accounts.intuit.com Open in urlscan Pro
104.111.250.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser...
Submission Tags: falconsandbox
Submission: On November 22 via api (November 22nd 2022, 1:55:08 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 5 domains to perform 57 HTTP transactions. The main IP is 104.111.250.17, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is accounts.intuit.com. The Cisco Umbrella rank of the primary domain is 14570.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 8th 2022. Valid for: a year.

This is the only time accounts.intuit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	104.111.250.17 104.111.250.17	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:170... 2a02:26f0:1700:38a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	104.111.224.118 104.111.224.118	16625 (AKAMAI-AS) (AKAMAI-AS)
19	91.235.133.106 91.235.133.106	30286 (THM) (THM)
1	52.222.214.81 52.222.214.81	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.105 18.66.147.105	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	15.254.5.182 15.254.5.182	16509 (AMAZON-02) (AMAZON-02)
3	184.24.161.90 184.24.161.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	44.237.228.91 44.237.228.91	16509 (AMAZON-02) (AMAZON-02)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
57	13

8 104.111.250.17 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-17.deploy.static.akamaitechnologies.com

accounts.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:38a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179914.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.111.224.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-118.deploy.static.akamaitechnologies.com

plugin.intuitcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 91.235.133.106 (United States)

ASN30286 (THM, US)

gfp.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-81.fra56.r.cloudfront.net

segment.intuitcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-105.fra60.r.cloudfront.net

uxfabric.intuitcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.254.5.182 (Los Angeles, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-254-5-182.us-west-2.compute.amazonaws.com

intuitvisitorid.api.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.24.161.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-161-90.deploy.static.akamaitechnologies.com

lib.intuitcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.228.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-228-91.us-west-2.compute.amazonaws.com

eventbus.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

v60nf4oj7b2wg3d55s33cyotn5bag6qnx6z6re4t2698b2b9c8008066am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	intuit.com accounts.intuit.com — Cisco Umbrella Rank: 14570 gfp.intuit.com intuitvisitorid.api.intuit.com — Cisco Umbrella Rank: 38311 eventbus.intuit.com — Cisco Umbrella Rank: 11399	466 KB
21	intuitcdn.net plugin.intuitcdn.net — Cisco Umbrella Rank: 14654 segment.intuitcdn.net — Cisco Umbrella Rank: 18265 uxfabric.intuitcdn.net — Cisco Umbrella Rank: 14940 lib.intuitcdn.net — Cisco Umbrella Rank: 28441	351 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3149 v60nf4oj7b2wg3d55s33cyotn5bag6qnx6z6re4t2698b2b9c8008066am1.e.aa.online-metrix.net	17 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1270 c.go-mpulse.net — Cisco Umbrella Rank: 611	51 KB
1	akstat.io 02179914.akstat.io — Cisco Umbrella Rank: 62018	204 B
57	5

	Domain	Requested by
19	gfp.intuit.com	accounts.intuit.com gfp.intuit.com
16	plugin.intuitcdn.net	accounts.intuit.com
8	accounts.intuit.com	accounts.intuit.com
3	lib.intuitcdn.net	accounts.intuit.com
2	h.online-metrix.net	gfp.intuit.com
2	intuitvisitorid.api.intuit.com	uxfabric.intuitcdn.net
1	v60nf4oj7b2wg3d55s33cyotn5bag6qnx6z6re4t2698b2b9c8008066am1.e.aa.online-metrix.net
1	02179914.akstat.io	s.go-mpulse.net
1	eventbus.intuit.com	uxfabric.intuitcdn.net
1	c.go-mpulse.net	s.go-mpulse.net
1	uxfabric.intuitcdn.net	accounts.intuit.com
1	segment.intuitcdn.net	accounts.intuit.com
1	s.go-mpulse.net	accounts.intuit.com
57	13

This site contains links to these domains. Also see Links.

Domain
accounts-help.lc.intuit.com
prolink.intuit.com
www.intuit.com
www.google.com
security.intuit.com

Subject Issuer	Validity	Valid
accounts-prd.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-11-29`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.intuitcdn.net DigiCert SHA2 Secure Server CA	`2022-01-23` - `2023-01-24`	a year	crt.sh
gfp.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-11-09`	a year	crt.sh
segment.intuitcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-16` - `2023-07-17`	a year	crt.sh
uxfabric.intuitcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-22` - `2023-06-22`	a year	crt.sh
*.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-07-18`	a year	crt.sh
lib.intuitcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-04-16` - `2023-04-19`	a year	crt.sh
trinity.platform.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-28` - `2023-05-29`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-08` - `2023-07-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
Frame ID: 298CACBEB4FFA6E8F9596B5BBD59CF38
Requests: 36 HTTP requests in this frame

Frame: https://gfp.intuit.com/kH7l10YA1g7xgLrW?c544061636b81e05=UTbgcCqtq5mB6wdsGjkgwz6ahSg7oTy-eiave6KHe9uvZ_13Rk5TmssMcXAYHL_C1uolRI-YXetEp4VXfqZ8PH5MfTIUJZDfdGDLPTWpNp57WgaG3JavEGv0yeErCc1MhzK3RITusavJGC6DYJ-UPHf2G15LcpViupEub_piDVyWpLnPTNE75uMpYUTtYKDDCZXKHyhjchcLMsC-YToeXnE&jb=373126246a716d773d55696e646d7571246a736d3d576b6e646d757327323033322e6a7162773f4168706f6d65246871603d436a726f6f65253032313237
Frame ID: 9CE49EA72B93B14B7EB7A99770171B7B
Requests: 12 HTTP requests in this frame

Frame: https://gfp.intuit.com/3dcq3cwUNVev5x9_?00d5f5b34d78aec5=nv0A5IOqpxBR3LBQeCE69AbKm7tJqdtOfswZQw0eq_ymhG9syyoCAjbrIrCriyVVQktln4nznT2QeZ5S4FErSFNycpYnHN24b1bgIiKJtiQf3XNhfuQ4QewyJ3njHsoMKmjOKjAjWHwgiXNcqg4m6g&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: C4384E69F891E2B87532B1B16036B71B
Requests: 3 HTTP requests in this frame

Frame: https://gfp.intuit.com/F-axozE5DnoRTMD1?050227cd42b6911b=ar-wS6tPWB0gZjS_tGZqdtSSdoA2gSr70l-Vw9jLgYRuOaKl-yL4KSDNx4ovi40fQFwrAOaEFQyNBWailU5Hay363c6oPm0BceNeQi1UvGjIaaBk2lRQkX-0uC5SI4wLK_1TrLYLMQw73_ai270OatV1uyAvX8dNFLAkRA7j5l3WNw0mvWIq0r5vsjxeM9q_zFvfs3r-FAZ6hTM-Sq8bdZfVTw
Frame ID: 26A4DBCA02EE6C455589F5CBB13D7363
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/c65ED1RYewUomxTs?9942a90444ac80d5=cQuTXq0DMM-6YNbeEJBbd4gmFjF4hB674q8DXmD7Hxw98hTrfJWqLGBX4EYqFb4IDCj10OlwScxfjo46PvUCjVQuV3hVqPe8a1OGAKcuR1xihnB-j3QRF1xKQ8B3S5ZRWi2dkGDAtBq4gqz5yFFEVrQCp04esW6gsQLXV0xqw2lWi-bIIpnPP6rICty1-gKEznNuo0uAMiZDe9fhsvG4IncBglI
Frame ID: 07BE7A3D9B2CECB05842D0AE0FEF953C
Requests: 2 HTTP requests in this frame

Frame: https://gfp.intuit.com/GQkU9SHf4jo8wbNp?c884ddde24c1f087=zvtdLGYPoB-7KpUCsu8J9hPtoItq4iO_fYBKgj-xk0p2AxNwV1F7IivgEPYMLqYKbc4M2JzuYEdrPXKOlCmM81OzF3GqHLGDyuyZ9Rpdy3qar80FrlAqzW3DK1xdFQWHXI4Y2WSL2IN-wJVRLnus5FyAaVjYELd6FpF3bHkZTSzKatLD5z-rSAWaPj_SAzU1Dq2YflL5O2RYX3S2IZfet9FkUnc
Frame ID: C715DCA06D60610F745EFE5D0A6B4C4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Intuit Accounts - Sign In

Page Statistics

57
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

13
Subdomains

13
IPs

2
Countries

884 kB
Transfer

3590 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts-help.lc.intuit.com/questions/1582580-creating-an-account
Title: Learn more

Search URL Search Domain Scan URL

URL: https://prolink.intuit.com/public/terms-of-service.html
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.intuit.com/privacy/statement/
Title: Global Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/policies/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/policies/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.intuit.com/legal/
Title: Legal

