urlscan.io logo urlscan.io
SecurityTrails logo

ffa.lc.intuit.com Open in urlscan Pro
52.11.18.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGmA3WzgBSuzcsynHYCMhyzauHzfuzgGJwzc5pzbKvjd6HGqt5WOw4BPtsyIcug...
Effective URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-...
Submission: On January 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 52.11.18.144, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is ffa.lc.intuit.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 10th 2019. Valid for: a year.
This is the only time ffa.lc.intuit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 12.130.158.196 21621 (RESPONSYS-2)
1 52.11.18.144 16509 (AMAZON-02)
8 52.222.155.113 16509 (AMAZON-02)
1 52.222.149.192 16509 (AMAZON-02)
2 104.111.246.132 16625 (AKAMAI-AS)
1 151.101.114.110 54113 (FASTLY)
2 162.247.242.20 23467 (NEWRELIC-...)
15 7
1    12.130.158.196 (United States)

ASN21621 (RESPONSYS-2, US)
PTR: e.turbotax.intuit.com
e.turbotax.intuit.com
1    52.11.18.144 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-18-144.us-west-2.compute.amazonaws.com
ffa.lc.intuit.com
8    52.222.155.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-155-113.fra53.r.cloudfront.net
d2gcv4sxt84gxu.cloudfront.net
1    52.222.149.192 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-192.fra53.r.cloudfront.net
dwum8argi892z.cloudfront.net
2    104.111.246.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-246-132.deploy.static.akamaitechnologies.com
accounts.intuit.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Domain Requested by
8 d2gcv4sxt84gxu.cloudfront.net ffa.lc.intuit.com
2 bam.nr-data.net js-agent.newrelic.com
ffa.lc.intuit.com
2 accounts.intuit.com dwum8argi892z.cloudfront.net
accounts.intuit.com
1 js-agent.newrelic.com ffa.lc.intuit.com
1 dwum8argi892z.cloudfront.net ffa.lc.intuit.com
1 ffa.lc.intuit.com
1 e.turbotax.intuit.com 1 redirects
15 7

This site contains links to these domains. Also see Links.

Domain
turbotax.intuit.com
freefile.intuit.com
security.intuit.com
Subject Issuer Validity Valid
*.lc.intuit.com
DigiCert SHA2 Secure Server CA		 2019-07-10 -
2020-09-23		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
accounts-prd.intuit.com
DigiCert SHA2 Secure Server CA		 2019-12-09 -
2020-12-12		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Frame ID: FF50A5D0361D29EBC73C8125A4A49F18
Requests: 14 HTTP requests in this frame

Frame: https://accounts.intuit.com/ividFrame.html
Frame ID: 622679063816BAE337836BD30FEA4575
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGmA3WzgBSuzcsynHYCMhyzauHzfuzgGJwzc5pzbKvj... HTTP 302
    https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a... Page URL

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

7
Subdomains

7
IPs

3
Countries

512 kB
Transfer

1553 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGmA3WzgBSuzcsynHYCMhyzauHzfuzgGJwzc5pzbKvjd6HGqt5WOw4BPtsyIcugSPzb1qKTzfidAJCKoCVXtpKX%3DSWBUAAUST&_ei_=EmfBGUXzJ5nxgHg034i0GRvBKbCLq1eAE3dITlf4DU3TULLMGmHAWL5ZVk9tSZ5B_SLwZlf4P9qY8Z7se1D43ys-mR-SUk_IOzhgTZB2M8kg-cgUYYUWIccZlDDCrEdYp0QGj-yydJZWLK0qRpqbSbXAJW7osi0EUj5RHtZGHSXidon-hmMxa9OjQqjdbrk8htjCBNo8Z8HPksntLxCRk8aJof-459YPbMB7wgxHxbSy. HTTP 302
    https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
ffa.lc.intuit.com/questions/
Redirect Chain
  • https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGmA3WzgBSuzcsynHYCMhyzauHzfuzgGJwzc5pzbKvjd6HGqt5WOw4BPtsyIcugSPzb1qKTzfidAJCKoCVXtpKX%3DSWBUAAUST&_ei_=EmfBGUXzJ5nxgHg034i0GRvBKbCLq...
  • https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
40 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.18.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-18-144.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
61e4edca5782348d1c45cacb545821e4e7627ab521c0a018b349970d01542163
Security Headers
Name Value
X-Frame-Options

