ffa.lc.intuit.com
Open in
urlscan Pro
52.11.18.144
Public Scan
Effective URL: https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-...
Submission: On January 21 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 10th 2019. Valid for: a year.
This is the only time ffa.lc.intuit.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 12.130.158.196 12.130.158.196 | 21621 (RESPONSYS-2) (RESPONSYS-2) | |
1 | 52.11.18.144 52.11.18.144 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 52.222.155.113 52.222.155.113 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.222.149.192 52.222.149.192 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 104.111.246.132 104.111.246.132 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.242.20 162.247.242.20 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
15 | 7 |
ASN21621 (RESPONSYS-2, US)
PTR: e.turbotax.intuit.com
e.turbotax.intuit.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-18-144.us-west-2.compute.amazonaws.com
ffa.lc.intuit.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-155-113.fra53.r.cloudfront.net
d2gcv4sxt84gxu.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-192.fra53.r.cloudfront.net
dwum8argi892z.cloudfront.net |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-246-132.deploy.static.akamaitechnologies.com
accounts.intuit.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
cloudfront.net
d2gcv4sxt84gxu.cloudfront.net dwum8argi892z.cloudfront.net |
481 KB |
4 |
intuit.com
1 redirects
e.turbotax.intuit.com ffa.lc.intuit.com accounts.intuit.com |
22 KB |
2 |
nr-data.net
bam.nr-data.net |
443 B |
1 |
newrelic.com
js-agent.newrelic.com |
10 KB |
15 | 4 |
Domain | Requested by | |
---|---|---|
8 | d2gcv4sxt84gxu.cloudfront.net |
ffa.lc.intuit.com
|
2 | bam.nr-data.net |
js-agent.newrelic.com
ffa.lc.intuit.com |
2 | accounts.intuit.com |
dwum8argi892z.cloudfront.net
accounts.intuit.com |
1 | js-agent.newrelic.com |
ffa.lc.intuit.com
|
1 | dwum8argi892z.cloudfront.net |
ffa.lc.intuit.com
|
1 | ffa.lc.intuit.com | |
1 | e.turbotax.intuit.com | 1 redirects |
15 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
turbotax.intuit.com |
freefile.intuit.com |
security.intuit.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.lc.intuit.com DigiCert SHA2 Secure Server CA |
2019-07-10 - 2020-09-23 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
accounts-prd.intuit.com DigiCert SHA2 Secure Server CA |
2019-12-09 - 2020-12-12 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-04-10 - 2020-03-21 |
a year | crt.sh |
*.nr-data.net GeoTrust RSA CA 2018 |
2018-01-11 - 2020-03-17 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
Frame ID: FF50A5D0361D29EBC73C8125A4A49F18
Requests: 14 HTTP requests in this frame
Frame:
https://accounts.intuit.com/ividFrame.html
Frame ID: 622679063816BAE337836BD30FEA4575
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGmA3WzgBSuzcsynHYCMhyzauHzfuzgGJwzc5pzbKvj...
HTTP 302
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: contact us
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://e.turbotax.intuit.com/pub/cc?_ri_=X0Gzc2X%3DYQpglLjHJlTQGmA3WzgBSuzcsynHYCMhyzauHzfuzgGJwzc5pzbKvjd6HGqt5WOw4BPtsyIcugSPzb1qKTzfidAJCKoCVXtpKX%3DSWBUAAUST&_ei_=EmfBGUXzJ5nxgHg034i0GRvBKbCLq1eAE3dITlf4DU3TULLMGmHAWL5ZVk9tSZ5B_SLwZlf4P9qY8Z7se1D43ys-mR-SUk_IOzhgTZB2M8kg-cgUYYUWIccZlDDCrEdYp0QGj-yydJZWLK0qRpqbSbXAJW7osi0EUj5RHtZGHSXidon-hmMxa9OjQqjdbrk8htjCBNo8Z8HPksntLxCRk8aJof-459YPbMB7wgxHxbSy.
