sofiapp.cfd Open in urlscan Pro
78.140.140.218 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXox...
Submission: On February 26 via manual (February 26th 2024, 10:17:45 pm UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 81 HTTP transactions. The main IP is 78.140.140.218, located in Cyprus and belongs to WEBZILLA, NL. The main domain is sofiapp.cfd.

This is the only time sofiapp.cfd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SoFi (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	78.140.140.218 78.140.140.218	35415 (WEBZILLA) (WEBZILLA)
1	2600:9000:244... 2600:9000:2449:cc00:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	52.222.165.229 52.222.165.229	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211a:5400:10:8d:3740:21	16509 (AMAZON-02) (AMAZON-02)
2	13.33.193.10 13.33.193.10	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1f64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:275... 2600:9000:275d:4a00:19:f7cc:81c0:21	16509 (AMAZON-02) (AMAZON-02)
1	52.218.101.147 52.218.101.147	16509 (AMAZON-02) (AMAZON-02)
14	91.235.132.67 91.235.132.67	30286 (THM) (THM)
1	18.66.122.44 18.66.122.44	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7c60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.64.149.225 172.64.149.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b900:3169:462d:2c37:b982	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
10	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	18.207.68.144 18.207.68.144	14618 (AMAZON-AES) (AMAZON-AES)
1	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
81	24

1 78.140.140.218 (Cyprus)

ASN35415 (WEBZILLA, NL)
PTR: cpanel10.v.fozzy.com

sofiapp.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:cc00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.165.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-165-229.cdg52.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211a:5400:10:8d:3740:21 (United States)

ASN16509 (AMAZON-02, US)

d3331otr86r7j1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.193.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-193-10.fra60.r.cloudfront.net

cdn.geocomply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f64 (United States)

ASN13335 (CLOUDFLARENET, US)

platform-websdk.transmitsecurity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275d:4a00:19:f7cc:81c0:21 (United States)

ASN16509 (AMAZON-02, US)

d25w3v87zu4vev.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.101.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 91.235.132.67 (United States)

ASN30286 (THM, US)

st10.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-44.fra60.r.cloudfront.net

js.dvnfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7c60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

form-builder.pifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
form-builder-dn.pifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.149.225 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:3169:462d:2c37:b982 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

form-builder-dn.pifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.207.68.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-68-144.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

5ugj8dr87emh6k3iegs46dib3gesrekhm56mde6gbb3fc99a22c8500dam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	pifyapp.com form-builder.pifyapp.com — Cisco Umbrella Rank: 714303 form-builder-dn.pifyapp.com — Cisco Umbrella Rank: 338726	301 KB
18	sofi.com st10.sofi.com — Cisco Umbrella Rank: 117867 www.sofi.com — Cisco Umbrella Rank: 49388 fp.sofi.com — Cisco Umbrella Rank: 159711 ts-risk.sofi.com Failed	137 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 330	142 KB
8	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 547 events.launchdarkly.com — Cisco Umbrella Rank: 951	1 KB
5	cloudfront.net d3331otr86r7j1.cloudfront.net d25w3v87zu4vev.cloudfront.net	98 KB
2	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 2595 5ugj8dr87emh6k3iegs46dib3gesrekhm56mde6gbb3fc99a22c8500dam1.e.aa.online-metrix.net	16 KB
2	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2362	686 B
2	geocomply.com cdn.geocomply.com — Cisco Umbrella Rank: 126367	275 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	3 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 554	296 B
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 5953	459 B
1	dvnfo.com js.dvnfo.com — Cisco Umbrella Rank: 90193	42 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	19 KB
1	transmitsecurity.io platform-websdk.transmitsecurity.io — Cisco Umbrella Rank: 97622	77 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1415	48 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6425	62 KB
1	sofiapp.cfd sofiapp.cfd	11 KB
81	18

	Domain	Requested by
20	form-builder-dn.pifyapp.com	sofiapp.cfd form-builder-dn.pifyapp.com
14	st10.sofi.com	sofiapp.cfd st10.sofi.com
10	cdn.cookielaw.org	sofiapp.cfd www.datadoghq-browser-agent.com cdn.cookielaw.org
4	events.launchdarkly.com	www.datadoghq-browser-agent.com
4	app.launchdarkly.com	www.datadoghq-browser-agent.com
3	d3331otr86r7j1.cloudfront.net	sofiapp.cfd
2	fp.sofi.com	www.datadoghq-browser-agent.com
2	rum.browser-intake-datadoghq.com	www.datadoghq-browser-agent.com
2	www.sofi.com	www.datadoghq-browser-agent.com
2	d25w3v87zu4vev.cloudfront.net	sofiapp.cfd
2	cdn.geocomply.com	sofiapp.cfd cdn.geocomply.com
1	5ugj8dr87emh6k3iegs46dib3gesrekhm56mde6gbb3fc99a22c8500dam1.e.aa.online-metrix.net
1	h.online-metrix.net	st10.sofi.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	form-builder-dn.pifyapp.com
1	geolocation.onetrust.com	www.datadoghq-browser-agent.com
1	form-builder.pifyapp.com	sofiapp.cfd
1	www.cloudflare.com	www.datadoghq-browser-agent.com
1	js.dvnfo.com	sofiapp.cfd
1	s3-eu-west-1.amazonaws.com	sofiapp.cfd
1	platform-websdk.transmitsecurity.io	sofiapp.cfd
1	www.datadoghq-browser-agent.com	sofiapp.cfd
1	cdn.auth0.com	sofiapp.cfd
1	sofiapp.cfd
0	ts-risk.sofi.com Failed	www.datadoghq-browser-agent.com
81	25

This site contains links to these domains. Also see Links.

Domain
www.sofi.com
support.sofi.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.geocomply.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-07-10` - `2024-07-09`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-10` - `2024-05-08`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2024-01-31` - `2025-01-15`	a year	crt.sh
st10.sofi.com Go Daddy Secure Certificate Authority - G2	`2023-03-27` - `2024-04-06`	a year	crt.sh
*.dvnfo.com Amazon RSA 2048 M02	`2023-05-23` - `2024-06-20`	a year	crt.sh
www.cloudflare.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh
pifyapp.com Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.sofi.com Go Daddy Secure Certificate Authority - G2	`2023-11-28` - `2024-12-29`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Frame ID: 1432BA5935F5F4F17ACA2D03E5AB2FE2
Requests: 37 HTTP requests in this frame

Frame: https://form-builder-dn.pifyapp.com/form/s/15731
Frame ID: 96439B9E81ACA2124DC9A5DFF1FE61B9
Requests: 22 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/check.js;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&jb=373926246a716f7d35556b6c6467777326687b6735556166666f7773273032333326687360753d4168706f656d24687162354368726d656d2d3038393032
Frame ID: 1303F8E46B45D969E7F87A9A3786FC9B
Requests: 8 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/HP?session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&org_id=5ugj8dr8&nonce=bb3fc99a22c8500d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 27A9DCF279DA1E3B96E67BAB36DB2660
Requests: 3 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/ls_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d
Frame ID: D7409A51039F93C43E5E3734342FD11C
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d
Frame ID: B08DDC2FE9745D1D8A8A9B5894F955D6
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/top_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d
Frame ID: 969E4670B6564B8CAC3288F73C116811
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - SoFi

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

95 %
HTTPS

52 %
IPv6

18
Domains

25
Subdomains

24
IPs

4
Countries

1249 kB
Transfer

4741 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sofi.com/

Search URL Search Domain Scan URL

URL: https://support.sofi.com/hc/en-us/sections/360010482151-Troubleshooting
Title: Help

Search URL Search Domain Scan URL

URL: https://www.sofi.com/privacy-policies/
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: https://www.sofi.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.sofi.com/online-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.html Show response
sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/ 38 KB
11 KB 97ms
24ms Document
text/html 78.140.140.218
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: HTTP/1.1
Server: 78.140.140.218 , Cyprus, ASN35415 (WEBZILLA, NL),
Reverse DNS: cpanel10.v.fozzy.com
Software: LiteSpeed /
Resource Hash: b0b5456e079b93dfe868be4c0f53b773e9ce54a95b2bd4f7460cf07cca557cf0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 10507
content-type: text/html
date: Mon, 26 Feb 2024 22:17:40 GMT
last-modified: Thu, 22 Feb 2024 12:56:41 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.83.3/css/ 266 KB
62 KB 124ms
30ms Stylesheet
text/css 2600:9000:2449:cc00:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/ulp/react-components/1.83.3/css/main.cdn.min.css