Request headers

:method
GET
:authority
ffa.lc.intuit.com
:scheme
https
:path
/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200 200 OK
date
Tue, 21 Jan 2020 17:40:36 GMT
content-type
text/html; charset=utf-8
content-length
13676
x-frame-options
etag
W/"0f2d7dd1de95d72ac192130989bde932"
cache-control
max-age=0, private, must-revalidate
x-request-id
a23a4602-e109-4e31-83e7-eca3555e09fe
x-runtime
0.085119
set-cookie
_session_id=aWliMGROMzBxcmhlRWgyMWNmTFY5VXB0aUt5N1RiMnBtWUxVT1lsenhOSWp0UFlhYjcrZFA4bXowOWxmSXBXanlQUjE0TVhoeFZDUU5abXJ3NDllemRITnA4WDZMRGVQY0E1eUpCcGtSdlVFMGFKekN4VkMvSnFtK1M3V21pSExVcXZMNWsrd2Vmak1NOVNCejNCVUZHQWVoYXFpOHlFWEl1R21oZE52Z29ZeFhmQjZ5WC96bFBDNGpQVldpd3dGeXRmalRUeEJESU1DR1p6dlhPcjZRT0szaWR0K1BSZFB2aC93Qk5JQzZwR3FqQjF0d2JFU3UxVzVlVjRWdFdWbHFCZHdOUVNMcE56c1FJTUZ2Tjc4aHNNR05HZlJvbys1RjRSSHc0c0lwTVJqbHdnTXc2UXV1dFZDbjJUR1BHY3E4bERmbUhweS9BakNMMGFRakxQRldKd3JSMkgvSlo2RlV2V0kySmFKek5VTnlwK2dNWEtlcnlHUmVwbUt1UWNILS1US3ZIZmtYdEcvc1hPYzFrbXExTThBPT0%3D--5123aa0088295b9b00c9ca26a4ef78d7b1255774; path=/; HttpOnly
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Date
Tue, 21 Jan 2020 17:40:36 GMT
Server
Apache
P3P
policyref="http://policy2.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma
no-cache
Cache-Control
no-store, no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
5.interact2.05.....N.N...=_ri_=X0Gzc2X%3DYQpglLjHJlTQGmA3WzgBSuzcsynHYCMhyzauHzfuzgGJwzc5pzbKvjd6HGqt5WOw4BPtsyIcugSPzb1qKTzfidAJCKoCVXtpKX%3DSWBUAAUST&_ei_=EmfBGUXzJ5nxgHg034i0GRvBKbCLq1eAE3dITlf4DU3TULLMGmHAWL5ZVk9tSZ5B_SLwZlf4P9qY8Z7se1D43ys-mR-SUk_IOzhgTZB2M8kg-cgUYYUWIccZlDDCrEdYp0QGj-yydJZWLK0qRpqbSbXAJW7osi0EUj5RHtZGHSXidon-hmMxa9OjQqjdbrk8htjCBNo8Z8HPksntLxCRk8aJof-459YPbMB7wgxHxbSy; expires=Thu, 20-Jan-2022 17:40:36 GMT; Domain=.turbotax.intuit.com; Path=/pub; HttpOnly
Location
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Connection
close
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
application-820887350e255fcf442910ba3bcecc2484d8739ea1b7666ca34a16b170441754.css
d2gcv4sxt84gxu.cloudfront.net/assets/bs4/ 		298 KB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/assets/bs4/application-820887350e255fcf442910ba3bcecc2484d8739ea1b7666ca34a16b170441754.css
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a05768d512e875d38176b81835636e68fe68a265dbf852398380f52ddd2ae4c

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 21 Jan 2020 14:40:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 10:24:03 GMT
Server
AmazonS3
Age
10780
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 bc9bd2c59aa48e2932432099ba36a25b.cloudfront.net (CloudFront)
Cache-Control
max-age=1314000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
X-Amz-Cf-Id
JWv1pks0gmyZL_hY4nYJ8icJcZpGBh3xnFdAq_MQ783_LgekjbjsDQ==
cdc_lib_min_1.8.28.js
dwum8argi892z.cloudfront.net/js/ 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dwum8argi892z.cloudfront.net/js/cdc_lib_min_1.8.28.js
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.192 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-192.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
587e3aaa55e1a30d2bb997681bd8ac90e2ae3da85b5f8d297c214efce63a62f6

