KFSJD-QETP5-X7HFM-YQSHT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 23:02:24 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://ttlc.intuit.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Fri, 02 Apr 2021 23:02:24 GMT

OPTIONS
H2 200 message
logging.api.intuit.com/v2/log/ Frame 0
0 187ms
169ms Preflight 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.api.intuit.com/v2/log/message
Protocol: H2
Server: 54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-245-133.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: -x-appid,-x-deviceid,-x-intuit_tid,authorization,content-type
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:26 GMT
content-length: 0
server: nginx
intuit_tid: 1-6067a282-5e87edbf6c50a62b0dc62b4f
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-headers: x-tto-engine-version,date,content-length,expires,vary,-x-intuit_tid,origin,content-encoding,-x-appid,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,-x-deviceid,fragment-location,content-type,connection,if-match,cache-control,intuit_tid,x-appid,x-tto-routing-info,pragma,accept,x-requested-with,content-location,content-range,etag,intuit_originalurl

OPTIONS
H2 200 message
logging.api.intuit.com/v2/log/ Frame 0
0 191ms
173ms Preflight 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.api.intuit.com/v2/log/message
Protocol: H2
Server: 54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-245-133.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: -x-appid,-x-deviceid,-x-intuit_tid,authorization,content-type
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:26 GMT
content-length: 0
server: nginx
intuit_tid: 1-6067a282-3bf278f57287cbd34e425c6d
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-headers: date,x-tto-engine-version,content-length,expires,-x-intuit_tid,vary,origin,content-encoding,-x-appid,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,-x-deviceid,fragment-location,content-type,connection,if-match,cache-control,intuit_tid,x-appid,x-tto-routing-info,pragma,accept,x-requested-with,content-location,content-range,etag,intuit_originalurl

OPTIONS
H2 200 message
logging.api.intuit.com/v2/log/ Frame 0
0 187ms
170ms Preflight 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.api.intuit.com/v2/log/message
Protocol: H2
Server: 54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-245-133.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: -x-appid,-x-deviceid,-x-intuit_tid,authorization,content-type
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:26 GMT
content-length: 0
server: nginx
intuit_tid: 1-6067a282-4b4b32894c6dc9474217b80b
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-headers: date,x-tto-engine-version,content-length,expires,-x-intuit_tid,vary,origin,content-encoding,-x-appid,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,-x-deviceid,fragment-location,content-type,connection,if-match,cache-control,intuit_tid,x-appid,x-tto-routing-info,pragma,accept,x-requested-with,content-location,content-range,etag,intuit_originalurl

OPTIONS
H2 200 message
logging.api.intuit.com/v2/log/ Frame 0
0 186ms
169ms Preflight 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.api.intuit.com/v2/log/message
Protocol: H2
Server: 54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-245-133.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: -x-appid,-x-deviceid,-x-intuit_tid,authorization,content-type
Origin: https://ttlc.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Apr 2021 23:02:26 GMT
content-length: 0
server: nginx
intuit_tid: 1-6067a282-6c3387c80aa755d139865b30
access-control-allow-origin: https://ttlc.intuit.com
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT
access-control-allow-credentials: true
access-control-max-age: 900
access-control-allow-headers: x-tto-engine-version,date,content-length,expires,vary,-x-intuit_tid,origin,content-encoding,-x-appid,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,-x-deviceid,fragment-location,content-type,connection,if-match,cache-control,intuit_tid,x-appid,x-tto-routing-info,pragma,accept,x-requested-with,content-location,content-range,etag,intuit_originalurl

POST
H2 200 message Show response
logging.api.intuit.com/v2/log/ 99 B
747 B 175ms
174ms Fetch
text/plain 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logging.api.intuit.com/v2/log/message

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-245-133.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

66965080c243216c78026c8b2e992feac8ab7f84b6a5ac49ccb2f3fc1a992eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Authorization: Intuit_APIKey intuit_apikey=prdakyresvV5u8cSivv3so3GRaYFhdu22H2NUJEn, intuit_apkey_version=1.0
Referer: https://ttlc.intuit.com/
-X-DEVICEID: a
-X-INTUIT_TID: a
-X-APPID: 'Intuit.data.entdataproc.trackstarwebapp'
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Apr 2021 23:02:26 GMT
x-content-type-options: nosniff
server: nginx
x-amzn-trace-id: Root=1-6067a282-5bd843cd09171dea1d018b06
strict-transport-security: max-age=15552000
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: x-tto-engine-version,date,content-length,expires,vary,-x-intuit_tid,origin,content-encoding,-x-appid,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,-x-deviceid,fragment-location,content-type,connection,if-match,cache-control,intuit_*,intuit_tid,x-appid,x-tto-routing-info,pragma,accept,intuit-*,x-requested-with,content-location,content-range,etag,intuit_originalurl
access-control-allow-credentials: true
intuit_tid: 1-6067a282-5bd843cd09171dea1d018b06
content-length: 99
x-spanid: 24595a36-9940-4148-a20c-9b2964c7fc9e

POST
H2 200 message Show response
logging.api.intuit.com/v2/log/ 99 B
747 B 181ms
181ms Fetch
text/plain 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logging.api.intuit.com/v2/log/message

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-245-133.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