Search URL Search Domain Scan URL

URL: https://security.intuit.com/
Title: Security

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request signin.html Show response
accounts.intuit.com/v2/ 13 KB
6 KB 492ms
305ms Document
text/html 104.111.250.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-17.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1ab90bb35f9e7cb13a19f73248cb9adfd8ca1ad07e4285693b444afc324fa2bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache no-store
content-encoding: gzip
content-language: de-DE
content-length: 5085
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' *.google.com *.google-analytics.com *.gstatic.com *.appdynamics.com *.intuitcdn.com *.intuitcdn.net *.intuitcdn.net:34212 *.ensighten.com *.decibelinsight.net *.decibelinsight.com *.tiqcdn.com *.go-mpulse.net *.paycheckrecords.com *.freefilefillableforms.com *.statefillableforms.com *.check.me *.mint.com *.intuitlabs.com *.turbotax.com *.turbotaxonline.ca *.localhost *.intuit.dev *.intuit.ca *.intuit.com *.intuit.net *.intuit.co.uk *.intuit.com.au *.intuit.com.mx *.intuit.com.br *.intuit.fr *.intuit.in *.intuit.hk *.intuit.sg *.intuit.mx *.intuitcdn.net *.quickbooks.com *.quickbooks.com.br *.quickbooks.co.uk *.zeropaper.com.br *.apimock.xyz *.managepayroll.com *.tsheets.com *.localhost:34200 *.tsheets-dev.com *.turbotaxcommunity.com *.qbcommunity.com *.dev-intuitb2b.cs2.force.com *.system-intuitb2bsys.cs16.force.com *.func-intuitb2b.cs30.force.com *.stage-intuitb2b.cs125.force.com *.perf-intuitb2b.cs97.force.com; report-uri /csp_logger
content-type: text/html;charset=UTF-8
date: Tue, 22 Nov 2022 13:55:02 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
intuit_tid: 04bcd929-28d7-468d-a300-c79871392a2a
pragma: no-cache
server: nginx
server-timing: cdn-cache; desc=MISS edge; dur=160 origin; dur=16
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 8321 0 pmb=mRUM,2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: index, follow
x-xss-protection: 1; mode=block

GET
H2 200 track-event-lib-init.min.js Show response
accounts.intuit.com/iux-track-star/analytics-core/ 12 KB
5 KB 41ms
40ms Script
application/javascript 104.111.250.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.intuit.com/iux-track-star/analytics-core/track-event-lib-init.min.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-17.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

67c06f1a1b0aae698726e2473ef9205e4c02547df017f439363e4cf2327f1a19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .intuit.com, frame-ancestors 'self' .intuit.com
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.intuit.com, frame-ancestors 'self' *.intuit.com
content-encoding: br
x-content-type-options: nosniff, nosniff
date: Tue, 22 Nov 2022 13:55:02 GMT
x-rl: Trail, Trail
x-amz-cf-pop: LHR62-C5
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 4294
x-xss-protection: 1; mode=block
x-org: ANLYT_SEG_VER, ANLYT_SEG
last-modified: Sun, 20 Nov 2022 06:06:44 GMT
server: Akamai Resource Optimizer
etag: W/"8c60804957f64ad1aa374426b4547883"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2503862
timing-allow-origin: *
x-amz-cf-id: 1B9DSORpvKF1OCudqfPkIOI0SeoiVE-MlrjBguOiwbNkrF2YtDP00w==
expires: Tue, 20 Dec 2022 06:07:24 GMT

GET
H2 200 ius-hostedui-base.css
accounts.intuit.com/css/ 9 KB
3 KB 72ms
71ms Stylesheet
text/css 104.111.250.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.intuit.com/css/ius-hostedui-base.css?v=1.70.0.666
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3bc0d164b1769b94df670119e9fa5b8780a95ef2a340b721766c33134a106fce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
last-modified: Mon, 21 Nov 2022 14:26:02 GMT
server: nginx
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=142560
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3168
expires: Thu, 24 Nov 2022 05:31:02 GMT

GET
H2 200 ius.default.configs.min.js Show response
accounts.intuit.com/IUS-Plugins/v2/scripts/ 94 KB
24 KB 84ms
84ms Script
application/javascript 104.111.250.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.default.configs.min.js?v=1.70.0.666

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-17.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

eaa75f72e4fbfdceb1632543bee75fd769639d75c281857235517678ee6e0ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD79-C1
x-amz-meta-version: 1.392.6-apr.3640.b.2
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 23970
x-xss-protection: 1; mode=block
x-origin-src: uxf
pragma: no-cache
last-modified: Wed, 16 Nov 2022 00:22:59 GMT
server: AmazonS3
etag: W/"eeb0bc47d48feb9b81849e954894f33f"
access-control-max-age: 86400
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=0, no-cache
x-amz-meta-slug: identity-authn-core-ui/1.392.6-apr.3640.b.2
access-control-allow-credentials: false
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: PQgtHI2Qjr-mYJGvb9l_JoX4en1azy0C8BPVPHszFxIACPWMN9dOfA==
expires: Tue, 22 Nov 2022 13:55:02 GMT

GET
H2 200 ius.hostedui.lib.min.js Show response
accounts.intuit.com/scripts/ 97 KB
35 KB 50ms
49ms Script
application/javascript 104.111.250.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.intuit.com/scripts/ius.hostedui.lib.min.js?v=1.70.0.666
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 810be77387297d89a01d80dd1058c7d358e5599e770036a4cd25f4bb72dd9512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
last-modified: Mon, 21 Nov 2022 14:09:01 GMT
server: nginx
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=142561
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 35041
expires: Thu, 24 Nov 2022 05:31:03 GMT

GET
H2 200 ius.hostedui.base.min.js Show response
accounts.intuit.com/scripts/ 19 KB
6 KB 83ms
82ms Script
application/javascript 104.111.250.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.intuit.com/scripts/ius.hostedui.base.min.js?v=1.70.0.666
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cbcc66e68c675751c8f7e98858e2b6f07462e030909d3bbe63103a6af5ba43f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
last-modified: Mon, 21 Nov 2022 14:09:01 GMT
server: nginx
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=142560
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5481
expires: Thu, 24 Nov 2022 05:31:02 GMT

GET
H2 200 ius.min.js Show response
accounts.intuit.com/IUS-Plugins/v2/scripts/ 861 KB
222 KB 83ms
83ms Script
application/javascript 104.111.250.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-17.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

54b7f8a4ee8317e45ff795614eaf24b08b408f6276e5ce6a081d8d581eebc906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD79-C1
x-amz-meta-version: 1.392.6-apr.3640.b.2
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 225961
x-xss-protection: 1; mode=block
x-origin-src: uxf
pragma: no-cache
last-modified: Wed, 16 Nov 2022 00:22:59 GMT
server: AmazonS3
etag: W/"dc12f2b4ce457c9611622130f75b64fe"
access-control-max-age: 86400
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=0, no-cache
x-amz-meta-slug: identity-authn-core-ui/1.392.6-apr.3640.b.2
access-control-allow-credentials: false
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: zYHr6HagOF2hxtfDKWfkqaujHPwD23IuS4n79UwCwauBXCt3Xvsw_w==
expires: Tue, 22 Nov 2022 13:55:02 GMT

GET
H2 200 JMR2J-JRQ54-8U3H8-YDWCP-M9P79 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 142ms
44ms Script
application/javascript 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/JMR2J-JRQ54-8U3H8-YDWCP-M9P79
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 13:31:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 ius-base-reset-f55baac3.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 24 KB
5 KB 140ms
34ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-reset-f55baac3.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

139ff243be9d3f04788b0a8ebd8be54501601df110baf1431c3958dfdeb10d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD79-C1
x-amz-meta-version: 1.388.1-apr.2734.b.7
content-length: 4156
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 27 Apr 2022 17:07:18 GMT
server: AmazonS3
etag: "9b94f078f832a3dae5be6c34d7c1fabb"
access-control-max-age: 86400
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31556926, immutable
x-amz-meta-slug: identity-authn-core-ui/1.388.1-apr.2734.b.7
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: 0_5TWQmi_4zrsM6W2-ESevbfuxFciKvjC5rZIvJcX6UP8pbAeOXxBg==

GET
H2 200 2697-cab434da.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 99 KB
36 KB 144ms
39ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/2697-cab434da.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

12b6b23421646026fbe16693c723e9f133267742b63649177b6ca0d8fec3026c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD66-C2
x-amz-meta-version: 1.388.2
content-length: 36150
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 27 Apr 2022 21:11:56 GMT
server: AmazonS3
etag: W/"a28b53b5d863e53026ddee6ba584f32f"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.388.2
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: h1UMZk9zw0_5RjjLOtS5r2Ge93QxZl2vhq0Yn7OUTC0OF1qz-VhZyw==

GET
H2 200 ius-base-d15733d6.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 252 KB
66 KB 174ms
76ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-d15733d6.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

619d7d2e7cea87d91e3ff2630a196cfa3823935cbe32398c3a197cbb66ae3988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD79-C1
x-amz-meta-version: 1.388.2
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 67034
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 27 Apr 2022 21:11:56 GMT
server: AmazonS3
etag: W/"86f80f3695ef53927951756da678a248"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.388.2
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: EsAgMmiNXFdEnC90aBj_feVk2ntgQDJwbfRb6E0UJw6cQIM319J2eg==

GET
H2 200 ius-widget-header-footer-05dd870b.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 9 KB
4 KB 137ms
39ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-widget-header-footer-05dd870b.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

e702c9ba71a6a2d0661b2d89245b18144c05668241acfba9a1ae054e7e66b901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD66-C2
x-amz-meta-version: 1.385.4-apr.2725.b.1
content-length: 3170
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Mon, 25 Apr 2022 19:48:43 GMT
server: AmazonS3
etag: W/"32d67f9cef5790de6588b797585c61c4"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.385.4-apr.2725.b.1
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: RekLmqaL8Sh0-zvoPCdUN7yNphVaCwx2Cc8hCaGnHWqWxRRG6ygUCA==

GET
H/1.1 200
OK 52l16ljeoclr2634.js Show response
gfp.intuit.com/ 93 KB
13 KB 98ms
25ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/52l16ljeoclr2634.js?zn94l033ef21y15g=v60nf4oj&mbnt7eg4wwnx3bgl=680CD36F4615432774564D71E2C5F4AB

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a5cd8ee35798925af20b8e984a81bfd3d4a23cb3c75511d626a6d9c3a3af1118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ius-style-canary-87724c8a.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 5 KB
2 KB 165ms
94ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-style-canary-87724c8a.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