Requested by

Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:cc00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a7017ff1f3138504fc8a0fce18ad30710b171330bd5ffc4b59ba3560206bcfef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: xvZx4bXKVUdxADpemtq1CO.6YrGi3m4c
content-encoding: gzip
via: 1.1 8c1b0d772e0acbdf68d346f16fbb34ea.cloudfront.net (CloudFront)
date: Mon, 26 Feb 2024 10:14:48 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: AMS58-P6
age: 43373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Tue, 05 Dec 2023 19:00:07 GMT
server: AmazonS3
etag: W/"89363e0a7380adc9046714a5a22a0248"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000,public
x-robots-tag: noindex
x-amz-cf-id: EeE15aHT6V_KKWJmLPVu33ci4juSa_fHgrZcDHK6KUEt_skADVn2Lw==

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 150 KB
48 KB 108ms
32ms Script
application/javascript 52.222.165.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.165.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-165-229.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:30 GMT
content-encoding: br
via: 1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 11
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: XJ1_u59GFz4HnqmWNxzF5miAXZl7empU6VYvrTd8PMoKvkuuL3aWyg==

GET
H2 200 ldclient:3.1.4.min.js Show response
d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/scripts/ 53 KB
19 KB 136ms
38ms Script
application/javascript 2600:9000:211a:5400:10:8d:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/scripts/ldclient:3.1.4.min.js
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:5400:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be88542bc94765d005d79ae6d6119cdf5ac312260acee2a1d9cccb577d0e14ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: g9v7BKuAmKJtSKinBL6kg80lVELbUEr2
content-encoding: gzip
via: 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
date: Mon, 26 Feb 2024 04:13:13 GMT
x-amz-cf-pop: VIE50-C2
age: 65068
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 23 Feb 2024 02:38:59 GMT
server: AmazonS3
etag: W/"547ed7944ebc6e9f8c3a50590f3abd39"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: rqkY-Ahh27MDQeSn2G8LLy4DPP37balg8mkAnFGRQAzxiHHJ62Gdlw==

GET
H2 200 gc-html5.js Show response
cdn.geocomply.com/191/ 520 KB
188 KB 118ms
24ms Script
application/javascript 13.33.193.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.geocomply.com/191/gc-html5.js
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.193.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-193-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86bb6a1fe8c41c3bcb8a7ff89233d87e96e2c091903add96e34ae38c3237df89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: 20fK9GjFsi0ofQZz9IPAHSxUQjbd989u
content-encoding: gzip
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
date: Mon, 26 Feb 2024 05:39:32 GMT
last-modified: Tue, 30 Jan 2024 10:22:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 59889
x-amz-server-side-encryption: AES256
etag: W/"aaff425aeb2839020617c7fbb21efc75"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: LnT-OsTqsuQ7Xe6bkeuX7j2OfFBFg8Cq9V7KPZqeKjKfPWZBlHc4xg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 82ms
33ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 61698
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 02:34:49 GMT
server: cloudflare
etag: 0x8DC3673814A08A2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5c85c90d-101e-007e-7f61-68a9c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85bb8f3a4fad3820-FRA

GET
H2 200 ts-platform-websdk.js Show response
platform-websdk.transmitsecurity.io/platform-websdk/latest/ 265 KB
77 KB 335ms
252ms Script
application/javascript 2606:4700::6812:1f64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-websdk.transmitsecurity.io/platform-websdk/latest/ts-platform-websdk.js
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 750b51c455cf50f416fc103d3f0a56bdd72863523dd3c06474df640de26afae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:40 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPr_P6UD2s4x0o33OYgZkYuoTPaXwfPB-Q-hYGeIUzEWPmbYfXlTMpsfvXR1OfiAvVr1mW8AjIVEig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Sun, 25 Feb 2024 08:30:35 GMT
server: cloudflare
etag: W/"225f68e99092a0685bb33d91bb33023c"
vary: Accept-Encoding
x-goog-generation: 1708849835369222
content-type: application/javascript
x-goog-hash: crc32c=9+paOw==, md5=Il9o6ZCSoGhbsz2RuzMCPA==
cache-control: public, max-age=14400
x-goog-stored-content-length: 271715
cf-ray: 85bb8f3bab8165cc-FRA
expires: Tue, 27 Feb 2024 02:17:40 GMT

GET
H2 200 sofi_logo_white_416x116.png
d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/branding/logos/ 10 KB
10 KB 130ms
33ms Image
image/png 2600:9000:211a:5400:10:8d:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/branding/logos/sofi_logo_white_416x116.png
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:5400:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: HPIA_MgN12RIpH41zMPQ2BasBRLYkYaW
date: Mon, 26 Feb 2024 04:13:26 GMT
via: 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 65055
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 9807
last-modified: Fri, 23 Feb 2024 02:38:59 GMT
server: AmazonS3
etag: "8c552e626b8b5369201a4e722ed44821"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: UKhuVJQygKJDPgFGhCNpuF4PSkGzmqWt02EFZ99rULYNmnJ5qdgKfQ==

GET
H2 200 7331d0a5289a23fb1966.png
d25w3v87zu4vev.cloudfront.net/sofiinc/auth/sofi-auth/main/static/media/ 22 KB
23 KB 72ms
21ms Image
image/png 2600:9000:275d:4a00:19:f7cc:81c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25w3v87zu4vev.cloudfront.net/sofiinc/auth/sofi-auth/main/static/media/7331d0a5289a23fb1966.png
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4a00:19:f7cc:81c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: xcvc9X4FxU807lP7u7NmNZHvLyiS_oYd
date: Mon, 26 Feb 2024 04:10:06 GMT
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 65255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 22918
last-modified: Fri, 23 Feb 2024 02:43:12 GMT
server: AmazonS3
etag: "c1951397bd895334b0ab41b7e16bb841"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: sfTBcbZlG9pCcAAJjmpzz-z33RjB0sTxyzRizs8GWyfZI5xZ-A05BQ==

GET
H2 200 a26e7094b0235d2942ad.png
d25w3v87zu4vev.cloudfront.net/sofiinc/auth/sofi-auth/main/static/media/ 25 KB
26 KB 21ms
21ms Image
image/png 2600:9000:275d:4a00:19:f7cc:81c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25w3v87zu4vev.cloudfront.net/sofiinc/auth/sofi-auth/main/static/media/a26e7094b0235d2942ad.png
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4a00:19:f7cc:81c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: Jjo792B__uQXV5ixFAESmBmL8mGf8luz
date: Mon, 26 Feb 2024 05:50:11 GMT
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 59250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 26088
last-modified: Fri, 23 Feb 2024 02:43:12 GMT
server: AmazonS3
etag: "4bb7e2b1deae2699608816c857b70334"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: U9uZleiPty0WfxLrRcA5eanZPLbulCIPlQsN94IHlZctymqo5s_vvg==

GET
H/1.1 200
OK 0x0.png
s3-eu-west-1.amazonaws.com/tpd/logos/5605d6460000ff000583b7d2/ 19 KB
19 KB 163ms
62ms Image
image/png 52.218.101.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/tpd/logos/5605d6460000ff000583b7d2/0x0.png
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.101.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 734b5f8af2a3d77d664c4306cd97ba44f4f065966d57c34c094db079a51a7e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 22:17:41 GMT
Last-Modified: Thu, 09 Apr 2020 19:14:14 GMT
Server: AmazonS3
x-amz-request-id: DE44GXJD7FWX6APQ
ETag: "abccc3b77746080f69218245e6450307"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19313
x-amz-id-2: chR/pRxpWjbi0z2mBcOo/iB9n62+MGn0UlKSB7Mas/aN29WzYClPd3c+95u6YgDCGwvXxMtILRE=

GET
H/1.1 200
OK tags.js Show response
st10.sofi.com/fp/ 96 KB
13 KB 125ms
35ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&page_id=1&allow_reprofile=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

212caf96afef925399b89e4e7af9412084fdf9c9f33fee4e5ce5a2dc85e284b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 22:17:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 devicer.min.js Show response
js.dvnfo.com/ 41 KB
42 KB 87ms
22ms Script
application/javascript 18.66.122.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.dvnfo.com/devicer.min.js
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 03:03:45 GMT
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
last-modified: Mon, 30 Jan 2023 10:54:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 69369
x-amz-server-side-encryption: AES256
etag: "a9b687ac5b02886eefbb098c4495522b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 42146
x-amz-cf-id: zJ7irif-afs5uuhWT5XSmkdLR7Gv6_EKs-yHhAiU_Z52AH8oK_k0_Q==