66965080c243216c78026c8b2e992feac8ab7f84b6a5ac49ccb2f3fc1a992eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Authorization: Intuit_APIKey intuit_apikey=prdakyresvV5u8cSivv3so3GRaYFhdu22H2NUJEn, intuit_apkey_version=1.0
Referer: https://ttlc.intuit.com/
-X-DEVICEID: a
-X-INTUIT_TID: a
-X-APPID: 'Intuit.data.entdataproc.trackstarwebapp'
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Apr 2021 23:02:26 GMT
x-content-type-options: nosniff
server: nginx
x-amzn-trace-id: Root=1-6067a282-3007f207604d301b59192a05
strict-transport-security: max-age=15552000
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: date,x-tto-engine-version,content-length,expires,-x-intuit_tid,vary,origin,content-encoding,-x-appid,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,-x-deviceid,fragment-location,content-type,connection,if-match,cache-control,intuit_*,intuit_tid,x-appid,x-tto-routing-info,pragma,accept,intuit-*,x-requested-with,content-location,content-range,etag,intuit_originalurl
access-control-allow-credentials: true
intuit_tid: 1-6067a282-3007f207604d301b59192a05
content-length: 99
x-spanid: 8759cd38-2c7a-4f8a-8499-76a483d7afeb

POST
H2 200 message Show response
logging.api.intuit.com/v2/log/ 99 B
747 B 176ms
175ms Fetch
text/plain 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logging.api.intuit.com/v2/log/message

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-245-133.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

66965080c243216c78026c8b2e992feac8ab7f84b6a5ac49ccb2f3fc1a992eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Authorization: Intuit_APIKey intuit_apikey=prdakyresvV5u8cSivv3so3GRaYFhdu22H2NUJEn, intuit_apkey_version=1.0
Referer: https://ttlc.intuit.com/
-X-DEVICEID: a
-X-INTUIT_TID: a
-X-APPID: 'Intuit.data.entdataproc.trackstarwebapp'
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Apr 2021 23:02:26 GMT
x-content-type-options: nosniff
server: nginx
x-amzn-trace-id: Root=1-6067a282-1794b726231c099722a180f0
strict-transport-security: max-age=15552000
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: x-tto-engine-version,date,content-length,expires,vary,-x-intuit_tid,origin,content-encoding,-x-appid,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,-x-deviceid,fragment-location,content-type,connection,if-match,cache-control,intuit_*,intuit_tid,x-appid,x-tto-routing-info,pragma,accept,intuit-*,x-requested-with,content-location,content-range,etag,intuit_originalurl
access-control-allow-credentials: true
intuit_tid: 1-6067a282-1794b726231c099722a180f0
content-length: 99
x-spanid: bc8dd736-b0e2-4be7-a96d-a7ae99c030f1

POST
H2 200 message Show response
logging.api.intuit.com/v2/log/ 99 B
747 B 177ms
176ms Fetch
text/plain 54.69.245.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logging.api.intuit.com/v2/log/message

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.245.133 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-245-133.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

66965080c243216c78026c8b2e992feac8ab7f84b6a5ac49ccb2f3fc1a992eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Authorization: Intuit_APIKey intuit_apikey=prdakyresvV5u8cSivv3so3GRaYFhdu22H2NUJEn, intuit_apkey_version=1.0
Referer: https://ttlc.intuit.com/
-X-DEVICEID: a
-X-INTUIT_TID: a
-X-APPID: 'Intuit.data.entdataproc.trackstarwebapp'
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Apr 2021 23:02:26 GMT
x-content-type-options: nosniff
server: nginx
x-amzn-trace-id: Root=1-6067a282-74c3833d1b13d62b67c49148
strict-transport-security: max-age=15552000
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://ttlc.intuit.com
access-control-expose-headers: x-tto-engine-version,date,content-length,expires,vary,-x-intuit_tid,origin,content-encoding,-x-appid,authorization,keep-alive,content-disposition,content-transfer-encoding,if-unmodified-since,content-md5,-x-deviceid,fragment-location,content-type,connection,if-match,cache-control,intuit_*,intuit_tid,x-appid,x-tto-routing-info,pragma,accept,intuit-*,x-requested-with,content-location,content-range,etag,intuit_originalurl
access-control-allow-credentials: true
intuit_tid: 1-6067a282-74c3833d1b13d62b67c49148
content-length: 99
x-spanid: 999c70c2-0bc5-4ae8-8cea-4cc9ba0129c7

POST
H/1.1 200
OK adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAX-EDT/ 0
439 B 169ms
169ms XHR
text/html 44.235.9.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAX-EDT/adrum

Requested by

Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.9.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-9-37.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:02:29 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 0
expires: 0

POST
H/1.1 200
OK 90ec53e80f Show response
bam-cell.nr-data.net/events/1/ 24 B
491 B 133ms
133ms XHR
image/gif 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/90ec53e80f?a=198190945&v=1208.49599aa&to=M1BRYEAEWBVYURYLWAoaZFFQSmIHSVcRFkUdZVJTV19wCUtHDzZYFFxQZFMCUw%3D%3D&rst=15796&ck=1&ref=https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Requested by: Host: ttlc.intuit.com
URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://ttlc.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 02 Apr 2021 23:02:33 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://ttlc.intuit.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 639daf780a5c1ea5-AMS
Content-Length: 24
cf-request-id: 09366bff0a00001ea57f812000000001