96932d50ad388c4f46d173b7ba70c1dc1c272eac2b4989d407729414a9d4a04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD55-P2
x-amz-meta-version: 1.388.1-apr.2734.b.7
content-length: 1743
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 27 Apr 2022 21:10:34 GMT
server: AmazonS3
etag: "3e5108eb8ab1bf8ad6ce361a568ae18b"
access-control-max-age: 86400
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31556926, immutable
x-amz-meta-slug: identity-authn-core-ui/1.388.1-apr.2734.b.7
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: J1Ci9fgMfvnth9WbWrWpH1vsqiqHtjvRgd2gGf2Gyf8Cto2sKucvuA==

GET
H2 200 ius-hostedui-base-ecosystem-6fe0696b.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 19 KB
5 KB 139ms
80ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-hostedui-base-ecosystem-6fe0696b.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

e8f32be002add2dc07d5ca3667e2d32700928db1b3ea7c23d016e3a25a696c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD55-P2
x-amz-meta-version: 1.385.4-apr.2725.b.1
content-length: 4887
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Mon, 25 Apr 2022 19:48:43 GMT
server: AmazonS3
etag: W/"c7a80327248f4e01573779562544896a"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.385.4-apr.2725.b.1
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: HhX2EPgvaNn1IZQNYDkJCUCeAxmYIgDilPl74aq9STDau5G_fAm0oA==

GET
H2 200 ius-base-theme-intuit-ecosystem-7b44b52d.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 41 KB
8 KB 122ms
118ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-theme-intuit-ecosystem-7b44b52d.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

3592431d276a8d2e34fbebee5ace6fab56d12726067e04763050e74e73d5103e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD79-C1
x-amz-meta-version: 1.385.4-apr.2725.b.1
content-length: 7784
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Mon, 25 Apr 2022 19:48:43 GMT
server: AmazonS3
etag: W/"8aeadc63af5709c290a529605ee643b5"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.385.4-apr.2725.b.1
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: lbVYHXvAgLYDxfXbp8sBFmMdakyJocOUOrKRZkKFAvtwy1muCZxz6w==

GET
H2 200 ius-base-widget-header-footer-intuit-ecosystem-c33b5776.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 78 KB
24 KB 130ms
127ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-widget-header-footer-intuit-ecosystem-c33b5776.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

da844a1fac483057dcce4b4dddb1eb960cb79e7a8cc8ae10fc01fc21754ef14b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD55-P2
x-amz-meta-version: 1.389.0
content-length: 23739
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Thu, 28 Apr 2022 18:35:15 GMT
server: AmazonS3
etag: W/"eeb81cce7d1d8340c00c76de309e8483"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.389.0
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: NZTQqTWpIWTTc1dkX-6oeyAp9kDt3pYRPnKsMU7xaQHBxtOwswUqaw==

GET
H2 200 ius-widget-header-footer-intuit-ecosystem-default-c90b14f9.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 6 KB
2 KB 132ms
129ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-widget-header-footer-intuit-ecosystem-default-c90b14f9.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

5dfe1d0301f111f40de5f18a6be6ddf0f25166f1c855f845a48d7f2472cd33ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD79-C1
x-amz-meta-version: 1.388.1-apr.2734.b.7
content-length: 1893
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 27 Apr 2022 21:10:35 GMT
server: AmazonS3
etag: "3cd593dcc94b3310f3e3b80d6c2005bb"
access-control-max-age: 86400
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: public, max-age=31556926, immutable
x-amz-meta-slug: identity-authn-core-ui/1.388.1-apr.2734.b.7
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: Dp39LuwGGn9UAH4Cjpf5poS5uKwqdrMZVaOsjZbds7x3ELfRdujQcg==

GET
H2 200 settings Show response
segment.intuitcdn.net/v1/projects/GZ0egpAqK8XnaELNYlqttzjcaS4seAYX/ 691 B
1 KB 158ms
17ms Fetch
application/json 52.222.214.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.intuitcdn.net/v1/projects/GZ0egpAqK8XnaELNYlqttzjcaS4seAYX/settings
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/iux-track-star/analytics-core/track-event-lib-init.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-81.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32a4be366ff86183a6659283997a917549ca8986a2aaa0100df39085bcf32cba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: f1IKrdoqIBm78EsvZvmUruSH2XSt7bTm
date: Tue, 22 Nov 2022 13:22:35 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront), 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5, FRA56-P3
age: 1947
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 691
last-modified: Mon, 09 May 2022 21:49:18 GMT
server: AmazonS3
etag: "e1a425c71b0723ea60fc90e39e529650"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: HI-pqtitQfgZOXpJ45B6G8wwhIJ3K9d7c2wWN6BMinlPu8G5cC2q7w==

GET
H2 200 track-event-lib.min.js Show response
uxfabric.intuitcdn.net/analytics/202209072322/ 227 KB
65 KB 136ms
19ms Script
application/javascript 18.66.147.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://uxfabric.intuitcdn.net/analytics/202209072322/track-event-lib.min.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/iux-track-star/analytics-core/track-event-lib-init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-105.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9479a48c67eef7bffd3d31865eb074711aeb9074dba633edbf09dacc6e6bd4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1288131
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Sep 2022 23:29:23 GMT
server: AmazonS3
etag: W/"bc8aa798bd0ae8abef51b6ba5e4f36a4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
x-amz-cf-id: KYKl-NKuI72n-zPbeY_H7kWqjlM6Kar9fIYETMqWTM_yUWj1ut7gHA==

GET
H2 200 9905-412eb7f1.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 41 KB
16 KB 133ms
129ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/9905-412eb7f1.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

b0c32e5813513833fc91417dfc010db01c0001ac8a8fce3fc8793790a24a5c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD89-P1
x-amz-meta-version: 1.388.2
content-length: 15753
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 27 Apr 2022 21:11:58 GMT
server: AmazonS3
etag: W/"f9c844b85a0e5c6ca1b74680ad65d6aa"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.388.2
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: _oN19-lfqOZV-xaVGq-OED44MFZOtvqawYRAMCGkBfqQ4K6JykqauQ==

GET
H2 200 4575-d9243faa.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 11 KB
4 KB 133ms
130ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/4575-d9243faa.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

8b64e525de8ac6745e6a801ffb352528c1306c0de94ad88c502b12fc5371adfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD89-C3
x-amz-meta-version: 1.392.6-apr.3146.b.3
content-length: 3561
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 20 Jul 2022 21:02:42 GMT
server: AmazonS3
etag: W/"ce799f5b133b5f62887415703b03c77f"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.392.6-apr.3146.b.3
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: cDdTc5ol0_9xVW92g0jCs7CPT4y9Z327ANAM6HFQxa6fX5bfkxGtng==

GET
H2 200 9902-56ed705d.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 24 KB
8 KB 134ms
131ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/9902-56ed705d.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

7507bfcf1693c6a8f3f69d15121dc14aeb8dc9e301bac6568152fb50210e36fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD55-P2
x-amz-meta-version: 1.392.6-apr.3543.b.1
content-length: 7529
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Tue, 25 Oct 2022 23:26:21 GMT
server: AmazonS3
etag: W/"80479daa531ade224e21923fd4d2212f"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.392.6-apr.3543.b.1
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: nKQHV_wzkveQWXwJSTAJzJQRTXYw3acM1-j1BIgmXSFMA1doRBV2HQ==

GET
H2 200 5702-758781df.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 255 KB
49 KB 136ms
133ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/5702-758781df.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

6b120112660f6a18307e835c5d720c9708ae599f4b9322170b46edf5518b4d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: ORD53-C3
x-amz-meta-version: 1.392.6-apr.3567.b.4
content-length: 49509
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Thu, 27 Oct 2022 01:58:42 GMT
server: AmazonS3
etag: W/"165290eccce4b6a74ed4a7b6aa50e81b"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.392.6-apr.3567.b.4
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: IoJkf6HSH7dBqwPBNJ4uVSLn6kgvc2yme0Fdqw28Qbwn8Y_q3ZdvGA==

GET
H2 200 ius-sign-in-layout-74155400.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 14 KB
4 KB 137ms
134ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-sign-in-layout-74155400.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

6748e9163367a5bde85295676194add0e32f26f9573a425c34847fdab587d296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD55-P2
x-amz-meta-version: 1.388.2
content-length: 3615
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 27 Apr 2022 21:11:58 GMT
server: AmazonS3
etag: W/"4f461090ea086b5b6c3089a1d202e936"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.388.2
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: DZ8OhC2HlD0vhkHmqYtlc6LH_LPLqfWY0MO4tqOyrP7FOBeUr87wdw==

GET
H2 200 ius-sign-in-theme-097efda4.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 15 KB
4 KB 137ms
134ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-sign-in-theme-097efda4.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

fd42ba8d8dc2c5b032e7705261d4088dfc8bf47b249c99241022d66ac067bea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD55-P2
x-amz-meta-version: 1.388.2
content-length: 3138
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 27 Apr 2022 21:11:58 GMT
server: AmazonS3
etag: W/"f3f8bfd16ac397e60c3b87aa363f978e"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.388.2
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: s77vkYwTMHVnnhD9OTZc_aD_alxZir0y6acSl1Cr50H4WkPNjQvGwQ==

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 2 KB
1 KB 104ms
26ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=JMR2J-JRQ54-8U3H8-YDWCP-M9P79&d=accounts.intuit.com&t=5563751&v=1.720.0&sl=0&si=04f52e21-bb51-403e-a334-32eb887551e7-rlr5bq&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=501160
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/JMR2J-JRQ54-8U3H8-YDWCP-M9P79
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3d7c6233edff28e37f11e5e5582d536bd85713c27c9d37862894fbd370e6facc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 13:55:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 782