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 21 Jan 2020 15:25:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Dec 2014 20:01:44 GMT
Server
AmazonS3
Age
8107
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 b8b7a48d4425abc8f20c14956fccf2e5.cloudfront.net (CloudFront)
Cache-Control
max-age=18000, public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
X-Amz-Cf-Id
kYYJYvIh1KNLE5Vwty03Q35rTDxQa-Kp7WHpmoKuURDMcAM_n_CutA==
original.png
d2gcv4sxt84gxu.cloudfront.net/uploads/logos/18/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/uploads/logos/18/original.png?1452212908
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00587db4d8f7b887c18d68df882f279f700abb10b72a77e8704d6e8d28ec73bf

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 21 Jan 2020 17:30:20 GMT
Via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
Last-Modified
Fri, 08 Jan 2016 00:28:30 GMT
Server
AmazonS3
Age
618
ETag
"b40f91f78263bef4cbe86799087a97f0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7085
X-Amz-Cf-Id
I1OHrYEQruz-7RmjzihVTIr_FldMOOTl3bhxr34ewmY6LHjru5SyQg==
Expires
Sat, 07 Jan 2017 08:16:37 GMT
original.png
d2gcv4sxt84gxu.cloudfront.net/uploads/logo_mobile/18/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/uploads/logo_mobile/18/original.png?1452212908
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90b50aab46b43819b22d95258c9549aa7bea51451df367c91a3b60ed8916d1e4

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 21 Jan 2020 17:30:20 GMT
Via
1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Last-Modified
Fri, 08 Jan 2016 00:28:30 GMT
Server
AmazonS3
Age
618
ETag
"3973b338b426e0ce07e6a1544ad079aa"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1635
X-Amz-Cf-Id
chpEBzsyPkRKbcW7luo0-4Ka3oijgFZiUQxi0-XAXhe_XUfMoASbEQ==
Expires
Sat, 07 Jan 2017 08:16:37 GMT
default-user-avatars-original-d5efadcf497ea7b3d86c6f8d148d66633a29ce78fa8391af628adf32d9989354.png
d2gcv4sxt84gxu.cloudfront.net/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/assets/default-user-avatars-original-d5efadcf497ea7b3d86c6f8d148d66633a29ce78fa8391af628adf32d9989354.png
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5efadcf497ea7b3d86c6f8d148d66633a29ce78fa8391af628adf32d9989354

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 21 Jan 2020 12:55:02 GMT
Via
1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Last-Modified
Fri, 17 Jan 2020 10:27:22 GMT
Server
AmazonS3
Age
17136
ETag
"bae48bd4da42d58b331aa00e47c4afc9"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=1314000
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4574
X-Amz-Cf-Id
IrDyz0iFQUQNoW-8Qs-OzFEZZCenhmObe8Y-Ro1Rvr25dzWV7NIUhg==
application-04f6cbf334e197734ba30f8de08a25f31ab90734bc6d03cfd421e22aed3c5fd3.js
d2gcv4sxt84gxu.cloudfront.net/assets/bs4/ 		996 KB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/assets/bs4/application-04f6cbf334e197734ba30f8de08a25f31ab90734bc6d03cfd421e22aed3c5fd3.js
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04f6cbf334e197734ba30f8de08a25f31ab90734bc6d03cfd421e22aed3c5fd3

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 13 Jan 2020 00:23:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jan 2020 11:20:57 GMT
Server
AmazonS3
Age
753428
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
Cache-Control
max-age=1314000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
X-Amz-Cf-Id
OTk2vL9U2e7frt4Nv00GoTwJdqU8RPzaQB8-B9KtUAzK3IXca9PvVQ==
firefoxpatch-b4ff8b57a837b65660c35d51716ec020fea6487809b38c8ae530122a94715904.js
d2gcv4sxt84gxu.cloudfront.net/assets/ 		281 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/assets/firefoxpatch-b4ff8b57a837b65660c35d51716ec020fea6487809b38c8ae530122a94715904.js
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ff8b57a837b65660c35d51716ec020fea6487809b38c8ae530122a94715904