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.intuit.com/	1970-01-20 10:47:56	Name: AMCV_969430F0543F253D0A4C98C6%40AdobeOrg Value: -637568504%7CMCIDTS%7C18720%7CMCMID%7C53235629449399422800890013952783392361%7CMCAAMLH-1618009342%7C6%7CMCAAMB-1618009342%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1617411742s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.demdex.net/	1970-01-19 21:35:56	Name: demdex Value: 53086904919967204770870513395947614908
.intuit.com/	1970-01-19 17:16:45	Name: websdk_swiper_flags Value:
.intuit.com/	1970-01-20 10:48:38	Name: aam_uuid Value: 53086904919967204770870513395947614908
.intuit.com/	1970-01-20 19:33:32	Name: aam_aud Value: mesg1%3D20862768
.intuit.com/	1970-01-20 02:45:32	Name: cjConsent Value: MHxZfDB8Tnww
.intuit.com/	1969-12-31 23:59:59	Name: AMCVS_969430F0543F253D0A4C98C6%40AdobeOrg Value: 1
ttlc.intuit.com/	1970-01-23 08:52:44	Name: VISITOR_BEACON Value: ~28JLc6CAvceSfuLDc~bteciFk_FfyK9INsM0wkor-XnWfET_z2DIApMXcRlJl2bHQ8HzmFevpp5jToIHdaIxjEKDxnTPEREpJAkhC5Ew..
.intuit.com/	1970-01-19 19:26:20	Name: _fbp Value: fb.1.1617404542295.472293371
.intuit.com/	1970-01-20 02:45:32	Name: CONSENTMGR Value: dns:false%7Cconsent:true%7Cts:1617404541620
.demdex.net/	1970-01-19 21:35:56	Name: dextp Value: 359-1-1617404542324\|477-1-1617404542426\|771-1-1617404542527\|1957-1-1617404542628\|30646-1-1617404542729\|57282-1-1617404542830
ttlc.intuit.com/	1970-01-19 17:26:49	Name: AWSALBCORS Value: ypo2ldAhNClNrtxhQmz+wS3d1qhSZ1ksoA4yXqGBx0ieWVDb8zTC2xGA2wrl9m8aKW35QuxLFaxaRWdDadAnPes3fJaCvLuxZY4whvLTWbaua2EoUTRfpvchkfnd
.intuit.com/	1970-01-20 10:47:56	Name: s_vi Value: [CS]v1\|3033D13F0688A08F-40000720D0BEFCDB[CE]
.intuit.com/	1970-01-21 13:06:10	Name: ivid Value: 9b0a8426-667f-46aa-9196-f9d33de46f66
ttlc.intuit.com/	1969-12-31 23:59:59	Name: LiSESSIONID Value: 1D62EB2699D87C4B49E6370646FDF6AF
ttlc.intuit.com/	1970-01-23 08:52:44	Name: LithiumVisitor Value: ~22s9NPWGDQLGi75SM~eX22yMXdgOMMo_5sns3bEODaEAmC1iBYwwMBR5O3Hw_5YhteD95RO6IisiLWvysH7rD_pfFRkt57rgFgC3EXhg..
.intuit.com/	1970-01-20 02:02:20	Name: utag_main Value: v_id:017894d2baaf00a56dd9d0fe28d800072008f06a00b08$_sn:1$_se:1$_ss:1$_st:1617406341616$ses_id:1617404541616%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:intuit.com
ttlc.intuit.com/	1970-01-19 17:26:49	Name: AWSALB Value: ypo2ldAhNClNrtxhQmz+wS3d1qhSZ1ksoA4yXqGBx0ieWVDb8zTC2xGA2wrl9m8aKW35QuxLFaxaRWdDadAnPes3fJaCvLuxZY4whvLTWbaua2EoUTRfpvchkfnd
.intuit.com/	1970-01-21 13:06:10	Name: ivid_b Value: bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a
.intuit.com/	1970-01-20 10:47:56	Name: s_ecid Value: MCMID%7C53235629449399422800890013952783392361
.intuit.com/	1970-01-19 17:26:49	Name: RT Value: "z=1&dm=intuit.com&si=96a75deb-9af3-4c13-a54f-394db54d3019&ss=kn0wwjd4&sl=0&tt=0&bcn=%2F%2F684dd307.akstat.io%2F"
.intuit.com/	1970-01-19 17:16:48	Name: AKA_A2 Value: A
.intuit.com/	1970-01-19 19:26:20	Name: mds_3rdparty_experience_store Value: 16158_42447
ttlc.intuit.com/	1969-12-31 23:59:59	Name: _session_id Value: NkN3R0ZhRTlBeS8wdDRJell1Yys2bDE2dmh3dUV5NWovZVBZZUJDVjRqaXJIYUlpRjN5dUxzVHhhYnRFcTl0MEJ3MVdsbWZjYjBFYklQZExWbTdmQm1IMCtLcVlPZm0vZy9tMkpDL004Zk5BVGRpcyt4WEowZVk3RHlhUDFKWHpCVm44SjNVRWVEdGE2ME5yVi93d2ZSYjRFc2tadm4vbmU2SUJVTnFXVUlFTWRGaWpxTkN2Ym9lMS93N1V0REZESmI5bWRDUDFnNmdYdW9ZM0xVSnZCaXR1SUhoelNMeUhYelhxOWlibmNJOTdYdGljMG5tdTQ2aU1JeEIyd2h2bTVwNWF5T2dHdUNLRXNkc3E0M3V0ZTVtTWpHR3ZvbjRhSHZlZHRlWDRIa1lhRG9MUTFPS3FOcFRrcnVpeFFOU2NoRmYrd1JBSWsrSVpYRThGTzhWU3ZBPT0tLTZ1QXlYelJOdkI2U3dEUDhUbndpbHc9PQ%3D%3D--02ddb67f6ec8bbdaed54d8246254a964e0222e03