GET
H2 200 ius-hostedui-base-visual-refresh-15f815ca.js Show response
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ 65 KB
20 KB 37ms
37ms Script
application/javascript 104.111.224.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-hostedui-base-visual-refresh-15f815ca.js

Requested by

Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.224.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-118.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

0ab7caa5729bfb4efa6e6110f44684f8b589969a60399d3c8c6af2e6ff62337c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-meta-module: identity-authn-core-ui
x-amz-cf-pop: IAD55-P2
x-amz-meta-version: 1.392.5
content-length: 19676
x-xss-protection: 1; mode=block
x-origin-src: uxf
last-modified: Wed, 04 May 2022 20:59:42 GMT
server: AmazonS3
etag: W/"c89eb8d45430757ef3e9f4bbf36dd082"
vary: Accept-Encoding
x-amz-meta-type: plugin
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
x-amz-meta-slug: identity-authn-core-ui/1.392.5
access-control-allow-credentials: false
cache-control: public, max-age=31556926, immutable
timing-allow-origin: *, *
x-amz-meta-id: identity-authn-core-ui
x-amz-cf-id: 95RoyUwM0EZRIPhhSkzI0K-FDovbMHd2Sl7p9SlqQs6LnCgNfHOpXA==

OPTIONS
H2 200 /
intuitvisitorid.api.intuit.com/v1/ Frame 0
0 696ms
188ms Preflight 15.254.5.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://intuitvisitorid.api.intuit.com/v1/?ivid=f4083512-e20d-4df8-aa52-6a6a2c0c16c3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.254.5.182 Los Angeles, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-254-5-182.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://accounts.intuit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: date,x-tto-engine-version,x-b3-parentspanid,content-length,expires,vary,origin,x-b3-sampled,authorization,keep-alive,tracestate,if-unmodified-since,content-disposition,content-transfer-encoding,content-md5,fragment-location,connection,content-type,if-match,cache-control,intuit_tid,x-tto-routing-info,pragma,accept,x-b3-traceid,x-b3-spanid,traceparent,x-requested-with,content-range,content-location,x-csrf-token,etag,intuit_originalurl
access-control-allow-methods: DELETE,POST,GET,OPTIONS,PUT,PATCH
access-control-allow-origin: https://accounts.intuit.com
access-control-max-age: 900
content-length: 0
date: Tue, 22 Nov 2022 13:55:03 GMT
intuit_tid: 1-637cd4b7-7c746000716ee15865248dd4
server: envoy
strict-transport-security: max-age=31536000
x-envoy-upstream-service-time: 0

GET
H2 200 /
intuitvisitorid.api.intuit.com/v1/ 0
0 606ms
234ms Fetch
application/json 15.254.5.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://intuitvisitorid.api.intuit.com/v1/?ivid=f4083512-e20d-4df8-aa52-6a6a2c0c16c3

Requested by

Host: uxfabric.intuitcdn.net
URL: https://uxfabric.intuitcdn.net/analytics/202209072322/track-event-lib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.254.5.182 Los Angeles, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-254-5-182.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://accounts.intuit.com/
accept-language: de-DE,de;q=0.9
Authorization: Intuit_APIKey intuit_apikey=prdakyreswUFDpkOPDkky63TSWvxZbtemfYVms81, intuit_apikey_version=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:55:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
intuit_tid: 1-637cd4b7-31dfa8e97fc3aaca41e8094c
x-amzn-requestid: 1ad5f97c-e3ed-4ae4-a0e0-c96ff73443bb
x-custom-header: application/json
x-envoy-upstream-service-time: 43
x-amz-apigw-id: cAYswFSNvHcF5bw=
content-length: 0
x-spanid: 2d1086cf-84d8-43cd-b3f9-ddd264acba64
server: envoy
x-amzn-trace-id: Root=1-637cd4b7-31dfa8e97fc3aaca41e8094c, Root=1-637cd4b7-31dfa8e97fc3aaca41e8094c;Sampled=0
content-type: application/json
access-control-allow-origin: https://accounts.intuit.com
access-control-expose-headers: date,x-tto-engine-version,x-b3-parentspanid,content-length,expires,vary,origin,x-b3-sampled,authorization,keep-alive,tracestate,if-unmodified-since,content-disposition,content-transfer-encoding,content-md5,fragment-location,connection,content-type,if-match,cache-control,intuit_*,intuit_tid,x-tto-routing-info,pragma,accept,intuit-*,x-b3-traceid,x-b3-spanid,traceparent,x-requested-with,content-range,content-location,x-csrf-token,etag,intuit_originalurl
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 703 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12b43b4b2f2f6a3c7a97e8c57e09169a93e66e1789c63621c635cf06de802ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 avenir-400.woff2
lib.intuitcdn.net/fonts/AvenirNext/1.0/en/ 9 KB
9 KB 258ms
31ms Font
application/octet-stream 184.24.161.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.intuitcdn.net/fonts/AvenirNext/1.0/en/avenir-400.woff2
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.161.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-161-90.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c8278b56794c389919d388951c5fa4dc07a388e16eb7055d675b0b916acc70e5

Request headers

Referer: https://accounts.intuit.com/
Origin: https://accounts.intuit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: tLRdiz4Rf_.YCAyPGZujZHcV4oAeS88m
date: Tue, 22 Nov 2022 13:55:02 GMT
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 8728
last-modified: Thu, 29 Sep 2022 20:31:35 GMT
server: AmazonS3
etag: "90295f3e1a1560ea86e77cb757adba59"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=15010773
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, DNT
x-amz-cf-id: vrXTn0rXl1X--mdut1hDyekC0f0Q8sT6ENmoTxgTrmArjbnh9OUxFQ==
expires: Mon, 15 May 2023 07:34:35 GMT

GET
H2 200 avenir-100.woff2
lib.intuitcdn.net/fonts/AvenirNext/1.0/en/ 9 KB
9 KB 255ms
31ms Font
application/octet-stream 184.24.161.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.intuitcdn.net/fonts/AvenirNext/1.0/en/avenir-100.woff2
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.161.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-161-90.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 817789f8b4ae153258be7067cb01f30e80b018238d8861ffcf693ae7dc11a696

Request headers

Referer: https://accounts.intuit.com/
Origin: https://accounts.intuit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: b64p_Q3KUitdDNfqjHTpVFnPSbSFk4wq
date: Tue, 22 Nov 2022 13:55:02 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 9228
last-modified: Thu, 20 Oct 2022 22:19:52 GMT
server: AmazonS3
etag: "bffcc9ed5844c9da9a15a51c64e239a6"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14495413
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, DNT
x-amz-cf-id: rlcqYnrXPE4-0x1A0E2KOxYu7P8JSvu2BhpFZJpPyPhzdEvYRU057Q==
expires: Tue, 09 May 2023 08:25:15 GMT

POST
H2 202 t Show response
eventbus.intuit.com/v2/segment/iip-identity-clickstream/ 0
854 B 642ms
183ms XHR
text/plain 44.237.228.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eventbus.intuit.com/v2/segment/iip-identity-clickstream/t

Requested by

Host: uxfabric.intuitcdn.net
URL: https://uxfabric.intuitcdn.net/analytics/202209072322/track-event-lib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.228.91 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-228-91.us-west-2.compute.amazonaws.com

Software

Jetty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload

Request headers

Referer: https://accounts.intuit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Nov 2022 13:55:03 GMT
access-control-request-method: GET,POST,OPTIONS
intuit_received_at: 1669125303312
strict-transport-security: max-age=10886400; includeSubDomains; preload
intuit_appid: Intuit.ldcp.mds.trinity
content-length: 0
intuit_offeringid: Intuit.ldcp.mds.trinity
server: Jetty
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: private, no-cache, no-transform
access-control-allow-credentials: true
event_id: 1d6ce418-2ce6-4ea4-b37b-a010e5b43b2b
x-application-id: event-bus
access-control-allow-headers: Authorization,X-Forwarded-For,Accept-Language,Content-Type,intuit_tid,intuit_appid,intuit_offeringid,intuit_originatingip,intuit_test,intuit_locale,intuit_country,intuit_iddomain
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 avenir-700.woff2
lib.intuitcdn.net/fonts/AvenirNext/1.0/en/ 9 KB
9 KB 172ms
27ms Font
application/octet-stream 184.24.161.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.intuitcdn.net/fonts/AvenirNext/1.0/en/avenir-700.woff2
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.161.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-161-90.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f76664b1313cdfbbf1aeddd340deb2f070ff993bda8bba26395da7a8af6af6fd

Request headers

Referer: https://accounts.intuit.com/
Origin: https://accounts.intuit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: JkNhM2_RH_u0iDNOeW0E9HaDpuM.pADl
date: Tue, 22 Nov 2022 13:55:02 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 9148
last-modified: Wed, 14 Sep 2022 18:35:09 GMT
server: AmazonS3
etag: "084683345d2181ed6e752a2d70eacf04"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=15010789
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, DNT
x-amz-cf-id: w6bOH0Kp23wAmF6KTqz2wgdOIt4Gmki0_5QTcNsqJCJpY3pX5OdIBw==
expires: Mon, 15 May 2023 07:34:51 GMT