HTTP 302
https://ffa.lc.intuit.com/questions/1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
1529303-i-received-a-turbotax-email-or-text-message-addressed-to-a-stranger-do-i-need-to-worry
ffa.lc.intuit.com/questions/ Redirect Chain
|
40 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-820887350e255fcf442910ba3bcecc2484d8739ea1b7666ca34a16b170441754.css
d2gcv4sxt84gxu.cloudfront.net/assets/bs4/ |
298 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdc_lib_min_1.8.28.js
dwum8argi892z.cloudfront.net/js/ |
73 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
original.png
d2gcv4sxt84gxu.cloudfront.net/uploads/logos/18/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
original.png
d2gcv4sxt84gxu.cloudfront.net/uploads/logo_mobile/18/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-user-avatars-original-d5efadcf497ea7b3d86c6f8d148d66633a29ce78fa8391af628adf32d9989354.png
d2gcv4sxt84gxu.cloudfront.net/assets/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-04f6cbf334e197734ba30f8de08a25f31ab90734bc6d03cfd421e22aed3c5fd3.js
d2gcv4sxt84gxu.cloudfront.net/assets/bs4/ |
996 KB 271 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
firefoxpatch-b4ff8b57a837b65660c35d51716ec020fea6487809b38c8ae530122a94715904.js
d2gcv4sxt84gxu.cloudfront.net/assets/ |
281 B 779 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2
d2gcv4sxt84gxu.cloudfront.net/assets/font-awesome/ |
65 KB 66 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AvenirLT-Roman-6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424.woff
d2gcv4sxt84gxu.cloudfront.net/assets/Avenir/ |
22 KB 23 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ividFrame.html
accounts.intuit.com/ Frame 6226 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oii-ivid-perisistence.js
accounts.intuit.com/scripts/ Frame 6226 |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1158.min.js
js-agent.newrelic.com/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5e3090764a
bam.nr-data.net/1/ |
57 B 259 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
5e3090764a
bam.nr-data.net/events/1/ |
24 B 184 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require function| intuitWebAnalyticsClone object| WebMojo undefined| currWebSDK object| intuit object| TTU_Provider undefined| uuid function| clone object| LC object| i18n_phrases function| _classCallCheck function| _possibleConstructorReturn function| _inherits undefined| Util undefined| _createClass undefined| Alert undefined| Button undefined| _typeof undefined| Carousel undefined| Collapse undefined| Dropdown undefined| Modal undefined| ScrollSpy undefined| Tab undefined| Tooltip undefined| Popover undefined| _extends undefined| wysihtml5 undefined| Base object| Turbolinks function| $ function| jQuery function| _ object| salvattore number| len boolean| subscribedForEvent4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.intuit.com/ | Name: ivid Value: 54385107-64e7-4cce-a499-ba7291d63dc6 |
|
.intuit.com/ | Name: websdk_swiper_flags Value: first_sc_hit%2Cwait_for_sc |
|
.intuit.com/ | Name: ivid_b Value: 5bd2b36c-4305-4927-a125-28ee6343ffd7 |
|
ffa.lc.intuit.com/ | Name: _session_id Value: aWliMGROMzBxcmhlRWgyMWNmTFY5VXB0aUt5N1RiMnBtWUxVT1lsenhOSWp0UFlhYjcrZFA4bXowOWxmSXBXanlQUjE0TVhoeFZDUU5abXJ3NDllemRITnA4WDZMRGVQY0E1eUpCcGtSdlVFMGFKekN4VkMvSnFtK1M3V21pSExVcXZMNWsrd2Vmak1NOVNCejNCVUZHQWVoYXFpOHlFWEl1R21oZE52Z29ZeFhmQjZ5WC96bFBDNGpQVldpd3dGeXRmalRUeEJESU1DR1p6dlhPcjZRT0szaWR0K1BSZFB2aC93Qk5JQzZwR3FqQjF0d2JFU3UxVzVlVjRWdFdWbHFCZHdOUVNMcE56c1FJTUZ2Tjc4aHNNR05HZlJvbys1RjRSSHc0c0lwTVJqbHdnTXc2UXV1dFZDbjJUR1BHY3E4bERmbUhweS9BakNMMGFRakxQRldKd3JSMkgvSlo2RlV2V0kySmFKek5VTnlwK2dNWEtlcnlHUmVwbUt1UWNILS1US3ZIZmtYdEcvc1hPYzFrbXExTThBPT0%3D--5123aa0088295b9b00c9ca26a4ef78d7b1255774 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.intuit.com
bam.nr-data.net
d2gcv4sxt84gxu.cloudfront.net
dwum8argi892z.cloudfront.net
e.turbotax.intuit.com
ffa.lc.intuit.com
js-agent.newrelic.com
104.111.246.132
12.130.158.196
151.101.114.110
162.247.242.20
52.11.18.144
52.222.149.192
52.222.155.113
005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a
00587db4d8f7b887c18d68df882f279f700abb10b72a77e8704d6e8d28ec73bf
04f6cbf334e197734ba30f8de08a25f31ab90734bc6d03cfd421e22aed3c5fd3
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f104a65314b7b2852297f06b83269afeee3d8c58da1e04ff994574be632b2b2
3a05768d512e875d38176b81835636e68fe68a265dbf852398380f52ddd2ae4c
587e3aaa55e1a30d2bb997681bd8ac90e2ae3da85b5f8d297c214efce63a62f6
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61e4edca5782348d1c45cacb545821e4e7627ab521c0a018b349970d01542163
6d1cffd4b740849ae0aa7408c90a2aeff1c78608432edf8c0c68466fa1169424
90b50aab46b43819b22d95258c9549aa7bea51451df367c91a3b60ed8916d1e4
b4ff8b57a837b65660c35d51716ec020fea6487809b38c8ae530122a94715904
d287278ba5a303b4826efcc10582f28d906aaf8d2cc92a44367d0d899e1dd2c7
d5efadcf497ea7b3d86c6f8d148d66633a29ce78fa8391af628adf32d9989354
e8f483c327eb09c9776f9b2e56fcf31602993489c79ae92e492e5a437f5cea4e
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995