52 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ttlc.intuit.com/community/s/html/assets/scripts/analytics.bundle.js?1617404540.095(Line 8) Message: %c Beacon Fired: background: #000; font-family: "Monaco"; font-size: 15px; color: #FFF;
console-api	log	URL: https://ttlc.intuit.com/community/s/html/assets/scripts/analytics.bundle.js?1617404540.095(Line 8) Message: [object Object]
console-api	log	URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399(Line 218) Message: in the getIXPData() function
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] INFO: s_code detected... waiting 500 milliseconds for call to complete info
console-api	log	URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399(Line 3875) Message: [object Object]
console-api	log	URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399(Line 4159) Message: [object Object]
console-api	log	URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-componentssh-dynamic-ads.js(Line 2) Message: props [object Object]
console-api	log	URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-componentssh-view.js(Line 2) Message: props [object Object]
console-api	log	URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-componentssh-view.js(Line 2) Message: finalProps [object Object]
console-api	log	URL: https://master.reactcomponents.lc.a.intuit.com/sh-community-components/1.124.8/sh-community-components/dist/af-community-components30.js(Line 1) Message: TurboTax Online
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config SCREEN_ID warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config action_type warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config activity_pageName warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config element_id warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config element_text warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config element_href warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config element_context warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config event_message warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config event_page_topic_id warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config event_properties_path_current_name warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: [{"provider":"iac","data":{"event.event_category":"Click","event.event_name":"action_type","event.page.channel":"Community Live","event.page.page_name":"activity_pageName","event.properties.group_id":"6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351","event.screen_id":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","session.ivid_client":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","session.ivid_server":"9b0a8426-667f-46aa-9196-f9d33de46f66","event.page.page_detail":"null","event.page.page_detail2":"\|\|\|\|","event.page.page_detail3":"null","event.page.page_detail4":"","event.element.id":"element_id","event.element.text":"element_text","event.element.href":"element_href","event.element.context":"element_context"}},{"provider":"siteCatalyst","data":{"ch":"Live Community","c4":null,"c5":"Customer Care","c6":"Live Community","c7":"LC","c33":null,"c34":"en","c36":"websdk-preprod","c42":"9b0a8426-667f-46aa-9196-f9d33de46f66","c43":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","c49":"26399","h5":"6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351","pageName":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399 Live Community","v12":"event_message","topicId: ":"event_page_topic_id","c19":"board","v19":"event_properties_path_current_name","v2":"Screen","v3":"Screen View","c15":"No Referrer","v24":"null","v25":"\|\|\|\|","v26":"null","v27":"","v29":"element_id","v30":"element_text","v31":"element_context","v43":"ty19_1141"}}] debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: dispatching IAC event: debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: {"event.event_category":"Click","event.event_name":"action_type","event.page.channel":"Community Live","event.page.page_name":"activity_pageName","event.properties.group_id":"6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351","event.screen_id":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","session.ivid_client":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","session.ivid_server":"9b0a8426-667f-46aa-9196-f9d33de46f66","event.page.page_detail":"null","event.page.page_detail2":"\|\|\|\|","event.page.page_detail3":"null","event.page.page_detail4":"","event.element.id":"element_id","event.element.text":"element_text","event.element.href":"element_href","event.element.context":"element_context","event.properties.is_paired":true} debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: could not retreive original value to replace for key: S_VI_COOKIE_PARSED warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] INFO: https://trinity.platform.intuit.com/trinity/v1/ctg-freedom-clickstream: {"data_version":"w1.0","cec_version":"1","client_framework_version":"1.9.4","application":{"app_name":"com.intuit.turbo","forwarded_by_app_id":"","offering_id":"Intuit.tax.openplatformnativeapps.turboweb","os":"Linux