GET
H/1.1 200
OK kH7l10YA1g7xgLrW Show response
gfp.intuit.com/ Frame 9CE4 457 KB
82 KB 37ms
35ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/kH7l10YA1g7xgLrW?c544061636b81e05=UTbgcCqtq5mB6wdsGjkgwz6ahSg7oTy-eiave6KHe9uvZ_13Rk5TmssMcXAYHL_C1uolRI-YXetEp4VXfqZ8PH5MfTIUJZDfdGDLPTWpNp57WgaG3JavEGv0yeErCc1MhzK3RITusavJGC6DYJ-UPHf2G15LcpViupEub_piDVyWpLnPTNE75uMpYUTtYKDDCZXKHyhjchcLMsC-YToeXnE&jb=373126246a716d773d55696e646d7571246a736d3d576b6e646d757327323033322e6a7162773f4168706f6d65246871603d436a726f6f65253032313237

Requested by

Host: gfp.intuit.com
URL: https://gfp.intuit.com/52l16ljeoclr2634.js?zn94l033ef21y15g=v60nf4oj&mbnt7eg4wwnx3bgl=680CD36F4615432774564D71E2C5F4AB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0421796c7cb523324a2d45054bd6ca721470d97b8fff6384d959e15886ee57c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
tmx-nonce: 2698b2b9c8008066
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK NHQIMxu_ITdHHqti
gfp.intuit.com/ Frame 9CE4 81 B
475 B 67ms
21ms Image
image/png 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfp.intuit.com/NHQIMxu_ITdHHqti?89837fabf9c2c46a=GddxO5R_0S6jQ0KD3TaR0jsUpEuQzGsgPZTiqwDpndfjS3E25zL4d60r5u2McxcTbJ-l9A_QWWw6VBWn7UgYOIyig9TzlaCHPFw6AcDZLG1d_Gal__3VsT92SZqMXjHMh40Fo11_uNDo_CW_RPO-6I8vSsexETWNpvqLZpVNHzRiTw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 04xWKo5gwdMxbiRa
gfp.intuit.com/ Frame 9CE4 81 B
475 B 67ms
21ms Image
image/png 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfp.intuit.com/04xWKo5gwdMxbiRa?051c300389c8c89b=rn1k_gaTu8dCT2E8qRxMiw5fp7hRpDtt95lTQef-vkrRohG-KejcwedOs5qqs3-Nwoqi3YjO0mF9cfGC_sxNI0tPKZjQ2BSH0A00QEFsD99mCxA7DkMSddfy8uLMn-0DnWcwuA124iAQD9a0jMcBHxb09n7QLMRnb3K2hz5dJeWICA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 /
02179914.akstat.io/ 0
204 B 125ms
54ms Ping
image/gif 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179914.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/JMR2J-JRQ54-8U3H8-YDWCP-M9P79

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://accounts.intuit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 13:55:03 GMT
content-type: image/gif
access-control-allow-origin: https://accounts.intuit.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Tue, 22 Nov 2022 13:55:03 GMT

GET
H/1.1 200
OK 3dcq3cwUNVev5x9_ Show response
gfp.intuit.com/ Frame C438 19 KB
6 KB 23ms
23ms Document
text/html 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/3dcq3cwUNVev5x9_?00d5f5b34d78aec5=nv0A5IOqpxBR3LBQeCE69AbKm7tJqdtOfswZQw0eq_ymhG9syyoCAjbrIrCriyVVQktln4nznT2QeZ5S4FErSFNycpYnHN24b1bgIiKJtiQf3XNhfuQ4QewyJ3njHsoMKmjOKjAjWHwgiXNcqg4m6g&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: gfp.intuit.com
URL: https://gfp.intuit.com/kH7l10YA1g7xgLrW?c544061636b81e05=UTbgcCqtq5mB6wdsGjkgwz6ahSg7oTy-eiave6KHe9uvZ_13Rk5TmssMcXAYHL_C1uolRI-YXetEp4VXfqZ8PH5MfTIUJZDfdGDLPTWpNp57WgaG3JavEGv0yeErCc1MhzK3RITusavJGC6DYJ-UPHf2G15LcpViupEub_piDVyWpLnPTNE75uMpYUTtYKDDCZXKHyhjchcLMsC-YToeXnE&jb=373126246a716d773d55696e646d7571246a736d3d576b6e646d757327323033322e6a7162773f4168706f6d65246871603d436a726f6f65253032313237

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

154f061a7f970174c90e71f21bccbccadae3106f06600cc2c8ef7498d56cf5a0

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; connect-src 'self'; default-src 'none'; script-src 'self' 'unsafe-inline'; img-src *; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.intuit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5912
Content-Security-Policy: frame-src 'self'; connect-src 'self'; default-src 'none'; script-src 'self' 'unsafe-inline'; img-src *; style-src 'self' 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Tue, 22 Nov 2022 13:55:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
gfp.intuit.com/fp/ Frame 9CE4 81 B
535 B 65ms
21ms XHR
image/png 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, v60nf4oj/2698b2b9c8008066680cd36f4615432774564d71e2c5f4ab
Referer: https://accounts.intuit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 22 Nov 2022 13:55:03 GMT
Server: Apache
Etag: 0387f753931144d39ae65afaa50a233f
Content-Type: image/png
Access-Control-Allow-Origin: https://accounts.intuit.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 21 Nov 2027 13:55:03 GMT

GET
H/1.1 200
OK F-axozE5DnoRTMD1 Show response
gfp.intuit.com/ Frame 26A4 93 KB
14 KB 26ms
25ms Document
text/html 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/F-axozE5DnoRTMD1?050227cd42b6911b=ar-wS6tPWB0gZjS_tGZqdtSSdoA2gSr70l-Vw9jLgYRuOaKl-yL4KSDNx4ovi40fQFwrAOaEFQyNBWailU5Hay363c6oPm0BceNeQi1UvGjIaaBk2lRQkX-0uC5SI4wLK_1TrLYLMQw73_ai270OatV1uyAvX8dNFLAkRA7j5l3WNw0mvWIq0r5vsjxeM9q_zFvfs3r-FAZ6hTM-Sq8bdZfVTw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

cd6a306bd2989a525ea297aab137bd136356427c9626e8523393c249b5988077

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.intuit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Tue, 22 Nov 2022 13:55:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content Wy93G3NXlcGulk2B Show response
gfp.intuit.com/ Frame 9CE4 0
387 B 24ms
23ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK R_r6aaL5Ov9B4Y0- Show response
gfp.intuit.com/ Frame 9CE4 104 B
626 B 24ms
24ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/R_r6aaL5Ov9B4Y0-?4a2814e10fa304c7=g_n42AT8ASdB618LV0NjUM1VmAecVcTpDaXhOX-Kk3tpYyf2uXHt1FZ3l6nU4hOJeJf7sJcj3D1NeeXpYWOOC_6-hW3h0kMHXMkl8guMd0IupXgmrxnrXyEQYOwgIwHN4SQOIT-ZKgrXejLvpKmvhuWNHfr5_CwanoovAUGx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7b52b129de1ddff9a74656fd27dea9a9a2c0b8933478b0297b400eabc9357425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK c65ED1RYewUomxTs Show response
h.online-metrix.net/ Frame 07BE 104 KB
16 KB 77ms
24ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/c65ED1RYewUomxTs?9942a90444ac80d5=cQuTXq0DMM-6YNbeEJBbd4gmFjF4hB674q8DXmD7Hxw98hTrfJWqLGBX4EYqFb4IDCj10OlwScxfjo46PvUCjVQuV3hVqPe8a1OGAKcuR1xihnB-j3QRF1xKQ8B3S5ZRWi2dkGDAtBq4gqz5yFFEVrQCp04esW6gsQLXV0xqw2lWi-bIIpnPP6rICty1-gKEznNuo0uAMiZDe9fhsvG4IncBglI

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

311ff4cebf81201cff7dd2768b7097d1ed863d3764a53235b7e9d5c6d8d2636f

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.intuit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Tue, 22 Nov 2022 13:55:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK GQkU9SHf4jo8wbNp Show response
gfp.intuit.com/ Frame C715 90 KB
14 KB 34ms
25ms Document
text/html 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/GQkU9SHf4jo8wbNp?c884ddde24c1f087=zvtdLGYPoB-7KpUCsu8J9hPtoItq4iO_fYBKgj-xk0p2AxNwV1F7IivgEPYMLqYKbc4M2JzuYEdrPXKOlCmM81OzF3GqHLGDyuyZ9Rpdy3qar80FrlAqzW3DK1xdFQWHXI4Y2WSL2IN-wJVRLnus5FyAaVjYELd6FpF3bHkZTSzKatLD5z-rSAWaPj_SAzU1Dq2YflL5O2RYX3S2IZfet9FkUnc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