GET
H2 200 gc-fp-wrapper.min.js Show response
cdn.geocomply.com/faas/solus/iife/ 235 KB
88 KB 21ms
21ms Script
application/javascript 13.33.193.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.geocomply.com/faas/solus/iife/gc-fp-wrapper.min.js
Requested by: Host: cdn.geocomply.com
URL: https://cdn.geocomply.com/191/gc-html5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.193.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-193-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b228e3f3f5b48402cb7ec7ed96e1df9d58dfbdc59c03097581d6d9941cd06cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: 1kLuKOrq6sSE6o6gRv9YCIv9yb3RGgdq
content-encoding: br
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
date: Mon, 26 Feb 2024 03:18:10 GMT
last-modified: Mon, 29 Jan 2024 17:45:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 70792
x-amz-server-side-encryption: AES256
etag: W/"1f35afda9ef3219a872cec2c9aa37880"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ZJrE4HjnaAZNI0_cuDW5pUsr7eiTupmV5wj23B3kbruSLlLnYFLTcA==

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 322 B
459 B 84ms
22ms Fetch
text/plain 2606:4700::6810:7c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ba9b3220ef32faedd7860a4de97ba4185ca6ee8fe1744229bb1d68463f9861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 85bb8f3bf83e5d9d-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 24cdcf72-0bb7-4281-832f-a3c0971510ee.json Show response
cdn.cookielaw.org/consent/24cdcf72-0bb7-4281-832f-a3c0971510ee/ 4 KB
2 KB 193ms
152ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/24cdcf72-0bb7-4281-832f-a3c0971510ee/24cdcf72-0bb7-4281-832f-a3c0971510ee.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ae87d78aab5b7c6936448bf87e64afe9db35199d91ebb2e27fc49b33a6a236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: rH7DWjShtkPiKgvfWSLHsA==
content-length: 1537
x-ms-lease-status: unlocked
last-modified: Tue, 24 Oct 2023 21:26:56 GMT
server: cloudflare
etag: 0x8DBD4D7F31C34BE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ab49b4c6-301e-0056-2e01-69c86c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85bb8f3bd8a0365a-FRA
expires: Tue, 27 Feb 2024 22:17:40 GMT

GET
H2 200 loading.gif
form-builder.pifyapp.com/assets/images/ 3 KB
4 KB 118ms
40ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://form-builder.pifyapp.com/assets/images/loading.gif?v=4.6
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ab1291f91042e175fa02a9c1d5d5881cd51a0fa1d5e45d5d1f9e8259f9bd50e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7829557
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 3526
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"dc6-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tb%2FnRdJVAzZPmglHSwdkK3CU2ewul75k5RlIscptwcbgKLbGKilzFFk5JrriUWWLag9DIaovlHmFlaQX2n5QpXAHmQQZWXoBEBODgU6g8G79nMVzWFD4%2FtrseYR%2FwAOLAxEa66D%2F%2Bglgd%2BXqAjR0kiCBoeaPZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 85bb8f3c2d5af1a0-CDG
expires: Sun, 26 May 2024 07:25:02 GMT

GET
H2 200 TTNorms-medium.woff2
d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/ 19 KB
20 KB 746ms
688ms Font
binary/octet-stream 2600:9000:211a:5400:10:8d:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/TTNorms-medium.woff2
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:5400:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411

Request headers

Referer: http://sofiapp.cfd/
Origin: http://sofiapp.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:42 GMT
x-amz-version-id: mtap.wiq3QW46_5YmLUZ3zYzOqToL94d
via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 19760
last-modified: Fri, 23 Feb 2024 02:38:59 GMT
server: AmazonS3
etag: "3e26a26dab9abc3132782dba39642cab"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Origin
accept-ranges: bytes
x-amz-cf-id: uL1NmcrEUPKfmjDfoBJq7So7fOuZOTI1BvEB66_bnlupQV_QiPboBw==

GET
H2 200 15731 Show response
form-builder-dn.pifyapp.com/form/s/ Frame 9643 21 KB
6 KB 672ms
653ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/form/s/15731
Requested by: Host: sofiapp.cfd
URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 13637c2d3a04a168df5e92ecb808fe82b8c1648a94d4fea62567bb2e0d70c9fe

Request headers

Referer: http://sofiapp.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: EXPIRED
cf-ray: 85bb8f3c4d77f1a0-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 22:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCMOYo83bA0NZ9%2FEQAE4QHDWuj3hORvUHQvOpwQDvQGQc4F%2BzUnQ%2BKZn%2FrenI5Pt%2FDutgrR04qm4dCxjgDgbU3c%2F7l4bKbXyZKzxbkx1e6VBCoD0237nQdneGGknIFVXKtHwCwG3mOzMI8wuNx56ERHTyQkG1%2F9J8es%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

OPTIONS
H2 200 62472aa6eca6dc15256d33b7
app.launchdarkly.com/sdk/goals/ Frame 0
0 79ms
24ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/62472aa6eca6dc15256d33b7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: http://sofiapp.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Mon, 26 Feb 2024 22:17:40 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230062-FRA
x-timer: S1708985861.562678,VS0,VE1

GET
H2 200 62472aa6eca6dc15256d33b7 Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 24ms
22ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/62472aa6eca6dc15256d33b7

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://sofiapp.cfd/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Feb 2024 22:17:40 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-eddf8230062-FRA
x-timer: S1708985861.588691,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyIsImlwIjoiMjAwMToxYjYwOjI6MjQwOjMyNDc6OjYifQ Show response
app.launchdarkly.com/sdk/evalx/62472aa6eca6dc15256d33b7/contexts/ 652 B
595 B 39ms
38ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/62472aa6eca6dc15256d33b7/contexts/eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyIsImlwIjoiMjAwMToxYjYwOjI6MjQwOjMyNDc6OjYifQ
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9e20851ce82d5ba36404b183a720ed27e955ff9ec15d649c189e07aeb9115312

Request headers

Referer: http://sofiapp.cfd/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:40 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 209
x-served-by: cache-fra-eddf8230107-FRA, cache-fra-eddf8230062-FRA
x-timer: S1708985861.588824,VS0,VE16
etag: "877dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyIsImlwIjoiMjAwMToxYjYwOjI6MjQwOjMyNDc6OjYifQ
app.launchdarkly.com/sdk/evalx/62472aa6eca6dc15256d33b7/contexts/ Frame 0
0 79ms
25ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/62472aa6eca6dc15256d33b7/contexts/eyJraW5kIjoidXNlciIsImtleSI6ImFub255bW91cyIsImlwIjoiMjAwMToxYjYwOjI6MjQwOjMyNDc6OjYifQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: http://sofiapp.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Mon, 26 Feb 2024 22:17:40 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230062-FRA
x-timer: S1708985861.562661,VS0,VE1

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
296 B 118ms
66ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: http://sofiapp.cfd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 85bb8f3d3bf99944-FRA
access-control-allow-headers: Content-Type

OPTIONS
H2 403 activate
www.sofi.com/logn-backend/api/v1/optimizely/ Frame 0
0 147ms
74ms Preflight
text/html 172.64.149.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/logn-backend/api/v1/optimizely/activate?key=geocomply&id=45c135c8-7cd6-45b4-a5c4-320d59642868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method: GET
Origin: http://sofiapp.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 85bb8f3d68cb2671-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 26 Feb 2024 22:17:40 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BatYKVfH9NbmrVeX1JWRaAmyBWQa3NxeZJ%2Fd%2Bp1l8vEuabOOMFkCLrVD8otBW53B5dz1wit1d%2BMELzSq7IQLhprNsskwTQk3t8jq%2F28OFERNRkvA13F3%2BVW7Bit%2Bnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
343 B 544ms
308ms Fetch
application/json 2600:1f18:24e6:b900:3169:462d:2c37:b982
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aauth0-login%2Cversion%3A1.0.0&dd-api-key=pubdf5746b6080f619cbb1a369f7b9a36d1&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=a297aee1-0bc8-48c8-a1e5-e5f7cfc1c8e4&batch_time=1708985860624

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:3169:462d:2c37:b982 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

afb65149d9834510e9b504ed35c36917f9be723b49c87d28a09305a42100d7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://sofiapp.cfd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: a297aee1-0bc8-48c8-a1e5-e5f7cfc1c8e4

