0

Intuit CNAME records and blocking of logging.api.intuit.com

Intuit's TurboTax software is very chatty to internet domains, beyond intuit.com. I see that logging.api.intuit.com is blocked by NextDNS Ads & Trackers, as well as No Tracking lists.

However, when denied, TurboTax seems to contact the upstream CNAME domains for logging.api.intuit.com. Those domains don't seem directly blocked.

While this doesn't seem to be CNAME Cloaking, doesn't it defeat blocking of logging.api.intuit.com? Or am I misunderstanding this?

; <<>> DiG 9.10.6 <<>> @9.9.9.9 logging.api.intuit.com
;; QUESTION SECTION:
;logging.api.intuit.com.        IN    A
;; ANSWER SECTION:
logging.api.intuit.com.    22    IN    CNAME    logging.prd.api.a.intuit.com.
logging.prd.api.a.intuit.com. 5    IN    CNAME    logging-us-west-2.prd.api.a.intuit.com.
logging-us-west-2.prd.api.a.intuit.com.    5 IN CNAME sw11_us-west-2_web.prd.api.a.intuit.com.
sw11_us-west-2_web.prd.api.a.intuit.com. 50 IN CNAME sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com.
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 4 IN A 44.235.92.60
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 4 IN A 54.69.247.146
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 4 IN A 52.13.158.191
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 4 IN A 44.237.87.70
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 4 IN A 34.217.241.59
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 4 IN A 52.10.169.19
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 4 IN A 34.213.31.91
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 4 IN A 54.201.76.87

; <<>> DiG 9.10.6 <<>> @9.9.9.9 logging.prd.api.a.intuit.com
;; QUESTION SECTION:
;logging.prd.api.a.intuit.com.    IN    A
;; ANSWER SECTION:
logging.prd.api.a.intuit.com. 3    IN    CNAME    logging-us-west-2.prd.api.a.intuit.com.
logging-us-west-2.prd.api.a.intuit.com.    3 IN CNAME sw11_us-west-2_web.prd.api.a.intuit.com.
sw11_us-west-2_web.prd.api.a.intuit.com. 49 IN CNAME sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com.
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 49 IN    A 34.213.142.164
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 49 IN    A 44.237.87.70
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 49 IN    A 52.13.158.191
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 49 IN    A 54.201.76.87
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 49 IN    A 54.69.247.146
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 49 IN    A 44.242.107.72
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 49 IN    A 52.10.169.19
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 49 IN    A 52.24.120.90

; <<>> DiG 9.10.6 <<>> @9.9.9.9 logging-us-west-2.prd.api.a.intuit.com
;; QUESTION SECTION:
;logging-us-west-2.prd.api.a.intuit.com.    IN A
;; ANSWER SECTION:
logging-us-west-2.prd.api.a.intuit.com.    5 IN CNAME sw11_us-west-2_web.prd.api.a.intuit.com.
sw11_us-west-2_web.prd.api.a.intuit.com. 60 IN CNAME sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com.
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 60 IN    A 34.214.79.180
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 60 IN    A 54.201.76.87
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 60 IN    A 54.69.247.146
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 60 IN    A 52.24.120.90
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 60 IN    A 44.242.107.72
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 60 IN    A 34.217.241.59
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 60 IN    A 44.237.87.70
sw11prdwebbluealb-1282767806.us-west-2.elb.amazonaws.com. 60 IN    A 52.13.158.191

1 reply

null
    • jond_7
    • 2 yrs ago
    • Reported - view

    Bueller… Bueller?

Content aside

  • 2 yrs agoLast active
  • 1Replies
  • 91Views
  • 2 Following