23947d8b16b3f5e89d45a7b3a1ca5b76b8b017acbffd4d639f2b6f6ea6291df5

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.intuit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Tue, 22 Nov 2022 13:55:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 Wy93G3NXlcGulk2B Show response
gfp.intuit.com/ Frame 9CE4 0
218 B 29ms
24ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/Wy93G3NXlcGulk2B?1ca66b3c529210bc=YQKG1uI9IiVlUOVkizTAuon9envt3tiNf97xmGDeIZPMcHc_ZeKETuTPBKCIRjW-EDm-Io3MauVOx6RzKpFJhTwOYqUDqua6GCQFUeDt0MOSggAW0-3yxNBrk021GYtzBbqbFxs7-Bw7SSk3BrojKQVUJA8NkFm9kw&ja=303b36332624613f30247a3d3024643f3336303278313030302463663f3136323270313030322471787b3d307832246672723d332c313430302e333232302c333438302e313032322c333630302e333032302c333630322c313032302e302c322465743f613a3a306160636463353566666664643965633834333334353036603b693763266f6c3f34247363643f3036246c683f687476707327314127324627304e6161636d776c74712e696e76776b762e636d6d25304676302732447369656c616e2c68766f6e25314669757a5d6b66656e7669666b65725d646970737427314c747075672730366d666665706b6c655f6966253346496e767769762e74637a26746378616d6e6c63626f7263766b6d6e2e766178726179677062706f7771677a25303670676669706563745d77706e253346687476707327303531412530373a46273237304470706f6c696c692c6b6e747769742c636f6f2732373246637278253035304476617a70617967702730353244636f6e6c61606d726374696d6c2d32373344616d6c6e61625f6b66273035334632674b414143436243514147434941434165574343446c30553065316645597a42674347612466723f687476727b2531412730442530466163616d776c74732c696e767569762c636d6d2530447e32273244716b676c696e2e6a766f6e25334469757a5f6966676e7669666b677a5f6469707176253144747277672730366f64666570696e655d69662533464b66747769762c76617a2e74617a616d6e6c61606f726374696d6c2e766178726371657062706d7573677225323470676669726763745d75726e273346687476727b25303531432732373246253037304470726d6c696c6b2e6b6c747769742c61676d2732373044617270253237304476617872617967722530373244636f6e6e69626d7263766b6f6c2532353144616d6c6c63625f6b64253037334632674b434941436243534345434141414365574343466e30553067336647597a426743456926726c3f3124706a3d373864303a63613660636660653133316235333835636d30663360666032663426686a3f343033633066326631343b3766353062316639393a3467343b666162393760312468736f3f57696c646f75712530303132246273603d416a706f6f65253232333235266a716f753f57696c666f75732668716a753f436a706d6d67266e68613f36246e646f3d38246e6d76723d322674786635457663273044556c6b6e6f756c246f61746a723d36303031663161326267613832673661613736323038326366333735343231666634353a3a3136316434676961303466613b34636662643530313333313b366124703d726e7565696e5d646461716827374766636c736523726e7767696c5f776b6e646d75735d6d65666b695f726c637b677227354566636e716721706e75676b6e5f63666f60655f63617a6f60617627374564616c736723726e75676b6e5f7375696169746b6d6527374d66636c716723706e7567696c5d716a6f63697761746525374766636c736723786c77676b6c5d7267616c706e637b677225374566636c736723706e75676b6c57766e635d726e617b657225374764636c736721706e75676b6c5f666576636e7e7227354764636c716521706e77656b6e5f7176675d76696775657025354764696c716523726e7565696e5f6863746325354766616e736524656c5d633d75676a676e576760454c273230312c32273030284d70656c474c27303047532530323a2e322530324168706f6d69776f2b556562454c253030474e514c27323047512d3232312c32273232284f70676c454e2532324553273230454e534e253232475b253030332c322530304368706d6f6b756d2b5765604b69765565604b6976273a30556560454e414c474c455d6b6c7174616c6365665f617070617b732531402d3232455a565d626e656e645d6f6b6c6d617a2533402532324758565f636d6e67725d6277646465705f68616e645d646c6f6374253142253032455a545f646e6761765f606e676e662533422730324758545d667263675f66677076682531402d3232455a565d736a616465705d766778747772655d6c6f662733402532324750545d74677a767570655f636d6f7270657371696f6c5f62727663273342273038455a545d766778767572655d616d6f70726773736b6f6e5d706776632531402d3232455a565d746778747570675d64696c7665725d616e6b716f76726f726b6b253142273032455a545f735045402733422732304d45535d676c676d656c7657696c64677a5d756b6e742531402730304f47535f64626f5d70656c6465705d6569726d63722733402532304d47515d7374636e646372645d66657069766376617667732731402530304f45515d766778747772655d666c6d63742733422730384f47535d766778767572655d646e6d61745d6c696c6561702733402532324d4d535d74677a767570655f68636e645d666c6d61742733422730304d45535d766d78767570675d68636c665f646e6d63745f6e696e6761722731422732304d475b5f7465707667785d617272637b5d6d626a676374273342273030554542454e57636d6c6d705d6277666665705d646e6f6176253340253232554540474c5d61676d727267717165665f74657a767770655f6373746125334027323257454045445f616f6f727065717365645d76677a747570655f67746327314227323055474a474e5f616d6f707065737367665d766578767572675f65766131273342273038574742454e5d636d6d707267717167645f766578767572675d7331746327314a253030554740474e5f636f6f727067737367645f766578767772675f7331766b5f71726560273340253230554740454c5f66656277675f70676e666572677057696c666d273142273230574740454e5f646770746a5f74677a7477726527314a253030554740474e5f647263755d6075666465727125334027323257454045445f6e6f71675d636d6e74657a76273142253030574742474e5d6d776c746b5d6c726377333424676e5f683d31646437646664343736306466613432376534306a653265353666323735343633323666343237392675676c743f496c74656e273a304b6e612c2477656c723d4b6c76676c253030497069732730304d70656c4544253030476c65696c65266361663f33362666663d633262606634606636373669613b3366616363333664323137673531383b65353236616634363666&jb=333d35246c733f4f6f78696c6c63273044352e3225323228576b6c646d77732730384e5625303233302c3025334027303257696c36342733422730307a36342b273a304370726e675767624b69762730443533352e33342532322a4b4a544d4e273a432732326e6b6b67253230456761696f292732304168726d6f6527324633323f2e322e373132342c3131302730325161666372692732463731372c3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK ry7amK4gQN93YL2R
v60nf4oj7b2wg3d55s33cyotn5bag6qnx6z6re4t2698b2b9c8008066am1.e.aa.online-metrix.net/ Frame 9CE4 81 B
438 B 85ms
21ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v60nf4oj7b2wg3d55s33cyotn5bag6qnx6z6re4t2698b2b9c8008066am1.e.aa.online-metrix.net/ry7amK4gQN93YL2R?f56d723e28c6ee98=sizT0dMtUUG8hzUZAQp1O11JtbGgWDue7akHBcRNXKMcgQMID4xdIcyGA99dvc0FfYWFHW4H1zAWMJcV6h8v1gF3d7uy6Cp9iBIz0P3sAzq0eiR90Kkqru_htVqppU4B0KgW0XFRTqDYN9otZx_ci3sbeo9XH4fLmok6OWIiGRQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK uuJJ7NhCvJ5tyCPe Show response
gfp.intuit.com/ Frame C438 209 KB
29 KB 30ms
29ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/uuJJ7NhCvJ5tyCPe?b886390199284629=Z_k5WG6KCxQsgRVlUHwggHmkpUgaGaLzde171BKoufmbWbLD78-lFY141DPTCUAEPtYVJkw9HEwYIdh_yx5w9QCjHHX--H0kBg5SPRinRW9cad2hCshrPNx82h-6mfgNDojiGlVwiO_Tbm-R90-TV6C9RAGK1ZdeKmjotZA

Requested by

Host: gfp.intuit.com
URL: https://gfp.intuit.com/3dcq3cwUNVev5x9_?00d5f5b34d78aec5=nv0A5IOqpxBR3LBQeCE69AbKm7tJqdtOfswZQw0eq_ymhG9syyoCAjbrIrCriyVVQktln4nznT2QeZ5S4FErSFNycpYnHN24b1bgIiKJtiQf3XNhfuQ4QewyJ3njHsoMKmjOKjAjWHwgiXNcqg4m6g&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

04e8e53372fd5d0c425fa7fbc4a04436afcca9a284414d79e0a1197626e05782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfp.intuit.com/3dcq3cwUNVev5x9_?00d5f5b34d78aec5=nv0A5IOqpxBR3LBQeCE69AbKm7tJqdtOfswZQw0eq_ymhG9syyoCAjbrIrCriyVVQktln4nznT2QeZ5S4FErSFNycpYnHN24b1bgIiKJtiQf3XNhfuQ4QewyJ3njHsoMKmjOKjAjWHwgiXNcqg4m6g&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
tmx-nonce: 2698b2b9c8008066
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content rrgvvofiUdxkte0K Show response
gfp.intuit.com/ Frame 26A4 0
387 B 22ms
21ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/rrgvvofiUdxkte0K?04f2c3cb2f6f140f=uAYbGGPoyAAKtXm4uIfrhVBW7JnF6hk3aCNOjIBjBC-ngOl2hLOSuf9lcdnYm-8hP3-11M2vuiwTiCuKLL2GPHKu2X5wrEem1HHZ0MTpGfk8n_PGaGWMBTFv6IxOwzE_Ir6qH-LOX6qWslFEjf3IMQTmBkYi8ra_Yg&jf=313e266e73603f31633a303665336135376563363334366162306366666562363531323a353231