GET activate
www.sofi.com/logn-backend/api/v1/optimizely/ 0
0

GET
H2 200 ingestion Show response
fp.sofi.com/api/ 207 B
909 B 503ms
499ms XHR
text/plain 172.64.149.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b12b1b29c2644cea0f0cacbdacc8ceec9a2230ed0b9042db23c61a7d5d99c1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sofiapp.cfd/
domain: BYFxAcC4HpoZwPYDMCWBDc4B0BjJATIA
pkey: CwZgjA7BDGBGCcBaW0AMBDRwz1Y+ATAQGyIFgCsAZlRPBemCAUA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
attributes: N4IgzgJg1gagpgJzASwPYDsQC4QEYB0uIANCMmAMIZhzoAuy6A5tnQgK5ykCGdbyAI3Z04YbKAYBbOAFV6yADYVuChdhAAWAOwBmEiHY0EAQSa066gLKoAXooXcA9AFZ8ABgAEACgDqjCKgA7mAeAHIAKh64bu4A3B5+6ABsGvEAHikAlB7GAA65CnA+cAIA0sh0Ljpa+DpJ3qUAEuGWADLEHgrIUHAeAOJwAMZQqNkUABYIqNKOuABMc+74SXNJBEkAnB4AytwAZtwIyFU1dfqBJRBHAG6I6gcKNPoOzOzcZuq0ALSG+oOoClQCAAInBcnRxuo5hp9LlkGk4AoAEq8NDqIikOEIhSg8GQnDQ-RA5DmVEYcIAT1ycHULwgYEG3GpX1yR0khwp+nGhwggUOcCo6EG7AQCFog05OBhpFQwkQSNEAOEaEwOFwSTcbjS801538QQVYCVDAw6I1Wp1bn0DLFtENxpVZs12rmup4124im4AkK20GtvQ9oUytNavNLrdICkcBsGDgAHk9nsaBYcF8Nfpo7H0DScABREWoamOABCiC6mFINDAKAw2zoQPeuajHBppEBjIU9cbHxwbE4+n8cAREGBAnU-bbIG4EAgZe51zQCHuKieMup6GBvG93CeOAea5ABV4eyBknUiR0c1hwaYjDEOAmU2kHgACsCAGJv2+MAA+r6BOhvUKDxgVQYVpHoDwPzPXhfwAHiZApkEZE10EcNIviYVBUCYQovkGSZpjgFkID2X9cjIgA+Ygn2It9Pw8GASQuBBfwQpCulQlVHEo8i+Jo0JUVuDwKC6cx2MQ-IuLJdDMPQbhBgUX9Yk4lDZIwlkFKU38qL+bh0A9MBEggRgWBwClRH0wzdw-MzEFZRhUxACBtywZB2TMXjmFiARdzgFJiFctwAA5cA2aI9jmHQ3AgOAtC0KKtCSPZ4oEWcNjI5wVnOEo8Ls5gHKOeh7ggHQQs1ZxnAEZw3D2DQBCTDQUm4Zw9ggOY9nmJIIASvZcoEPC8zSER0FrMb1GMUI+laPMAH17yAoU4AgObDgQbgKTAWI8wADXCOafVoVbJEYdk0h2-a5qU5BcmujA2ABS6Dv+QEEEO9gk0QObuQUPY5r2QFeGeua4rxa6HEkXIQcB1BeEOwp0AgGGNqYUGwQhEHcgBClsPQObUCTFMIe4KGQbAbk4vekQRpFOA5sBZG9oOmm6Dp+6obFGsVUO8FBhB1n2f+TnRHGuaECYOh+eZubBbFAHFBEd6DPIVBHrhaWrrAJE+hLWJ4zzbY5sROBILoBakeHOb2Cc-XDYBgRUHF47vtO3J2Whg2jbAJbXIQVaqeQD0GFubavdl4c2fl2HgfDuX6Zj82KzgQ47aN+OfpUf7E7TiPafl37s6BpPGBThBc9uBAabW0VNoJgQACshjoWIfDzEsZvut6Pq+96c7bjvWg51lRZWvOo-p3cpdb9vO+FkeazHjO4Gnge5+mBeaFW5epdwGfB+Hrmt-H9mwB0VfZ6H+ej6XyPT-PwY5rACWBH3zu4qENGxUtsV3sYU835DzBhCE+YpAGgw2oEHuqUkDgMBDQe69BI7gMkOwBQDAIHcECOA7GChcYYDmpIVAcUBp4XgEgR0OBigCBmlEdw3h4wbloYbDwixPB0VOuwSQmRSHIhdr-C8JRyh0ASCUGavD4BIyBIIsoFReFyHZGAHoEAFQ-zuDgAAkkghQHgNFHBCIw2gzDmCl3kegRRyjJEBGXJo7RuihT4F4fWcUigSwVAfCAK0pALiDS7JTMyrQDJMDeGYch40ZG0JmtsVoHgWEEE8F4Qx6BmHbH6K0aJsTUnxNEkRTh3DeF5hMTmSwK8ZzbkaLufEIAtDenSrOTq0IkhwCvM4HQAgQpRSSB01KIUQoQCSK1JxlNEAlKAq5ICFSKbqAgBoXAZSNBuDmAIXAIVBhJHaTM1KCUNAdQqtVQYGgQpcl3K0EkEBAmvCbB4g8U5uRgFOStIMIZVQgBucc+5Zz4zXNXLck5ZySxTGCOo15Pz9DnXCLKQiAEnIeK8SAckkLxj1kOHQbY7B8iARWiuR4U4GzsEInmW49A0UYqrli-coKeDsFMqgdE0J3AaB0NoZwcwtDOHVG4LQ0oQA+KROECgUJcA1FwLgDQ+A5grPFXoUg-xUBQBJIU4C5KWwDnbOBFQ3ZUYChwvK3M6A0EKBlEcO86AZBHHUOMPguQsCOEcEaPYyAkL4EGO1Rw7BHCAhNY4cYpQYJzG2CWHw3AfDjFCAATTcB+PYMAFDGBsMGywcww1Q2qlANIfpcBIgUDIHwGw8wCGGj4AQMhxh5m4L6kUOgYBvF2gALQUIMdAoRxgCAoLgMAAg5gQFyAIAAjqENwwbwi1o0Y0JgaRa27VQGkHwu0w1pBoRASQPghQ2CKBsD8yza3hBkAoGAoRG3GGcNsXauRwjLNQG4VAcxQi5FraEKATAH1pHxVqYEgw5i1r6EiGQMBLACGBAocIABFGwJYtw+FCK+aAEAFCdoAFLXEnR+b0cwNEetwowfAlrJBqFIGKGBv8zXIE+FDOgnJSCnnoLC4guBiBzFoyFejbh6N0eivRjQ9GkjEGyjxrQPGNjEAzKQCAIpZKJmUKobAqwdCkGjB4wwiBTDmCwB4FjHhtCyY07oX8HgfHAhuIgVT6nNMdE07pl4wSmzGbM7oWzOhdOvSBLiCENntNafMx4OKi5BhwBKUQhAFI3Omfc7prEiIUQmmC3Z0LHhws4gxuMaLHmdMeGJKSNClJqTJfs7p9L9BZLGGYIUHLsXuT+z5GKQUwpRTiiC2p+zuW0tygQE8tCpXPOBH1IENrKoOupZtHAO0ipgztYa+5pr3APReiOn6AMvWMD9Ycx4LMcZEzJhXkt3Tq2cyqboxN7TGhdPVnGpq6z43tCccOxZ9VXYGxaui1dy7umhwjjHI92zR2PAzjnHABcS4PvXbSxuLcQE-I0EB89jwgxcjsDEruMAkOuVhYcHQU8CBJBI6+wEUIatwgbWGFjlH7ATWI4u1yz7jmDJGRMmZPbn3bPOCpzZMABUzAIEcvQVTT22W2Y2Lpnx+V7Ic+KnQVTro+dmY2PzvTeUFDDVGuNMnJnpdS5l4LvdiBxrBdVxp6XAu5eqKpkZi7uuND69l74qxQIdeCb1+ruXCjdzKKN4gE3Ku7fm4d74p3SiVrW4QPT+3HRapuAN745xQpXHuLc6HkPmpw94W2P45gFyrOhK1318bcePCh8T-LopfnSnjO4JMpLrD4-qdqnMfPyeZwjOL+Uyp4v48Mdz24L7dyHnnKCSE0QseO-x8738x5I3nkD6u7VYfHyVpfIn0P3TXf-mAqMPP9vX3wWIuhdRtfU+8voAhfipFQEq4kuxmSiAu+O-bcRYS8wZ-MWX+z4P9funuDUrQHtqvL-2Vfd5fyvbOYJjXPUVDoFIGvaHHVBVBSI6J-fbcAsAxlG7TsM7MwKgOVEkNzFILTbAvLY1RgYjLAxlRA5bAjRAIjI4IgnApAjwKjOgMnEKag5wDoLQIA3TKgdgJBCADwcIDyOAcXVpEAAAXyEKAA
accept-language: de-DE,de;q=0.9