x86_64","platform":"web","browser":{"browser_version":"5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36","browser_name":"Netscape","locale":"en-US","browser_height":1200,"browser_width":1600,"screen_width":1600,"screen_height":1200,"screen_orientation":null,"screen_color_depth":24,"cookies_enabled":true,"encoding":"UTF-8","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36","url":"https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","url_host_name":"ttlc.intuit.com","query_param":null,"browser_plugins":"","java_enabled":false,"javascript_version":"1.8.5"},"properties":{}},"session":{"ivid_server":"9b0a8426-667f-46aa-9196-f9d33de46f66","ivid_client":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","properties":{"om_visitor_id":null}},"event":{"event_id":"8b8bb80c-a536-4f1a-a7de-b702a10164e1-1617404542367","timestamp":1617404542367,"event_category":"Click","event_name":"action_type","page":{"page_title":"I received a TurboTax email or text message, addre...","page_load_time":3298,"page_path":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","channel":"Community Live","page_name":"activity_pageName","page_detail":"null","page_detail2":"\|\|\|\|","page_detail3":"null","page_detail4":""},"traffic":{"campaign_id":null,"referrer_url":"No Referrer"},"properties":{"group_id":"6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351","is_paired":true},"screen_id":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","element":{"id":"element_id","text":"element_text","href":"element_href","context":"element_context"}}} info
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: dispatching siteCatalyst event: debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: {"ch":"Live Community","c4":null,"c5":"Customer Care","c6":"Live Community","c7":"LC","c33":null,"c34":"en","c36":"websdk-preprod","c42":"9b0a8426-667f-46aa-9196-f9d33de46f66","c43":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","c49":"26399","h5":"6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351","pageName":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399 Live Community","v12":"event_message","topicId: ":"event_page_topic_id","c19":"board","v19":"event_properties_path_current_name","v2":"Screen","v3":"Screen View","c15":"No Referrer","v24":"null","v25":"\|\|\|\|","v26":"null","v27":"","v29":"element_id","v30":"element_text","v31":"element_context","v43":"ty19_1141","h2":true} debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: could not retreive original value to replace for key: S_VI_COOKIE_PARSED warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s27901810879042?AQB=1&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&j=1.8.5&t=03/3/2021%2001:02:22%206%20-120&ch=Live%20Community&c5=Customer%20Care&c6=Live%20Community&c7=LC&c34=en&c36=websdk-preprod&c42=9b0a8426-667f-46aa-9196-f9d33de46f66&c43=bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a&c49=26399&h5=6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351&pageName=%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399%20Live%20Community&v12=event_message&topicId:%20=event_page_topic_id&c19=board&v19=event_properties_path_current_name&v2=Screen&v3=Screen%20View&c15=No%20Referrer&v25=%7C%7C%7C%7C&v29=element_id&v30=element_text&v31=element_context&v43=ty19_1141&h2=true&r=No%20Referrer&AQE=1 debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: dispatching aam event: debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: {"ch":"Live Community","c4":null,"c5":"Customer Care","c6":"Live Community","c7":"LC","c33":null,"c34":"en","c36":"websdk-preprod","c42":"9b0a8426-667f-46aa-9196-f9d33de46f66","c43":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","c49":"26399","h5":"6a421ddd-8e38-469a-8708-0a9dd2bcc9e6-1617404542351","pageName":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399 Live Community","v12":"event_message","topicId: ":"event_page_topic_id","c19":"board","v19":"event_properties_path_current_name","v2":"Screen","v3":"Screen View","c15":"No Referrer","v24":"null","v25":"\|\|\|\|","v26":"null","v27":"","v29":"element_id","v30":"element_text","v31":"element_context","v43":"ty19_1141","h2":true} debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: Copy siteCatalyst beacon to aam debug
console-api	log	(Line 1) Message: remediate ixp update
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] INFO: click-stream data post : success info
console-api	log	URL: https://ttlc.intuit.com/community/s/html/assets/scripts/analytics.bundle.js?1617404540.095(Line 8) Message: %c Beacon Fired: background: #000; font-family: "Monaco"; font-size: 15px; color: #FFF;
console-api	log	URL: https://ttlc.intuit.com/community/s/html/assets/scripts/analytics.bundle.js?1617404540.095(Line 8) Message: [object Object]
console-api	log	URL: https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399(Line 218) Message: in the getIXPData() function
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config SCREEN_ID warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config PAGE_NAME warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config event_message warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] WARN: Parameter is not defined in config event_page_topic_id warn