Requested by

Host: gfp.intuit.com
URL: https://gfp.intuit.com/F-axozE5DnoRTMD1?050227cd42b6911b=ar-wS6tPWB0gZjS_tGZqdtSSdoA2gSr70l-Vw9jLgYRuOaKl-yL4KSDNx4ovi40fQFwrAOaEFQyNBWailU5Hay363c6oPm0BceNeQi1UvGjIaaBk2lRQkX-0uC5SI4wLK_1TrLYLMQw73_ai270OatV1uyAvX8dNFLAkRA7j5l3WNw0mvWIq0r5vsjxeM9q_zFvfs3r-FAZ6hTM-Sq8bdZfVTw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfp.intuit.com/F-axozE5DnoRTMD1?050227cd42b6911b=ar-wS6tPWB0gZjS_tGZqdtSSdoA2gSr70l-Vw9jLgYRuOaKl-yL4KSDNx4ovi40fQFwrAOaEFQyNBWailU5Hay363c6oPm0BceNeQi1UvGjIaaBk2lRQkX-0uC5SI4wLK_1TrLYLMQw73_ai270OatV1uyAvX8dNFLAkRA7j5l3WNw0mvWIq0r5vsjxeM9q_zFvfs3r-FAZ6hTM-Sq8bdZfVTw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ijTZLtn1uoulVeyi Show response
gfp.intuit.com/ Frame 26A4 104 B
626 B 22ms
22ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/ijTZLtn1uoulVeyi?a7f93ae590ee4711=4s_DJvNSvKxQzLpbwsA9UU9YHmoMUi0saINc3g0f9uhWdy4D16YBdsgSEP0OVetmcaw2ee6QgLF37IPMUT54FsVjtPMIQPGcq4Of7xTLo-5wLx_7S6-lZkwcO0KcxepUx4VIfgOrk98IEAF6BTMtCM9pv8Z7b0EK9VIbUc0y&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

fcc493cf9cddf17106118f32ead1ae7dc03cada8ffd4757f3871cb6ee273ad87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfp.intuit.com/F-axozE5DnoRTMD1?050227cd42b6911b=ar-wS6tPWB0gZjS_tGZqdtSSdoA2gSr70l-Vw9jLgYRuOaKl-yL4KSDNx4ovi40fQFwrAOaEFQyNBWailU5Hay363c6oPm0BceNeQi1UvGjIaaBk2lRQkX-0uC5SI4wLK_1TrLYLMQw73_ai270OatV1uyAvX8dNFLAkRA7j5l3WNw0mvWIq0r5vsjxeM9q_zFvfs3r-FAZ6hTM-Sq8bdZfVTw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 CWZikXsJHWFR73zV
gfp.intuit.com/ Frame 9CE4 0
400 B 27ms
27ms Image
image/png 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfp.intuit.com/CWZikXsJHWFR73zV?650ab7340d177857=JHye8iZPOVKoo7DkgN8tN3qP_8g4gzVBkQ-UsNOltedDIC2DDhsufY9iWJX_R6zINhckC-YziPxQ4daZVnU0iDwZHRN3q7oIkOi5zJT54okcWO3bLZpV8S5PncoTwN9Q5ofaN6l0lei1uX5JBkTXQa1lZCZ735s2e1R49Yt9sIExSzbavLIJJtXVSNRNWYfpauzBJ4ZmAjTUaIyUCDID5NDo4Q&jf=36393624736b665d726c643d7466705d47414143367941494a7744636e594d32247b69665f666376653f3136363b33303733303126736b645f767b70673d77676032656164716324736b645f6b677b3f3130353b333033333034323730613834363063673366323030333036303a30633a36343a636531643031323132373031363a303230363435646435353567336060316433346661383132313734313064363830336560316765363362383a3460303663313762363431333730663037313a6a63676632343364376330353567606162333561616432353b613135656634313f616337353133623237373560303a32383331623433386367663464633561316a66366330247169665f7369653f313234353232323330303a363336613066353863306432353330633038363233323b616234396267663766333060383337376c34333237663a35356233366660373b37323561393a323132303232363560646e65613130363a32676534316137323b63653435623a39376164613b303535336e3137633366373036323336633b606136636032653631383534353626736b647a3d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 x8QWYefr5idlPymo
h.online-metrix.net/ Frame 07BE 0
400 B 24ms
23ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/x8QWYefr5idlPymo?282c3c40aa3c9d44=4mwcq5HzE5RKXgSM5F-qyEoZsil4MIHyprXsivAi0ik3Z6l60c_5-SIyoN7hF5jbG6PC2y4FMq3W-cfDrPastpNh3VE8oMtQRSo5aGA2qJ8ETWhTegX8dFSs-uMAmVCnn8TANRJPnpLseP2TqE2AMNDDWcA9FCeI9nU0Z4VGJj5O9T6MsnrTXDXW8OKQo_oimPclQZulABcDHJUQa7WtPP0mTQ&jf=36393424736b665d726c643d7466705d6f735977314771674930784931545972247b69665f666376653f3136363b33303733303126736b645f767b70673d77676032656164716324736b645f6b677b3f3130353b333033333034323730613834363063673366323030333036303a30633a36343a636531643031323132373031363a30323036306639376366306461343335363430383a3831673263323730303a38313230353466343130356635303266656531326533393167316430656163343930303833636730673033663166353563356732366035383064613a3164643b6a303062326760323230383833666632303560613132393964323063633837343e37613060247169665f7369653f3132343432323232336237363531396660663f37346136363562663732623b30613a65326335656661633a673736376560663c33616463673061663134376067663264343733393a3032303233323432303a3b65363533676430646238613764363165323633376761303534376333663a3a386367353331633461626130666335363866666637673632346026716966703f39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/c65ED1RYewUomxTs?9942a90444ac80d5=cQuTXq0DMM-6YNbeEJBbd4gmFjF4hB674q8DXmD7Hxw98hTrfJWqLGBX4EYqFb4IDCj10OlwScxfjo46PvUCjVQuV3hVqPe8a1OGAKcuR1xihnB-j3QRF1xKQ8B3S5ZRWi2dkGDAtBq4gqz5yFFEVrQCp04esW6gsQLXV0xqw2lWi-bIIpnPP6rICty1-gKEznNuo0uAMiZDe9fhsvG4IncBglI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK zZ4zSBv16nAI12AO Show response
gfp.intuit.com/ Frame C438 35 B
557 B 24ms
23ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/zZ4zSBv16nAI12AO?69104c79d307c8bf=lK0MtswvkqOphhJN7o5V8MiMiReyJgFWauR15HCFGdZcj89e5Z7vxVzw9hnpsoIwVVZmTZ3RhEYvIYp0Bl66ylnIJkrPuig0x0fsshI4-0HIouMnCjYUvfmkxmAwuL0PBr5D5Bm25DAGvPLySad7Pm2Ibey3sAnkXRIRFZCJJPb7BY9URb39wtKHMAh8En8aa64e20NWhDvNIJfauj29Dw&sera_parametere=VEYEWlcEUwEGXQNTDwJVBlEGXAtWV1UPVgoAAFwBUAZQUlwJUgcDXVAKUxZLQwtfXEZMTBEXUX1GD3IVD3QTBAJcSl0OVw9cDUxDFQt0EwFwBhwPJhdQCQtXQ0RLFQVyFwF7HVV2RF0KBVVSW1JSUFBUXAAGC1VcUQ8HVQAEA1IKAw0PVgdRDAEIBwlbAgUFVFAfVg1cAVxeCgYJAFIEVAtVAQhSClIPVR5aQwUATg4EUwoKVwEECFMBUQAOAA4AAVRdXVEFAA9QCAFWDwgEAAJTCglQVAcfAlENAQABDhBbXwQVUxQSUF4BCQkBCBBeWQsfWl9xCksMVVUWWkYLBwIBH1oNQV9uClZUX09DEFVQC01cGG0BWA9UUlFbWxBTRgsMDg%3D%3D&count=0&max=0

Requested by

Host: gfp.intuit.com
URL: https://gfp.intuit.com/uuJJ7NhCvJ5tyCPe?b886390199284629=Z_k5WG6KCxQsgRVlUHwggHmkpUgaGaLzde171BKoufmbWbLD78-lFY141DPTCUAEPtYVJkw9HEwYIdh_yx5w9QCjHHX--H0kBg5SPRinRW9cad2hCshrPNx82h-6mfgNDojiGlVwiO_Tbm-R90-TV6C9RAGK1ZdeKmjotZA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

78012de7ae6293c4ae8a014d49deef1b53275f8b41c5c333e32ce54979fb38be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfp.intuit.com/3dcq3cwUNVev5x9_?00d5f5b34d78aec5=nv0A5IOqpxBR3LBQeCE69AbKm7tJqdtOfswZQw0eq_ymhG9syyoCAjbrIrCriyVVQktln4nznT2QeZ5S4FErSFNycpYnHN24b1bgIiKJtiQf3XNhfuQ4QewyJ3njHsoMKmjOKjAjWHwgiXNcqg4m6g&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content Wy93G3NXlcGulk2B Show response
gfp.intuit.com/ Frame 9CE4 0
387 B 21ms
21ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 Cj0EJz0KU7gqi2vW Show response
gfp.intuit.com/ Frame 9CE4 0
218 B 23ms
22ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://gfp.intuit.com/Cj0EJz0KU7gqi2vW?22c29bfefb93e59d=-62UEDXGWI9uDK9ztRQ3cI_yfAqlHmFVdefsVBUtx5v9v6ch4CgEykB9gutMRJsfk0EVyuI9uzpgIsHSjrUJfuWuwq3TvGt5vdTUUNHg1pIedPRQi6EG5SgozXbUPwdy_Waz6rUKotl3cCHArYk-MbjK6Nr_FmNI0XK_QxAwSU9o2iuU11iYiWDF9_XRktm1tKWxLksIGKuQtmbidT3yV-ECRA&jac=1&je=30393524266a60663d3877645f3338616a5f313870715d303a726b5f313a6c635d393a6e6e5d303870615f303a726a5d323a6d6b5f3038736c5d323a61775f33387b765d302e333030322c313632322e322c302e302c322c313432302e3132323224313430322e333232302c32362e30362c313872745d66616e71652e7472776724747075672e767277653a69615d64636c73673a70715f64676c6967642c6667666967642475656c743d496e76676e2732304b6e632c2677656e723f496e7667642530304b706b732732304f72676c454c253030456c67696c67