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 13 Jan 2020 00:23:30 GMT
Via
1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Last-Modified
Sun, 12 Jan 2020 11:21:43 GMT
Server
AmazonS3
Age
753428
ETag
"1ec0a31c354ad0ba31561ae7d791d74e"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=1314000
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
281
X-Amz-Cf-Id
IvzeCjLK6GD7ECZcp3vS2o13ueKv0Fo3MTZ41Pg2CixtnpXsD_QJYA==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f104a65314b7b2852297f06b83269afeee3d8c58da1e04ff994574be632b2b2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2
d2gcv4sxt84gxu.cloudfront.net/assets/font-awesome/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://d2gcv4sxt84gxu.cloudfront.net/assets/bs4/application-820887350e255fcf442910ba3bcecc2484d8739ea1b7666ca34a16b170441754.css
Origin
https://ffa.lc.intuit.com

Response headers

Date
Tue, 21 Jan 2020 17:30:20 GMT
Via
1.1 59574f77a7cf2d23d64904db278e5711.cloudfront.net (CloudFront)
Age
618
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
66624
Last-Modified
Fri, 17 Jan 2020 10:23:12 GMT
Server
AmazonS3
ETag
"db812d8a70a4e88e888744c1c9a27e89"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=1314000
X-Amz-Cf-Pop
FRA53
Accept-Ranges
bytes
X-Amz-Cf-Id
Zd2MeWjzgH9hhDu46CF1wdufVxVTi7J-ZJ8xhBeUPTL2Z5Ol4GEK6Q==
AvenirLT-Roman-6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424.woff
d2gcv4sxt84gxu.cloudfront.net/assets/Avenir/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2gcv4sxt84gxu.cloudfront.net/assets/Avenir/AvenirLT-Roman-6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424.woff
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://d2gcv4sxt84gxu.cloudfront.net/assets/bs4/application-820887350e255fcf442910ba3bcecc2484d8739ea1b7666ca34a16b170441754.css
Origin
https://ffa.lc.intuit.com

Response headers

Date
Tue, 21 Jan 2020 17:30:20 GMT
Via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
Age
618
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
22878
Last-Modified
Fri, 17 Jan 2020 10:26:05 GMT
Server
AmazonS3
ETag
"5c03aacd879127e5f200ca7fdc2816cc"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=1314000
X-Amz-Cf-Pop
FRA53
Accept-Ranges
bytes
X-Amz-Cf-Id
7G7i32DHuTjHMk7Yh3QPjlXE01pXI3IgBRIYRSwgsrZsQNSgsnaGVQ==
ividFrame.html
accounts.intuit.com/ Frame 6226 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/ividFrame.html
Requested by
Host: dwum8argi892z.cloudfront.net
URL: https://dwum8argi892z.cloudfront.net/js/cdc_lib_min_1.8.28.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.246.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-132.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d287278ba5a303b4826efcc10582f28d906aaf8d2cc92a44367d0d899e1dd2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.intuit.com
:scheme
https
:path
/ividFrame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-site
sec-fetch-mode
nested-navigate
referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
accept-encoding
gzip, deflate, br
cookie
websdk_swiper_flags=first_sc_hit%2Cwait_for_sc%2Civid_not_ready; ivid_b=5bd2b36c-4305-4927-a125-28ee6343ffd7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry

Response headers

status
200
content-type
text/html;charset=UTF-8
server
nginx
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache no-store
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow, noarchive, nosnippet, noimageindex, notranslate
content-language
en-US
vary
Accept-Encoding
content-encoding
gzip
date
Tue, 21 Jan 2020 17:40:37 GMT
content-length
1824
set-cookie
ivid=54385107-64e7-4cce-a499-ba7291d63dc6; Max-Age=157680000; Expires=Sun, 19-Jan-2025 17:40:37 GMT; Domain=intuit.com; Path=/ ivid_b=5bd2b36c-4305-4927-a125-28ee6343ffd7; Max-Age=157680000; Expires=Sun, 19-Jan-2025 17:40:37 GMT; Domain=intuit.com; Path=/
oii-ivid-perisistence.js
accounts.intuit.com/scripts/ Frame 6226 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.intuit.com/scripts/oii-ivid-perisistence.js?v=1.17
Requested by
Host: accounts.intuit.com
URL: https://accounts.intuit.com/ividFrame.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.246.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-132.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e8f483c327eb09c9776f9b2e56fcf31602993489c79ae92e492e5a437f5cea4e