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: [{"provider":"iac","data":{"event.event_category":"Auto suggest","event.event_name":"pageView","event.page.channel":"Community Live","event.page.page_name":"PAGE_NAME","event.properties.group_id":"da772038-5a32-46f0-85e9-7340f207e143-1617404544024","event.screen_id":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","session.ivid_client":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","session.ivid_server":"9b0a8426-667f-46aa-9196-f9d33de46f66"}},{"provider":"siteCatalyst","data":{"ch":"Live Community","c4":null,"c5":"Customer Care","c7":"LC","c33":null,"c36":"websdk-preprod","c42":"9b0a8426-667f-46aa-9196-f9d33de46f66","c43":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","c49":"26399","h5":"da772038-5a32-46f0-85e9-7340f207e143-1617404544024","pageName":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399 Live Community","v12":"event_message","topicId: ":"event_page_topic_id","c14":"26399>"}}] debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: dispatching IAC event: debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: {"event.event_category":"Auto suggest","event.event_name":"pageView","event.page.channel":"Community Live","event.page.page_name":"PAGE_NAME","event.properties.group_id":"da772038-5a32-46f0-85e9-7340f207e143-1617404544024","event.screen_id":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","session.ivid_client":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","session.ivid_server":"9b0a8426-667f-46aa-9196-f9d33de46f66","event.properties.is_paired":true} debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] INFO: https://trinity.platform.intuit.com/trinity/v1/ctg-freedom-clickstream: {"data_version":"w1.0","cec_version":"1","client_framework_version":"1.9.4","application":{"app_name":"com.intuit.turbo","forwarded_by_app_id":"","offering_id":"Intuit.tax.openplatformnativeapps.turboweb","os":"Linux x86_64","platform":"web","browser":{"browser_version":"5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36","browser_name":"Netscape","locale":"en-US","browser_height":1200,"browser_width":1600,"screen_width":1600,"screen_height":1200,"screen_orientation":null,"screen_color_depth":24,"cookies_enabled":true,"encoding":"UTF-8","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36","url":"https://ttlc.intuit.com/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","url_host_name":"ttlc.intuit.com","query_param":null,"browser_plugins":"","java_enabled":false,"javascript_version":"1.8.5"},"properties":{}},"session":{"ivid_server":"9b0a8426-667f-46aa-9196-f9d33de46f66","ivid_client":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","properties":{"om_visitor_id":"[CS]v1\|3033D13F0688A08F-40000720D0BEFCDB[CE]"}},"event":{"event_id":"ab1e068b-0fb1-43ae-b17b-e4b387b3aef6-1617404544032","timestamp":1617404544032,"event_category":"Auto suggest","event_name":"pageView","page":{"page_title":"I received a TurboTax email or text message, addre...","page_load_time":3798,"page_path":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399","channel":"Community Live","page_name":"PAGE_NAME"},"traffic":{"campaign_id":null},"properties":{"group_id":"da772038-5a32-46f0-85e9-7340f207e143-1617404544024","is_paired":true},"screen_id":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399"}} info
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: dispatching siteCatalyst event: debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: {"ch":"Live Community","c4":null,"c5":"Customer Care","c7":"LC","c33":null,"c36":"websdk-preprod","c42":"9b0a8426-667f-46aa-9196-f9d33de46f66","c43":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","c49":"26399","h5":"da772038-5a32-46f0-85e9-7340f207e143-1617404544024","pageName":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399 Live Community","v12":"event_message","topicId: ":"event_page_topic_id","c14":"26399>","h2":true} debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: https://sci.intuit.com/b/ss/intuitturbotax/1/H.26/s09843367858247?AQB=1&ndh=1&c=24&fid=null&ce=UTF-8&k=Y&s=1600x1200&v=Y&p=&bh=1200&bw=1600&g=https%3A%2F%2Fttlc.intuit.com%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399&j=1.8.5&t=03/3/2021%2001:02:24%206%20-120&ch=Live%20Community&c5=Customer%20Care&c7=LC&c36=websdk-preprod&c42=9b0a8426-667f-46aa-9196-f9d33de46f66&c43=bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a&c49=26399&h5=da772038-5a32-46f0-85e9-7340f207e143-1617404544024&pageName=%2Fcommunity%2Fsecurity%2Fhelp%2Fi-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry%2F00%2F26399%20Live%20Community&v12=event_message&topicId:%20=event_page_topic_id&c14=26399%3E&h2=true&AQE=1 debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: dispatching aam event: debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: {"ch":"Live Community","c4":null,"c5":"Customer Care","c7":"LC","c33":null,"c36":"websdk-preprod","c42":"9b0a8426-667f-46aa-9196-f9d33de46f66","c43":"bc86f9f0-2eeb-4ff9-b2ba-0b4e0709523a","c49":"26399","h5":"da772038-5a32-46f0-85e9-7340f207e143-1617404544024","pageName":"/community/security/help/i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry/00/26399 Live Community","v12":"event_message","topicId: ":"event_page_topic_id","c14":"26399>","h2":true} debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] DEBUG: Copy siteCatalyst beacon to aam debug
console-api	log	URL: https://cdn.websdk.intuit.com/js/cdc_lib_min_latest.js(Line 1) Message: [websdk] INFO: click-stream data post : success info