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-security-policy: default-src 'self'; script-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: 56663164-8935-4a22-8355-5b06aa2475b0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCJ7nK1vJP46CnXUvns0DPcIEe3s9w4ueix825Q1vL0HAi2S7LYF7A%2FNyWd3nA4DJkbtyz5YuMXqH7ylvKfKbIItfVtgMbZ6sWSb3ckHBbNNAQlXJcaMi9bFt%2Bsz"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: http://sofiapp.cfd
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 85bb8f41391b58d8-TXL
x-xss-protection: 1; mode=block

OPTIONS
H2 202 ingestion
fp.sofi.com/api/ Frame 0
0 207ms
187ms Preflight 172.64.149.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: attributes,domain,pkey
Access-Control-Request-Method: GET
Origin: http://sofiapp.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attributes,domain,pkey,tokenFormat
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: http://sofiapp.cfd
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 85bb8f3e19b22671-TXL
content-length: 0
date: Mon, 26 Feb 2024 22:17:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4K5bDKnI7Mm9GT1u55HUdR86bdHU7MOlzC4iS6nh%2Br4M8MHDazpbIfLTdMqEc8FDJI9WJSahfN5aQjWx1pGlLfjh78NtL%2F2Dbvn5yFdRU9I4YcoTUKbsK%2F6RT9rx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/ 381 KB
91 KB 28ms
27ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DjzI+HdyHvhC2OCs+qd+pw==
age: 74803
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93164
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:44 GMT
server: cloudflare
etag: 0x8DADF1BA4D9E9D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80c4b5fc-e01e-007a-0e6d-1424c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85bb8f3df99d3820-FRA

GET track
www.sofi.com/logn-backend/api/v1/optimizely/ 0
0

OPTIONS
H2 403 track
www.sofi.com/logn-backend/api/v1/optimizely/ Frame 0
0 33ms
32ms Preflight
text/html 172.64.149.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/logn-backend/api/v1/optimizely/track?event=geocomply-pre-login&id=45c135c8-7cd6-45b4-a5c4-320d59642868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method: GET
Origin: http://sofiapp.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 85bb8f3e099f2671-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 26 Feb 2024 22:17:40 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdlgR2pmzkcEmGvMWJAUBfDuvflYzma%2B4g9zZ6gDmHsRg3XDSGYygU9yHtewPd52WGpAG5eD951%2BIaR5KqsmrB3bkvo2m2R4RCK8Ol28H%2FawRlBZAfGD048XMy6%2F3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET conf
ts-risk.sofi.com/device/ 0
0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/24cdcf72-0bb7-4281-832f-a3c0971510ee/2f1f7fc7-2e7a-428f-b4da-ef978c3d2ee9/ 62 KB
15 KB 81ms
81ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/24cdcf72-0bb7-4281-832f-a3c0971510ee/2f1f7fc7-2e7a-428f-b4da-ef978c3d2ee9/en.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb60d4fab2712b8c5ade28625430a6a1a5b82c3b33068c2ad660ab061cedff32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: yRFWSbTe2iyZOf2LrVPXcw==
content-length: 15690
x-ms-lease-status: unlocked
last-modified: Tue, 24 Oct 2023 21:27:06 GMT
server: cloudflare
etag: 0x8DBD4D7F8FD0AC7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8b5c4a71-201e-0065-6701-6997c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85bb8f3e6a76365a-FRA
expires: Tue, 27 Feb 2024 22:17:40 GMT

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/ 63 KB
12 KB 94ms
92ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/otPcPanel.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df9aee0014c1553fa6f462aa38714f3f35678bba639483b6141e42e52ec2951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: iFWm653zpCZXOB0KT4+Hvg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12563
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:37 GMT
server: cloudflare
etag: 0x8DADF1BA09FC9E2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3f30a6fa-301e-008d-3f01-690e51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85bb8f3f8b95365a-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 5 KB
2 KB 90ms
88ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCookieSettingsButton.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: N/8bGYVpO/n/qpqmCLjZRA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:37 GMT
server: cloudflare
etag: 0x8DADF1BA03DE291
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2988f091-701e-0068-4501-695f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85bb8f3f8b97365a-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 21 KB
4 KB 90ms
89ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-md5: oQsmwuIlJWH4cKDxpI1ltA==
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 612e957f-e01e-009e-1801-692a5d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85bb8f3f8b98365a-FRA

GET
H2 200 Sofi_83x40@2x.png
cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/62a05241-4d4e-4324-8fac-d84d73d9f38b/d48bdbd5-c622-4329-a8be-98a7ff7e8373/ 3 KB
3 KB 30ms
29ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/62a05241-4d4e-4324-8fac-d84d73d9f38b/d48bdbd5-c622-4329-a8be-98a7ff7e8373/Sofi_83x40@2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: r9bXbuZF9K99wSBpYek6cQ==
age: 35674
content-length: 3234
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 19:33:36 GMT
server: cloudflare
etag: 0x8DB52569D32A430
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c968bdbe-c01e-0030-080b-15874c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85bb8f401a903820-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 31ms
30ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 17478
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 03:25:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 44a1d4fa-001e-002f-1067-683448000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85bb8f401a923820-FRA

GET
H2 200 SoFi_Multi_icon_50x50_Ver5@2x.png
cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/62a05241-4d4e-4324-8fac-d84d73d9f38b/d89abae6-ffd1-430c-9799-990bf0faddbe/ 2 KB
2 KB 51ms
50ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/62a05241-4d4e-4324-8fac-d84d73d9f38b/d89abae6-ffd1-430c-9799-990bf0faddbe/SoFi_Multi_icon_50x50_Ver5@2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 26 Feb 2024 22:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: l+87OFbbL6ySRiFyfS2kBg==
content-length: 1648
x-ms-lease-status: unlocked
last-modified: Tue, 27 Jun 2023 20:26:16 GMT
server: cloudflare
etag: 0x8DB774CC29B3E51
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8eb82d08-201e-005a-7d7d-225f64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85bb8f402a933820-FRA

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
343 B 160ms
159ms Fetch
application/json 2600:1f18:24e6:b900:3169:462d:2c37:b982
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aauth0-login%2Cversion%3A1.0.0&dd-api-key=pubdf5746b6080f619cbb1a369f7b9a36d1&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=1020929d-f991-4ca1-b8fb-2c48d38a93a7&batch_time=1708985861162

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:3169:462d:2c37:b982 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

053eefe502bf6815b0e76770ec0f9bc88bb4d4ee5473c443ba963fc7a095af38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://sofiapp.cfd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 1020929d-f991-4ca1-b8fb-2c48d38a93a7

GET
H2 200 all.min.css
form-builder-dn.pifyapp.com/assets/plugins/fontawesome-free/css/ Frame 9643 57 KB
13 KB 82ms
79ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/fontawesome-free/css/all.min.css
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b726a2cced0a9e28dc93be27ae974937e87d68df8b09baf2a4fca2ba5c5a0404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7572960
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"e4d6-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzgazbOo%2BFDeSEoz9AL3dLL1%2FmNWtRNUb8vwB50GrHBYz4sUVtLvmsfgNmoyOEo9JcUZuPtqZstPcdFqga6KNUorsEVSbn%2BRFw%2BovIMeBsO8p6mH5Bft%2FSQ84CGKpS07yN7GM55C2IUfocsPAz0t%2FFnrJqDmSvlE5mo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f405a52f1a0-CDG
expires: Wed, 29 May 2024 06:41:41 GMT