Request headers

Referer
https://accounts.intuit.com/ividFrame.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 21 Jan 2020 17:40:37 GMT
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 02:58:57 GMT
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
status
200
cache-control
max-age=86015
accept-ranges
bytes
content-length
4497
expires
Wed, 22 Jan 2020 17:34:12 GMT
nr-1158.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1158.min.js
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 21 Jan 2020 17:40:37 GMT
content-encoding
gzip
x-amz-request-id
11FEE1152DB0EE3C
x-cache
HIT
status
200
content-length
10068
x-amz-id-2
MUaeQJa9hF5/JSfUD4HoWNAu5ysTiWs6VvC7g/Ta4x/G7YfoQETVwPPJE8AoOQqQ+YfklJB27WQ=
x-served-by
cache-hhn4027-HHN
last-modified
Wed, 18 Dec 2019 00:24:13 GMT
server
AmazonS3
x-timer
S1579628438.750237,VS0,VE0
etag
"0be8452b990e805f60431dce9e0279b2"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
31732
5e3090764a
bam.nr-data.net/1/ 		57 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/5e3090764a?a=16455065&v=1158.afc605b&to=Jg1bRkFaXllTER1HFgARQVtcW0EaRQtdQQ%3D%3D&rst=2682&ref=https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry&ap=91&be=1766&fe=2563&dc=2117&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1579628435091,%22n%22:0,%22f%22:1012,%22dn%22:1012,%22dne%22:1121,%22c%22:1121,%22s%22:1141,%22ce%22:1452,%22rq%22:1452,%22rp%22:1720,%22rpe%22:1763,%22dl%22:1722,%22di%22:2117,%22ds%22:2117,%22de%22:2121,%22dc%22:2562,%22l%22:2562,%22le%22:2563%7D,%22navigation%22:%7B%7D%7D&fp=2030&fcp=2030&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1158.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5e3090764a
bam.nr-data.net/events/1/ 		24 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/5e3090764a?a=16455065&v=1158.afc605b&to=Jg1bRkFaXllTER1HFgARQVtcW0EaRQtdQQ%3D%3D&rst=12682&ref=https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Requested by
Host: ffa.lc.intuit.com
URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Origin
https://ffa.lc.intuit.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://ffa.lc.intuit.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require function| intuitWebAnalyticsClone object| WebMojo undefined| currWebSDK object| intuit object| TTU_Provider undefined| uuid function| clone object| LC object| i18n_phrases function| _classCallCheck function| _possibleConstructorReturn function| _inherits undefined| Util undefined| _createClass undefined| Alert undefined| Button undefined| _typeof undefined| Carousel undefined| Collapse undefined| Dropdown undefined| Modal undefined| ScrollSpy undefined| Tab undefined| Tooltip undefined| Popover undefined| _extends undefined| wysihtml5 undefined| Base object| Turbolinks function| $ function| jQuery function| _ object| salvattore number| len boolean| subscribedForEvent

4 Cookies

Domain/Path Name / Value
.intuit.com/ Name: ivid
Value: 54385107-64e7-4cce-a499-ba7291d63dc6
.intuit.com/ Name: websdk_swiper_flags
Value: first_sc_hit%2Cwait_for_sc
.intuit.com/ Name: ivid_b
Value: 5bd2b36c-4305-4927-a125-28ee6343ffd7
ffa.lc.intuit.com/ Name: _session_id
Value: aWliMGROMzBxcmhlRWgyMWNmTFY5VXB0aUt5N1RiMnBtWUxVT1lsenhOSWp0UFlhYjcrZFA4bXowOWxmSXBXanlQUjE0TVhoeFZDUU5abXJ3NDllemRITnA4WDZMRGVQY0E1eUpCcGtSdlVFMGFKekN4VkMvSnFtK1M3V21pSExVcXZMNWsrd2Vmak1NOVNCejNCVUZHQWVoYXFpOHlFWEl1R21oZE52Z29ZeFhmQjZ5WC96bFBDNGpQVldpd3dGeXRmalRUeEJESU1DR1p6dlhPcjZRT0szaWR0K1BSZFB2aC93Qk5JQzZwR3FqQjF0d2JFU3UxVzVlVjRWdFdWbHFCZHdOUVNMcE56c1FJTUZ2Tjc4aHNNR05HZlJvbys1RjRSSHc0c0lwTVJqbHdnTXc2UXV1dFZDbjJUR1BHY3E4bERmbUhweS9BakNMMGFRakxQRldKd3JSMkgvSlo2RlV2V0kySmFKek5VTnlwK2dNWEtlcnlHUmVwbUt1UWNILS1US3ZIZmtYdEcvc1hPYzFrbXExTThBPT0%3D--5123aa0088295b9b00c9ca26a4ef78d7b1255774

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options