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd307.akstat.io
ajax.googleapis.com
assets.intuitcdn.net
bam-cell.nr-data.net
c.bing.com
c.go-mpulse.net
cdn.appdynamics.com
cdn.websdk.intuit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
col.eum-appdynamics.com
collect.tealiumiq.com
connect.facebook.net
digitalasset.intuit.com
dpm.demdex.net
ds.reson8.com
e.turbotax.intuit.com
experimentation.us.api.intuit.com
fiaqj6absjkbikqce3ygyaaaabqgpiua-p6ru8t-5f758a06d-clienttons-s.akamaihd.net
googleads.g.doubleclick.net
idsync.rlcdn.com
js-agent.newrelic.com
kjtbhcaccc5ewydhukaa-p6ru8t-451a9b2c3-clientnsv4-s.akamaihd.net
live-community.platform.intuit.com
logging.api.intuit.com
master.reactcomponents.lc.a.intuit.com
maxcdn.bootstrapcdn.com
pm.w55c.net
s2.go-mpulse.net
sci.intuit.com
segment.intuitcdn.net
shcontentservice.api.intuit.com
shdynamicads.api.intuit.com
shtaxonomyservice.api.intuit.com
tags.tiqcdn.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
trinity.platform.intuit.com
ttlc.intuit.com
turbotax.demdex.net
turbotax.intuit.com
uxfabric.intuitcdn.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.sjwoe.com
104.111.224.118
104.111.247.16
104.18.8.110
12.130.158.196
13.226.159.54
13.226.159.72
142.250.185.162
151.101.14.110
162.247.243.147
172.217.23.98
2.16.186.75
212.82.100.182
23.14.92.57
23.79.129.43
2600:9000:211e:4800:9:618e:3dc0:93a1
2600:9000:2182:7e00:7:f1a3:af00:93a1
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2004
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a02:26f0:64::210:6a62
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:286::2682
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:ba19
2a02:26f0:7100:180::1d6c
2a02:26f0:7100:18d::42e9
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.158.49.68
35.181.18.61
35.244.174.68
44.235.9.37
44.236.215.203
44.237.0.165
52.13.165.209
52.17.73.77
52.28.237.213
52.30.135.179
52.39.211.108
54.186.57.15
54.69.245.133
99.86.3.42
99.86.3.92
000370ef7ad3a2d6769bd4f216a54e9a9d76bb5e64764c7c25a16ceff40e9ff9
03ce333ac7dbd1a8817888429f834995f018b2b3be7626ef755fb1ccd597bd77
0af1bb3ed579807451a7ec8225415f3595dc1ced0b32aa38833844d286190b17
0c5cc14a85aade089cc2bf31fa81e973afb8d1ce3bb196728f3c079ac5c2d05e
0c96f1072c29ef49ac906af6716330dae5b887a6e911c162dcda0f6d31fd8f60
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d871ec5528cfbb1f6b74230fb929f07f69b36540605378bb7cc2caf74648886
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1161f4a146d05a3c69a7c08af2dbb15bd5cac9d79af9ebea7a0cf79f53abaf71
18a8d47dab2287801bb5adfbda89c94a44f2e9e19aa18732095a31405f8047f3
19c1ea785a0e5a8abdf8185cb814ef4a26ac676a5a4e38382fdb53768da9cd7d
1c52bdb2a8fa74f8f35c0c6a0840099562b4c5abf1822d6e83dcef94e66c3d12
2280342f8d650fcd2964c31ec38ea7ca0b48e50652c7e0df1248536d576502a9
2291037ed7b37671692c5c9739dd261acd42a01b9a7830aca4f47a57e8fe802d
23dda2d6690030f61fca4382739afcf4e482521e6d9a7facbc34418a4c9c7962
25b5c2f7e35f7483c90a02373aa8460b78bacae376aac871dd7a93f0230e7d6e
297395563701884c2a4a7a5744e129531f825805a13330980069646cc23f87bb
29c65c105154bcef795bdbb7039ede3f5fe58d51d2fbcb6a96419afe632088c9
34032744e34a56a7691fee28be213da6b000f28fb873af3487a23c296f0effd6
357853121db51bb05c3c1038a7c099109e07fd80a53f426310ac4c30da4a1fac
376dca83e30fd6db57f67f805c956ba87ca21bdbf4d8ac890d67a721c021e425
3a42914dc0ca7c39c7138a47526051c907c4dd8b1e3cc3e7de9a452a0f4c5c55
3a88826572c9341ffc7c06a19498f36f865a27fea897afc7c74ba89b2eb01e20
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3df5caa4eb716ac9ead0437e7d095b442fef0810bfaecafddaf5f41a7d52b117
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
40af74053a73378fc6264469e7296eba7859af8182ff5dd14e336d499fa7ac1a
40b89ed70711af5c4e6722ab30db28649817fb00dde07cbd32bba18468ca3c2f
43659796471646ef131904815850c23c62076edeb135059b390b33ec351f555a
473842579288c04e865ecfa63ae67a45d6e9a0871c9cf2aea4db32637cf7bbb8
47d633289413d5f54c7fbb87429d2ef26824d890143ac829e2893b5af348c05e
49142cc0a834e58b90c8dc82daceff27b938a9d37aaa153cd987d8d2cb707596
492c6fc48eb5457cd7f2a015363877346e5dad3b80b310234e4a96f8b828f9f2
4a02c879007c89c7af319d38acad3a1d9363b4835c3764d79d2a515ab5b573c2
4a776655a1c2be774bbfbb66737c930c3f461fcef6ff7f1251a21cd951e58e03
4bfe3fd63b2ce813a2e3e1252146acf89e82d30222ca39161cf68086449cd64b
528df5df27add736ef3cf47c286e51cae74cc86751a032a3dfe93e9318b9d440
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6181b16b6a6c479553b8a200fee15ea54725750db5866001f90df5693ed9cb0a
