urlscan.io logo urlscan.io
SecurityTrails logo

turbotax.intuit.com Open in urlscan Pro
2a02:26f0:fb:59f::1d6c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://etrack.freeconferencecall.com/t/gcH1AAebaB1GhQAFKmBEUo2Q~aFKgEYXXuaaaaEDI~BRDT0L8aa?p=5_180A~amp;Z=mkr-jmYshea.epeomam~2504ave...
Effective URL: https://turbotax.intuit.com/lp/bn/1709/?cid=bn_cam_12_7519826_327867231_137986071&dclid=CODXo5Sd7vYCFazruwgdl2gGpQ
Submission: On March 30 via api from SE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 2a02:26f0:fb:59f::1d6c, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is turbotax.intuit.com. The Cisco Umbrella rank of the primary domain is 16788.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 1st 2021. Valid for: a year.
This is the only time turbotax.intuit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.251.181.240 62942 (WIDEVOICE...)
1 1 142.250.185.166 15169 (GOOGLE)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
2 2
Apex Domain
Subdomains		 Transfer
1 intuit.com
turbotax.intuit.com — Cisco Umbrella Rank: 16788
3 KB
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 190
823 B
1 freeconferencecall.com
etrack.freeconferencecall.com — Cisco Umbrella Rank: 762346
2 KB
2 3
Domain Requested by
1 turbotax.intuit.com etrack.freeconferencecall.com
1 ad.doubleclick.net 1 redirects
1 etrack.freeconferencecall.com
2 3

This site contains no links.

Subject Issuer Validity Valid
turbotax.intuit.com
DigiCert SHA2 Extended Validation Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://turbotax.intuit.com/lp/bn/1709/?cid=bn_cam_12_7519826_327867231_137986071&dclid=CODXo5Sd7vYCFazruwgdl2gGpQ
Frame ID: 678C8FB4CC2FB407E224A9AF152F2379
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Intuit | Try again later

Page URL History Show full URLs

  1. http://etrack.freeconferencecall.com/t/gcH1AAebaB1GhQAFKmBEUo2Q~aFKgEYXXuaaaaEDI~BRDT0L8aa?p=5_180A~amp;Z=mkr-jmY... Page URL
  2. https://ad.doubleclick.net/ddm/trackclk/N5506.4094059FREECONFERENCECALL/B26806340.327867231;dc_trk_aid=... HTTP 302
    https://turbotax.intuit.com/lp/bn/1709/?cid=bn_cam_12_7519826_327867231_137986071&dclid=CODXo5Sd7vYCFazr... Page URL

Page Statistics

2
Requests

50 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

5 kB
Transfer

4 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://etrack.freeconferencecall.com/t/gcH1AAebaB1GhQAFKmBEUo2Q~aFKgEYXXuaaaaEDI~BRDT0L8aa?p=5_180A~amp;Z=mkr-jmYshea.epeomam~2504avegowkr.Ysi~amp;p=e~amp;1= Page URL
  2. https://ad.doubleclick.net/ddm/trackclk/N5506.4094059FREECONFERENCECALL/B26806340.327867231;dc_trk_aid=520261587;dc_trk_cid=137986071;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
    https://turbotax.intuit.com/lp/bn/1709/?cid=bn_cam_12_7519826_327867231_137986071&dclid=CODXo5Sd7vYCFazruwgdl2gGpQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gcH1AAebaB1GhQAFKmBEUo2Q~aFKgEYXXuaaaaEDI~BRDT0L8aa
etrack.freeconferencecall.com/t/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://etrack.freeconferencecall.com/t/gcH1AAebaB1GhQAFKmBEUo2Q~aFKgEYXXuaaaaEDI~BRDT0L8aa?p=5_180A~amp;Z=mkr-jmYshea.epeomam~2504avegowkr.Ysi~amp;p=e~amp;1=
Protocol
HTTP/1.1
Server
162.251.181.240 , United States, ASN62942 (WIDEVOICE-MIA, US),
Reverse DNS
mia-mx01.freeconferencecall.com
Software
/
Resource Hash
b9547f7c462bfe0d160e6ba19e8dab07374d135d0ec7737482fdc109d4ba7da9

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0, no-store
Connection
close
Content-Length
1794
Content-Type
text/html;charset=ascii
Date
Wed, 30 Mar 2022 16:13:13 GMT
Expires
-1
Pragma
no-cache
Server
Primary Request /
turbotax.intuit.com/lp/bn/1709/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackclk/N5506.4094059FREECONFERENCECALL/B26806340.327867231;dc_trk_aid=520261587;dc_trk_cid=137986071;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
  • https://turbotax.intuit.com/lp/bn/1709/?cid=bn_cam_12_7519826_327867231_137986071&dclid=CODXo5Sd7vYCFazruwgdl2gGpQ
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://turbotax.intuit.com/lp/bn/1709/?cid=bn_cam_12_7519826_327867231_137986071&dclid=CODXo5Sd7vYCFazruwgdl2gGpQ
Requested by
Host: etrack.freeconferencecall.com
URL: http://etrack.freeconferencecall.com/t/gcH1AAebaB1GhQAFKmBEUo2Q~aFKgEYXXuaaaaEDI~BRDT0L8aa?p=5_180A~amp;Z=mkr-jmYshea.epeomam~2504avegowkr.Ysi~amp;p=e~amp;1=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59f::1d6c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiGHost /
Resource Hash
0ca5869cac0fb25f18b3d8e731dc207f7f8845a0125f60d530f08dc315b97fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://etrack.freeconferencecall.com/t/gcH1AAebaB1GhQAFKmBEUo2Q~aFKgEYXXuaaaaEDI~BRDT0L8aa?p=5_180A~amp;Z=mkr-jmYshea.epeomam~2504avegowkr.Ysi~amp;p=e~amp;1=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
2508
content-type
text/html
date
Wed, 30 Mar 2022 16:13:13 GMT
expires
0
mime-version
1.0
pragma
no-cache
server
AkamaiGHost

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 16:13:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://turbotax.intuit.com/lp/bn/1709/?cid=bn_cam_12_7519826_327867231_137986071&dclid=CODXo5Sd7vYCFazruwgdl2gGpQ
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: FLC
Value: CNL8ygMQ37arnAEY05-K-AEgl4DmQSjhknkwmYOSkgY
.doubleclick.net/ Name: IDE
Value: AHWqTUkvPPPRagJPLb-BOPdFVcW1uK12w4C_9gCBa_Km5snJFVMTxRHL3P3AqGxgVhI
.intuit.com/ Name: AKES_GEO
Value: DE~HE

1 Console Messages

Source Level URL
Text
network error URL: https://turbotax.intuit.com/lp/bn/1709/?cid=bn_cam_12_7519826_327867231_137986071&dclid=CODXo5Sd7vYCFazruwgdl2gGpQ
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
etrack.freeconferencecall.com
turbotax.intuit.com
142.250.185.166
162.251.181.240
2a02:26f0:fb:59f::1d6c
0ca5869cac0fb25f18b3d8e731dc207f7f8845a0125f60d530f08dc315b97fa0
b9547f7c462bfe0d160e6ba19e8dab07374d135d0ec7737482fdc109d4ba7da9