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 13:55:03 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 ius_did Show response
accounts.intuit.com/ 115 B
521 B 198ms
198ms Fetch
application/json 104.111.250.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.intuit.com/ius_did?a2=true
Requested by: Host: accounts.intuit.com
URL: https://accounts.intuit.com/IUS-Plugins/v2/scripts/ius.min.js?v=1.70.0.666
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.250.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 575df48cb436bb0d63d1db3db9afcb6c6fe790337d7667dfef15f9fa7068e6b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/v2/signin.html?iux_identifier_first=true&offering_id=Intuit.tax.taxcollaboration.taxpayerbrowser&redirect_url=https%3A%2F%2Fprolink.intuit.com%2Fapp%2Ftaxpayer%2Fcollaboration%3Fcollab_id%3D2gIAAAAbAQAEAAAAAgUACFl0U2g3dEYxBgAGaAbXOGEJ57UjCaFpgokmIUMLBvwlskR6VvMlfUGiK%252B1OaPM630A1fLtdyFYy1g9%252FejKLYG88eCiLOh5Fq52gs0b0eR7Kxay%252BpD4AaXXe5McVA90Pp9pZrlTcfNHggR5AwVWzbRoobrwqSI9xqRnJGsEVxD4xTNiTHTQvsih6A8oVY%252BXOYqI2LIp0ZmpDIHkwpxf1oTSl882fl8ZvtcwaJyW75Bo04R%252FIDEw%252Bau3n8r35K9MpNxaSr7uwPbiypH9bFawMKdzPXYjdZYWI8oxRWsBepvbh2xCThcWqZHDQ2JAD%252Fwx31Usdc60wmsLjuyeuiDy7zUnj5F%252B%252Be%252B0%253D&username=jim_reznicek%40jabil.com&email_address=jim_reznicek%40jabil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 13:55:04 GMT
server: nginx
intuit_tid: 91c1a429-2731-4c62-84f6-41b5796dda06
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store
server-timing: edge; dur=1, origin; dur=157, cdn-cache; desc=MISS
content-length: 115
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 Cj0EJz0KU7gqi2vW Show response
gfp.intuit.com/ Frame 9CE4 0
219 B 23ms
22ms Script
text/javascript 91.235.133.106
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.106 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.intuit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 13:55:07 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Type: text/javascript;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.intuit.com/	1970-01-20 07:38:48	Name: AKA_A2 Value: A
.intuit.com/	1969-12-31 23:59:59	Name: ius_session Value: 680CD36F4615432774564D71E2C5F4AB
gfp.intuit.com/	1970-01-20 17:14:45	Name: thx_guid Value: 3812c2be571db8ad1851edb120e76547
gfp.intuit.com/	1970-01-20 17:14:45	Name: tmx_guid Value: AAx_Ad6ZQSN-kmfVX7Z6ZhjGt4OKsMHZNwSntnyXvR3nlC-tZ676AIWjz3AaMcpousYoRaAtGJcw8f6JBkpKlMC5MWzl0w
.intuit.com/	1970-01-20 17:14:45	Name: provisional_ivid Value: f4083512-e20d-4df8-aa52-6a6a2c0c16c3
.intuit.com/	1969-12-31 23:59:59	Name: pageProperties Value: $accounts.intuit.com/v2/signin.html$identifier_screen$accounts.intuit.com$iip\|identity\|identity\|account_sign_in\|identifier_screen$
.intuit.com/	1970-01-20 16:24:21	Name: ajs_anonymous_id Value: %22f4083512-e20d-4df8-aa52-6a6a2c0c16c3%22
.accounts.intuit.com/	1970-01-20 07:48:50	Name: RT Value: "z=1&dm=accounts.intuit.com&si=b61470a7-7393-44c5-a26e-488525ce4062&ss=lasa3x99&sl=1&tt=155&bcn=%2F%2F02179914.akstat.io%2F&ld=159"
.intuit.com/	1970-01-20 17:14:45	Name: ivid Value: f4083512-e20d-4df8-aa52-6a6a2c0c16c3
.intuit.com/	1970-01-20 17:14:45	Name: did Value: SHOPPER2_14ad00615b251cdb72276118d79b651fb4498d900cb9b46b3f65723199bb617dc44fd1387cff63d80221824c77a56922

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179914.akstat.io
accounts.intuit.com
c.go-mpulse.net
eventbus.intuit.com
gfp.intuit.com
h.online-metrix.net
intuitvisitorid.api.intuit.com
lib.intuitcdn.net
plugin.intuitcdn.net
s.go-mpulse.net
segment.intuitcdn.net
uxfabric.intuitcdn.net
v60nf4oj7b2wg3d55s33cyotn5bag6qnx6z6re4t2698b2b9c8008066am1.e.aa.online-metrix.net
104.111.224.118
104.111.250.17
15.254.5.182
18.66.147.105
184.24.161.90
2a02:26f0:1700:38a::11a6
2a02:26f0:7100:59a::11a6
44.237.228.91
52.222.214.81
91.235.132.130
91.235.133.106
91.235.134.131
0421796c7cb523324a2d45054bd6ca721470d97b8fff6384d959e15886ee57c4
04e8e53372fd5d0c425fa7fbc4a04436afcca9a284414d79e0a1197626e05782
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ab7caa5729bfb4efa6e6110f44684f8b589969a60399d3c8c6af2e6ff62337c
12b43b4b2f2f6a3c7a97e8c57e09169a93e66e1789c63621c635cf06de802ad8
12b6b23421646026fbe16693c723e9f133267742b63649177b6ca0d8fec3026c
139ff243be9d3f04788b0a8ebd8be54501601df110baf1431c3958dfdeb10d4e
154f061a7f970174c90e71f21bccbccadae3106f06600cc2c8ef7498d56cf5a0
1ab90bb35f9e7cb13a19f73248cb9adfd8ca1ad07e4285693b444afc324fa2bc
23947d8b16b3f5e89d45a7b3a1ca5b76b8b017acbffd4d639f2b6f6ea6291df5
311ff4cebf81201cff7dd2768b7097d1ed863d3764a53235b7e9d5c6d8d2636f
32a4be366ff86183a6659283997a917549ca8986a2aaa0100df39085bcf32cba
3592431d276a8d2e34fbebee5ace6fab56d12726067e04763050e74e73d5103e
3bc0d164b1769b94df670119e9fa5b8780a95ef2a340b721766c33134a106fce
3d7c6233edff28e37f11e5e5582d536bd85713c27c9d37862894fbd370e6facc
54b7f8a4ee8317e45ff795614eaf24b08b408f6276e5ce6a081d8d581eebc906
575df48cb436bb0d63d1db3db9afcb6c6fe790337d7667dfef15f9fa7068e6b1
5dfe1d0301f111f40de5f18a6be6ddf0f25166f1c855f845a48d7f2472cd33ad
619d7d2e7cea87d91e3ff2630a196cfa3823935cbe32398c3a197cbb66ae3988
6748e9163367a5bde85295676194add0e32f26f9573a425c34847fdab587d296
67c06f1a1b0aae698726e2473ef9205e4c02547df017f439363e4cf2327f1a19
6b120112660f6a18307e835c5d720c9708ae599f4b9322170b46edf5518b4d06
7507bfcf1693c6a8f3f69d15121dc14aeb8dc9e301bac6568152fb50210e36fe
78012de7ae6293c4ae8a014d49deef1b53275f8b41c5c333e32ce54979fb38be
7b52b129de1ddff9a74656fd27dea9a9a2c0b8933478b0297b400eabc9357425
810be77387297d89a01d80dd1058c7d358e5599e770036a4cd25f4bb72dd9512
817789f8b4ae153258be7067cb01f30e80b018238d8861ffcf693ae7dc11a696
8b64e525de8ac6745e6a801ffb352528c1306c0de94ad88c502b12fc5371adfb
9479a48c67eef7bffd3d31865eb074711aeb9074dba633edbf09dacc6e6bd4b7
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96932d50ad388c4f46d173b7ba70c1dc1c272eac2b4989d407729414a9d4a04c
a5cd8ee35798925af20b8e984a81bfd3d4a23cb3c75511d626a6d9c3a3af1118
b0c32e5813513833fc91417dfc010db01c0001ac8a8fce3fc8793790a24a5c5a
c8278b56794c389919d388951c5fa4dc07a388e16eb7055d675b0b916acc70e5
cbcc66e68c675751c8f7e98858e2b6f07462e030909d3bbe63103a6af5ba43f8
cd6a306bd2989a525ea297aab137bd136356427c9626e8523393c249b5988077
da844a1fac483057dcce4b4dddb1eb960cb79e7a8cc8ae10fc01fc21754ef14b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e702c9ba71a6a2d0661b2d89245b18144c05668241acfba9a1ae054e7e66b901
e8f32be002add2dc07d5ca3667e2d32700928db1b3ea7c23d016e3a25a696c2f
eaa75f72e4fbfdceb1632543bee75fd769639d75c281857235517678ee6e0ff6
f76664b1313cdfbbf1aeddd340deb2f070ff993bda8bba26395da7a8af6af6fd
fcc493cf9cddf17106118f32ead1ae7dc03cada8ffd4757f3871cb6ee273ad87
fd42ba8d8dc2c5b032e7705261d4088dfc8bf47b249c99241022d66ac067bea7

accounts.intuit.com Open in urlscan Pro 104.111.250.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

57 Requests

100 %HTTPS

17 %IPv6

5 Domains

13 Subdomains

13 IPs

2 Countries

884 kBTransfer

3590 kBSize

10 Cookies

7 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

accounts.intuit.com Open in urlscan Pro
104.111.250.17 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

13
Subdomains

13
IPs

2
Countries

884 kB
Transfer

3590 kB
Size

10
Cookies

57 HTTP transactions
1 data transactions