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6520e880cc583c21a86491a2b8ae898e19d4e6d5375ebae83ef8a4f51ed70f70
6619ba77a7043416a164874dcacbf5ca4a6b53746f720c8c62c56d1832599307
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66965080c243216c78026c8b2e992feac8ab7f84b6a5ac49ccb2f3fc1a992eb3
6745582d96b501e8443240e173177f66b7d42e300def32edc1bb42a496f2323b
6925a9a6a136da72d98d02747d4ddbcc7b0f98854b63278481785e6914f2c09a
69d0b4563392238501011c3781519f5c3cbe018aeea6ebf37210f99bb5348574
6c6442a66a346b33a640dba6203ca4fa44b5a4edb709ccaac5f2d9f09c0f812e
6edf572fc78fcfa4b2ccaeee5402478f1f4d356360426ca89f5cff36d00a5bec
7712a2d7c98bd0504bf7bde1bce16135049fc991e8ccc1f52264a1aabdf3c8c2
782f31cdee675e1edffe563b35441d3b4e7d0d7a8c6068c21f34d662de45dd44
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
815e316e113b5af50bcebbe6fb95515d6efcd34cd24f73f62c0701cf8b6970b0
834571cb12366c2e2fc7a5a2cfdeede8ef1bc62d8f89a8b4a3fb344ace35b457
834ceb44b392fc0764073691d4d6caaa1573f91391c3d229014bf0384be01fd3
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
88fb2375cbb2171ef82dc7579033954bb9fd406bcc19dd2913429e0917dbb743
91b5232f547d2f25ac82504615e7aedac2ff2fa2710232ad07dd2521c9ded49c
9271314f6c34b62c2d3d28ac2bc904aae601540806ef2151ac7cc04bbe339159
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
978db21c78891ff042054afe2d113d2a4560bbe311a844ff48f45ce0c51e22d9
9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92
a0bba59386b53f67a581afe6f8eb2b60720713e845da729ef25d23f8be8cceb5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3916cd66d5e390f6ee87027c579891ec1c9ce0e4e8e2d17a83f26b0da929452
a496f0a5fc51aac0cac43be7e4c6a81425194480f138a7a97e895071fd628260
a6c8e6561fc6e53af8e4f0d1aaca69297c88f354b2a4e91fcb63930af2a8709d
a9373a0da531c93b8a7a9972f579088217ae05ba74dc9399998104301bdca8d7
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac16f9008f40d162b186d669420d38b7247624c8b8757ef5555fbf64a76e65b3
af115766e8e0f3141725ca1b2a7f9ec30e04b8e919084ef3fe260c8a1d843264
b25d20ba70b03f5b500efbc65c2e3249eaac40b49db55ec9304111e6a7f14e61
b3797f648709bce752797cbea013e68584cf5caeff0f5d526b5034df37bff83a
b79dbb25945f1812cd5e8a81114bdfa7970cadad4c788e301a9bcdff0a6b58c6
bcb608889fc1414b5fab7dace9f9c4c872bf8ca001995943fe8fd6e2d6ab8396
c2c6e76ab66c0c1bd397a52922d2f11d8bbe8322529fd8b279c990210094a058
c6014a0b99cbc64aa4e295a3d082301b5882142ce288609e58961641682288f0
c78abd43c77a607847b8714889600d8081c3f24d5f90d69818b4c7d508353d16
c9ac0a64b84619c74caac03950a3c93bf574d0137ed3cbd7daa88899727497cc
cc10c6ac6b8469904c93762e27d44b417bd29817c35c590ad78677c8cc0b30e7
cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df
d2fc3fc956f16451ca97ede80eb13c8d7ef7af6c26791ce8ef8b964865e2678a
d52055c2ded905e257f1c814a5120ca5e7521dead997ddc31185b305594a6926
d59bfa1017bf1d1265b5eb9ca2de67b76cc0b098dc00ce79f3a905934b937b3a
d6fbd40578c2b8ad857ed65e16db04eab8435a27232a1572672c6c91f9b92543
d886db0b90693040ec0b41bdc4334088859c250df390cbff4f8fb2c415a15b98
dc9b0977dbbc5ef9fb66a9a41d0d57a6b7e513423a2b087b19c6cd5618e7eac5
dd160737ff99d0b3796fc177f5b10d9121a67ba4865abfcff00294fc5538def0
dd6c69e8a06cf6860d63b6bee6fd46bfcdc1a25a1bd1d4942a9470b74f4e8746
e1241695c84f1ce0b9a6fc2a4c6d48b7dfdccd4e324838fd0e76870cd4a85173
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55c184e5a9b866db06d78dbd35af460e098b2cc94c048df749bbed39a87e27c
eb07ae198c91c65179763e0e392bfe0953ee1090164e6623f936b5c5155f08b8
ed7974cf323e4514537010c5b946e1b5f61721b398754453e7620783b51b55da
edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28da91146bc2771e2ea61f3e2f347e8c59aa68662e2b268f0210817cebc746e
f4fa5843f2583596a041247b48ca8c0418c3d1e342259125202b49e9cba90ae3
fb223e9cd1d0a60de1b9500a388fa42ec7e9121d5e6ac51b65aac9a154efefdd
fbc562b23385ed991d866d53bf897906d81a2bc7e90810eb8ebda4b2ba323ccb
fdfa50fd0355566fd18c03de7fe9f8aba89b77c88cf4637e5337b7a45c19b150

ttlc.intuit.com Open in urlscan Pro 2a02:26f0:7100:18d::42e9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

100 %HTTPS

42 %IPv6

27 Domains

48 Subdomains

41 IPs

5 Countries

2641 kBTransfer

8810 kBSize

24 Cookies

93 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ttlc.intuit.com Open in urlscan Pro
2a02:26f0:7100:18d::42e9 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

100 %
HTTPS

42 %
IPv6

27
Domains

48
Subdomains

41
IPs

5
Countries

2641 kB
Transfer

8810 kB
Size

24
Cookies

153 HTTP transactions
2 data transactions