GET
H2 200 adminlte.min.css
form-builder-dn.pifyapp.com/assets/css/ Frame 9643 671 KB
77 KB 52ms
50ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/css/adminlte.min.css
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 50b5c57d4cad6ff9ed8aab829ce398d4dbc8023957451b3af893971908d1a975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9468906
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"a7a7e-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BF4PFOdboMti77YIJcOIEbhgOv5vKu%2BVV25XUOSzsDZWXXaJD%2BvcmV2DAqjFWElRjKvlMS4D8P6xLIA3FiTtEDyA%2Fd7RQO1UUJe8paNiM9z%2BOJdESuUlJ4r0dax35u22vUnTPfRNus9q%2FS4CHtAtalIJb9uLyYjyeIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f405a54f1a0-CDG
expires: Tue, 07 May 2024 08:02:35 GMT

GET
H2 200 tempusdominus-bootstrap-4.min.css
form-builder-dn.pifyapp.com/assets/plugins/tempusdominus-bootstrap-4/css/ Frame 9643 9 KB
2 KB 44ms
42ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/tempusdominus-bootstrap-4/css/tempusdominus-bootstrap-4.min.css
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9805d400f061228a65761951c0707ce8f1263a404c9a19b2c2cc334da42eba45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7761895
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:14 GMT
server: cloudflare
etag: W/"2436-189dd26c970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHHb%2FL1Rif0pwR0mWOKgf2z80vOEW%2F%2BFBUr%2FSaHEfUwNBjOnwtr7Dy2JV3nYYYKH5ANJ3pPNFHVepD%2FjLwBO7UOvne2yAUr3NdsJb6xC7ncjy9xALJLk2TLvJmlJ27WHVGyEDpwpeUxR7TIXuLaeNfsHhPjlrIdrUiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f406a58f1a0-CDG
expires: Mon, 27 May 2024 02:12:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 9643 40 KB
3 KB 84ms
33ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Amatic+SC&family=Fredoka+One&family=Grandstander&family=Great+Vibes&family=Julius+Sans+One&family=Lemonada&family=MuseoModerno&family=Oxanium&family=Pacifico&family=Permanent+Marker&family=Podkova&family=Sacramento&family=Shadows+Into+Light&family=Architects+Daughter&family=Audiowide&family=Balsamiq+Sans&family=Big+Shoulders+Inline+Text&family=Caveat&family=Chakra+Petch&family=Comfortaa&family=Dancing+Script&family=Goldman&family=Indie+Flower&family=Josefin+Sans:wght@300&family=Orbitron&family=Source+Sans+Pro:ital,wght@0,300;0,400;0,700;1,400&family=Squada+One&family=Stalinist+One&display=swap

Requested by

Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e2ec14f83afb9e3a7616cf4ece561a2f08cc96f7b8c0d14f6df8d2ea084d438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 22:17:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 22:17:41 GMT

GET
H2 200 form.css
form-builder-dn.pifyapp.com/assets/css/ Frame 9643 54 KB
13 KB 81ms
79ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/css/form.css?v=13.4
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 785b4abc81574912041bb1f8bc6bc17fb879561bc35e05061fd5a3101961edee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2922308
cf-polished: origSize=70328
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 24 Jan 2024 01:30:30 GMT
server: cloudflare
etag: W/"112b8-18d39171356"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8FQMyoBzhzswpabsAkIx4U6M3RVkNzTKISxgLdgTBO9y2iX9j06a%2Ff5WznPdbAPgIdVq8Phn2SIIoeBA7KGzKOk8clGuL3%2BrDV5qLTcDq%2BYSqIL74%2Fp1avltmH6gFokGDSPKS0Pt9KvRMHoA9LDr9llx8jDxr92cOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f406a59f1a0-CDG
expires: Mon, 22 Jul 2024 02:32:32 GMT

GET
H2 200 form-submit.css
form-builder-dn.pifyapp.com/assets/css/ Frame 9643 4 KB
2 KB 46ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/css/form-submit.css?v=8.8
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4b8a91b9e33a0df97b69ed284a8686d40424b7d4f9dbe32508b66f5394086d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10249673
cf-polished: origSize=4900
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 07 Oct 2023 02:59:36 GMT
server: cloudflare
etag: W/"1324-18b081379c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnFlorPCMc3DBSLjNMPOklZZfvowwXcqAH3UjuVI7nMbbnxNlt9cJbyPZ6U6RtPHT1ZZ0MmG3WJijrJeEM5LEm5uHbodxPgM0TFFg8wHxPlnt46bgdOvQY4mNW1xSK0ycEKRZxcJf3%2Bufq%2BvR2jiwjXvQAks%2FMMgGtA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f406a5bf1a0-CDG
expires: Sun, 28 Apr 2024 07:09:48 GMT

GET
H2 200 custom.css
form-builder-dn.pifyapp.com/assets/plugins/pekeUpload-master/css/ Frame 9643 3 KB
1 KB 44ms
43ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/pekeUpload-master/css/custom.css?v=1.0
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3c621bb0340388553bb7ef0eed1a7a4132bbea868919c1a82dc717af24f963a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7832496
cf-polished: origSize=5012
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"1394-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8cNdu0jjAq1c1uPgCtI1WxrWeDKnZ2dPpGsjwbqMLvCkQ9tyj8JcBdlOoXsb2dD3BZPgR%2FlXdLW9Yhq6lbGII9CK5HGpmU%2BbZHa35cqkwPkgpeoXVxEevMomN98vIb4ikjiv3sWMdQMhwhb6DRYEA6QFKjTXT%2Fxmto%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f406a5df1a0-CDG
expires: Sun, 26 May 2024 06:36:05 GMT

GET
H2 200 jquery.min.js Show response
form-builder-dn.pifyapp.com/assets/plugins/jquery/ Frame 9643 86 KB
32 KB 47ms
46ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/jquery/jquery.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10259801
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Apr 2020 23:06:24 GMT
server: cloudflare
etag: W/"15851-17137fee580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7D%2BPDKBQkEh7N0n%2BtDR4bcCSA%2BJ%2BYDPNddRK8HE6FD4utYGPSH%2B%2B2hexfHSkgwrKxbHPe1JCkAOTQpOWX4ogARiX8GR481OUkdYhQSo8thqVPxwmfXx8tb7wG%2Bxc4SnWMYeeEVgMClC0drvsK03gAa1i%2BWNC3QUglY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f406a60f1a0-CDG
expires: Sun, 28 Apr 2024 04:21:00 GMT

GET
H2 200 success.png
form-builder-dn.pifyapp.com/assets/images/ Frame 9643 3 KB
4 KB 45ms
44ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://form-builder-dn.pifyapp.com/assets/images/success.png
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6d63ced7a3abe85b5e0074b9ae8ce4a9113e3fb51ccf69b091c816edb7221496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7835612
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 3347
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"d13-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1kEpKmUSxhnoTOJiFDfUcczXciojiWtHzAk6PLK20OA2kw1WGOiZFxYRVz3c2GLim%2FMzw9UGgOO41nlCOJCVVRSGWtsISBVxQ0cdq%2FMzxyOuPHsFrwYe5lOUVUsb3BPi5OHcwW0DlXG80dNz1S96rjmX8s6HteBLPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 85bb8f406a62f1a0-CDG
expires: Sun, 26 May 2024 05:44:09 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
form-builder-dn.pifyapp.com/assets/plugins/bootstrap/js/ Frame 9643 79 KB
23 KB 79ms
78ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9319901
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"13b40-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrD2HuRelgUL6smp5p4VTfhdZ%2FF1DEYBNg%2By3VKBp5WWTAKu4vDxs2ngsMognnbm3SV2uaxLpwA4g18hiAG3rnrcXNQWs2PJHlzS7%2B%2Fg9O3Rprh%2BTPUjr44%2FZvxKxlgmg92ItCAvmXiP7%2FyEb6c7iYNrOUjXtk5Wt5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f406a63f1a0-CDG
expires: Thu, 09 May 2024 01:26:00 GMT

GET
H3 200 adminlte.min.js Show response
form-builder-dn.pifyapp.com/assets/js/ Frame 9643 24 KB
7 KB 41ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/js/adminlte.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d2acb30ae6b758902448c385a50eb7c317dee6894e1fdbd20ca7130725a23847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9128294
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"61a9-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzbL2%2BPIomqC0yXSsMK5jj6A8tXGBx8o5JG7gyovawsUUCskI1gdOsJVcUpe66C2aumdr%2FtLWKkn4VsVa3uE7X28xlD0pHJ8GNrQMe0Mozr88Uv6NEr8Dz8hoyxDJJ0CuxZV5CpjUWoMAvN859sf23kEEYUOUfUAh90%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f40ac246654-AMS
expires: Sat, 11 May 2024 06:39:27 GMT

GET
H3 200 jquery.validate.min.js Show response
form-builder-dn.pifyapp.com/assets/plugins/jquery-validation/ Frame 9643 24 KB
8 KB 41ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/jquery-validation/jquery.validate.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ea335e1de5f7b3743ec647c1f18cd6bebfa0c5bcc82028f0470ab3cea213bbc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9573607
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"5f3b-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BM%2FntqBQ7QzEmW%2FzsAm%2FYqrVGJb251uNJefMu2IuzXUZgouJi%2FyC1G8NYcmMElGcOX7TRwCejZtl0XZM%2F0gz7zpn%2BOC7bEMWwHKoypsGQbr04KBuk9W8FjuKX8XiftUIaT97AZkd89QhHnTRWLc%2BV2A%2FrXC7vhEWKOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f40fc886654-AMS
expires: Mon, 06 May 2024 02:57:34 GMT

GET
H3 200 additional-methods.min.js Show response
form-builder-dn.pifyapp.com/assets/plugins/jquery-validation/ Frame 9643 22 KB
7 KB 44ms
44ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/jquery-validation/additional-methods.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 70ca68b691e622dd981a4e3885186f47ffb49855a1195f62e8f9599c5027fc51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332620
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"5887-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7brPr1%2F9OGUc3HpZShDa78xnZBhXUrXrc2C1UP0gauuYuFjwLj%2Bhw3nxWm6RfY%2FrkUqgiCnoMjgf%2B7u%2BAePfTE%2FqwxTc5%2BXonP%2FhLNTELR%2BSN6ohQ9%2BRIeTH80Wlgj5XQqMS8PtfoSLb1RLPwywmd7hY7lTBxyi9XuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f414cde6654-AMS
expires: Wed, 21 Aug 2024 01:54:01 GMT

GET
H3 200 moment-with-locales.min.js Show response
form-builder-dn.pifyapp.com/assets/plugins/moment/ Frame 9643 329 KB
68 KB 51ms
50ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/moment/moment-with-locales.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9551332
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"52243-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpN8wGLewL6MqyhVL5J7caY1dNBjRxR56uST5LSP73dPjiF%2BtdPx9zksLGl3MshdCIzvNM6njsE9OpLpOtr6y0E7Jf5YbDAkg7w%2FKe4AEaIQCq23jOh%2BiBLFKyfS53yz7YyIcReZA0SP4dF%2BR4P5yRlkR03hLlVysRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f418d116654-AMS
expires: Mon, 06 May 2024 09:08:49 GMT

GET
H3 200 tempusdominus-bootstrap-4.min.js Show response
form-builder-dn.pifyapp.com/assets/plugins/tempusdominus-bootstrap-4/js/ Frame 9643 56 KB
13 KB 99ms
97ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/tempusdominus-bootstrap-4/js/tempusdominus-bootstrap-4.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9fd478026a766f14e1f270947c329fb26b1a430aa7cb0394e51fa342e97b9919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7664851
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:14 GMT
server: cloudflare
etag: W/"de35-189dd26c970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOGeK1mqyMPflIWAJ%2FU51y0X424JvC1UY9arkLzMojYQxKw73Msd3T5%2BEZUFuntIklD1vTSPZ0vZ9zU7JU%2B%2FgUS5rD%2B8ZNmmc05HJIw3NMC%2Fd2KekB2XdQ6oGykfhjP2HHOxnu0iTwWIol3%2FhnA6rphLcM6C9rJLu%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f419d2f6654-AMS
expires: Tue, 28 May 2024 05:10:10 GMT

GET
H3 200 jquery.cookie.js Show response
form-builder-dn.pifyapp.com/assets/plugins/jquery.cookie/ Frame 9643 2 KB
1 KB 130ms
127ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/jquery.cookie/jquery.cookie.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7843899
cf-polished: origSize=3238
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"ca6-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ATIrpL%2FUKwzsQucw855Xs70qibK2IBl1i5rYHOdJmzKxztUCIYv2WTbj18M1fXZ5xzUf8piwJ%2BEISR7UUx%2FccmB%2B1vx0Qab8PkdCGuy%2FdCBni7oezDpaeDpfmJnatZqb5mdDrQ7zL37E5Lq%2Fz7XdrPQEQX5uFcArf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f419d336654-AMS
expires: Sun, 26 May 2024 03:26:02 GMT

GET
H3 200 form.js Show response
form-builder-dn.pifyapp.com/assets/js/ Frame 9643 45 KB
9 KB 130ms
128ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/js/form.js?v=13.5
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1b635500638166765ffe8f2b14989d2d5b1e985763d2278fb84881cb8a7b0726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3787395
cf-polished: origSize=57049
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 14 Jan 2024 02:00:03 GMT
server: cloudflare
etag: W/"ded9-18d05b28a49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ju3%2BGQJX0YmPeDNV55Yvc4oBj1JGHzr0LrHcFRaWhWDjuQ%2B5KKBabWzSku%2Bd%2FuJm0y9V8Bi7YtQQLMotfyEJ2Y2qQMk6L617GIMLc2FMpuDMkZ%2FwWUCPj6OC9ELLABmkrA%2BX6ClOm5h4WRhZLsuGxaI7P1ngJkvcOe0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f419d356654-AMS
expires: Fri, 12 Jul 2024 02:14:26 GMT

GET
H3 200 pekeUpload2.js Show response
form-builder-dn.pifyapp.com/assets/plugins/pekeUpload-master/js/ Frame 9643 9 KB
3 KB 130ms
128ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/pekeUpload-master/js/pekeUpload2.js?v=1.1
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d8f9fff758328d1c552a6f409395474cf1f43bcb8e96abd07073c2473308228a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7664850
cf-polished: origSize=18680
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"48f8-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCN6ypgWawbRbLeKNRNeGrL0QFG4EYoAZm8fbNNvtrp95IFHAh2OJfLFJTVOtoXCF9wNmQ%2B1MUjc1ZSf1rukIPh8Vb7eAliyMb3hahvo1ISC7hMdkHhxJ40WfNz8mR1W%2FPw93HHtmUeOjePzG3Da8GmrSfF4oQ5TZK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f419d376654-AMS
expires: Tue, 28 May 2024 05:10:10 GMT

GET
H3 200 jquery.raty.min.js Show response
form-builder-dn.pifyapp.com/assets/plugins/jquery.raty/ Frame 9643 8 KB
3 KB 130ms
128ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/jquery.raty/jquery.raty.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 028cc35887b02d9e71c8f14c5b69c3494488562f9c33004dcd63a8b9a563de71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9393585
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"205b-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4Xgj9SU1TW8jgAsw3KtF75DcRK2yUbtboFK4em99g30bDCyq%2FB8aNpdg%2FkjcyHHVZgejO6K2Io%2FToSy9UMWm3mSdBxGrAJLL3VGxpjU%2BNz1E3RSmSGAJuU%2B61eVEsYPfyi0qKEPj0yEM%2B1OXrvxKJh6re6t6kwGNOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f419d386654-AMS
expires: Wed, 08 May 2024 04:57:56 GMT

GET
H3 200 jquery.qrcode.min.js Show response
form-builder-dn.pifyapp.com/assets/plugins/preview/ Frame 9643 14 KB
5 KB 129ms
128ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form-builder-dn.pifyapp.com/assets/plugins/preview/jquery.qrcode.min.js
Requested by: Host: form-builder-dn.pifyapp.com
URL: https://form-builder-dn.pifyapp.com/form/s/15731
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 48aae8f9290ead28771d3454402ec3698cbc0b6d1003200cde499a7ad6c2409f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form-builder-dn.pifyapp.com/form/s/15731
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22366
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 01:54:12 GMT
server: cloudflare
etag: W/"36c5-189dd26c1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20%2B4mHBliHtvwx4udC%2FScG2qG55dLdXM9pxmZc0TCA7i6MStDJSpiRj7iVwH%2BfVmBXaDmLpNdz70cWQ%2FZvEo3HAyKZ6rSsZkPeTTpx%2F1Mc41hvj8VZGMCcyNWwzqjBTegjunOks8xNyjzjPD04Ttr5vFUXFclSqJj6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=15552000
cf-ray: 85bb8f419d3a6654-AMS
expires: Sat, 24 Aug 2024 16:04:54 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9643 15 KB
15 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Amatic+SC&family=Fredoka+One&family=Grandstander&family=Great+Vibes&family=Julius+Sans+One&family=Lemonada&family=MuseoModerno&family=Oxanium&family=Pacifico&family=Permanent+Marker&family=Podkova&family=Sacramento&family=Shadows+Into+Light&family=Architects+Daughter&family=Audiowide&family=Balsamiq+Sans&family=Big+Shoulders+Inline+Text&family=Caveat&family=Chakra+Petch&family=Comfortaa&family=Dancing+Script&family=Goldman&family=Indie+Flower&family=Josefin+Sans:wght@300&family=Orbitron&family=Source+Sans+Pro:ital,wght@0,300;0,400;0,700;1,400&family=Squada+One&family=Stalinist+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://form-builder-dn.pifyapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:27:49 GMT
x-content-type-options: nosniff
age: 485392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:27:49 GMT

OPTIONS
H2 204 62472aa6eca6dc15256d33b7
events.launchdarkly.com/events/diagnostic/ Frame 0
0 374ms
121ms Preflight 18.207.68.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/62472aa6eca6dc15256d33b7

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.207.68.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-207-68-144.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: http://sofiapp.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Mon, 26 Feb 2024 22:17:41 GMT
strict-transport-security: max-age=31536000

POST
H2 202 62472aa6eca6dc15256d33b7 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 132ms
132ms XHR
application/json 18.207.68.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/62472aa6eca6dc15256d33b7

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.207.68.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-207-68-144.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://sofiapp.cfd/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Feb 2024 22:17:41 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H/1.1 200
OK check.js;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0 Show response
st10.sofi.com/fp/ Frame 1303 322 KB
58 KB 79ms
79ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/check.js;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&jb=373926246a716f7d35556b6c6467777326687b6735556166666f7773273032333326687360753d4168706f656d24687162354368726d656d2d3038393032

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&page_id=1&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

fbc2e32e6ff7c44773e0ef8cc511776801a150dca548e642b9d1b50b07f8be27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: bb3fc99a22c8500d
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 1303 81 B
475 B 115ms
38ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 1303 81 B
475 B 120ms
40ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
st10.sofi.com/fp/ Frame 27A9 19 KB
6 KB 33ms
32ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/HP?session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&org_id=5ugj8dr8&nonce=bb3fc99a22c8500d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/check.js;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&jb=373926246a716f7d35556b6c6467777326687b6735556166666f7773273032333326687360753d4168706f656d24687162354368726d656d2d3038393032

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3854a392addc01f30920c57288a277c0f9c9576bb130767dddcd0648f6137038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sofiapp.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5796
Content-Type: text/html;charset=UTF-8
Date: Mon, 26 Feb 2024 22:17:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame 1303 81 B
526 B 115ms
38ms XHR
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 5ugj8dr8/bb3fc99a22c8500dfaa6a258-c3f5-40a3-99b9-b0ea72b2b5b5
Referer: http://sofiapp.cfd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 26 Feb 2024 22:17:41 GMT
Server: Apache
Etag: 8d35a2154e6445728436bdd569ccf457
Content-Type: image/png
Access-Control-Allow-Origin: http://sofiapp.cfd
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 24 Feb 2029 22:17:41 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0 Show response
st10.sofi.com/fp/ Frame D740 91 KB
13 KB 43ms
42ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/ls_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

eb99ffb30fc879bb90e4024007da413e74223ae70e5003cc47abdb6c672aa321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sofiapp.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 26 Feb 2024 22:17:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
st10.sofi.com/fp/ Frame 1303 0
387 B 38ms
37ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&jb=3136266e73633d6c30633735636d393731603d3c6b633d30353161333134323437316335333131

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0 Show response
h.online-metrix.net/fp/ Frame B08D 104 KB
15 KB 136ms
41ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

5d919bc66b38ac680ee561d439850e5803abda744c109c52bea13e67917699c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sofiapp.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 26 Feb 2024 22:17:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0 Show response
st10.sofi.com/fp/ Frame 969E 90 KB
14 KB 41ms
34ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/top_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

d7a96e18645d3ee3a7a42407b25fea96cc5330c409c0593f032312a28255df26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sofiapp.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 26 Feb 2024 22:17:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
st10.sofi.com/fp/ Frame 1303 0
218 B 73ms
33ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&ja=3032373b262463353e3224783d3e3026663f393e383270393030302663643f3334303278333230322671787135327a32266c70723d3324393e323824333230302e333432322c333232302c3336323024393032322c393630302e393a383224382e30266d763f633a3a326362616463353766646e6c643b676130343131363f383e6031693561266d6c3f36247163663d3034266e683f687c7c722731412d324625304e7b6764616972702e636466273044752732446c6f65696c253a4e6a49446f3a534257635f60465b384e64566c417863554f30596f7037626b7a5361315a6457553b456a457857605d604d63434e7772335677635a586e636c4e6a6243337360326c7860734c306957545a4b406f705850677a5758597a6045666f576c637865573b466031525c576e544e6b6e41355150785c603967326f324e72584c69654e69787763307a446132524f5057544d6a446c5453724a4c635f4652646b646e603048745a5a466362324b2530466467656b6c2e60746d6c24786435312e786a3d373864303a6363366063646265333131623f3b3a35636538643362666a3a6c362e606a3d63313663353561363b3866396333383262386b313330323062376436696a3f672e62716f3d576b6c666d75732732323131246a7162354b6a706d6d6d253230333a3a2e687b67773d57696c666d757126687360753d4168706f656d246c6a633534266e6f7c7835322e7c78643d4577706d72672530464065726e696c266569766a703d3c30303366396b3a606d6b323265366161373432303a3263643137353630396e6636373830313431663e6d69633a3c666339346364606635323131313139346124647a356a7676702d334125304e2d3a447b6764696170722c616466253046772532446c6d6761662730446843466f32514a5f695560465b304666546e437863574f325b6d70376269785b6b33506e555f39456247705f6a57604d634b4675703154776358586c616e4e6a6241317b6a30667262794e3061555c52414a6f7058586f78555a5b7a6047666d556e63786555394e6a3358565564564e636c493d5b5a785c60316f306d304c72584e69674c6b78776332784c6b305845525d564d6246645c59784a4c63574e506669666e60324876585846636230492d3a446e6d67616e2e687665642e7235786e7567696c5d646e63736a25374566636c716529786e776569665f77696c6c677f715765676469615d726e637b657025374566636c716529786e776569665f61646d6a6d57636b7a6d62617427374764636c716523706c77676b6e5779776b616b7c696d65273d4d6e63647b6721706c77656b6c5d736a6f616b77637667253d4d64636e736d21706c776f61665d7a6d636c706c637b677027354766636c736721726c7d6f6b6c5d7664635f706e69716d702d3d4766616c716723726e7565696c5f646776636c7e7a27374766696c73652378647d6561665d7376675d746b6775657025374566636c716529786e776569665f6a6174692d3d476e696e736526656e5d613f776762656c576762454c2d3a32332c302d3230284d786d6645442d30304553273032302c302732324368706f6f697d652b5567624f4c2532324f445b4e2d3a324553253032332c322530302a4f70676e454c2d3a324751253a30474c51442d3a324d5b273230312c32273032436a726d6d69776d2b576d6a496b76576d624b69762d3a38556d6a454c414e454e475d6b6e7174636e6367645d617a7a637b71253b422532324d505c5d6a64676e645f6f6b6c6f6378273340253232455a54576b6e6b725f6b6f6e747067642d314a2d30304558565d616d6e6f705f6075666465705f60696e645d66646f6174273b4a2d30384d5a545f646772766a5d636e616f702531422732384d5a565d66646f61745d6a646d6c6c2d3142253232475a565d667061655f64677076682d3b402730304d58545f726764716567665d6f66667167765d616c636d722533402530304d50565d7168696465725d7c6d70767d7a675f6c6f66273140273232455a545f76657a747d7a675d616f65707265717b61676c576a727463253140273032455a545d74657a7477726d57616d6f707a6573736b676657706f7c61253342273032475a545d746778747772675f6e616e76677257616e6971677c7a6d786161253342273032475a545d73504742273340253a384d47515f6d6c656d67667c576b666c67785f756b6c762731422732324f45515f6462675770676c646d725f6d6b786569722d3b402532304d47515d7174636e666172665f66657a61746376697e657325314a2d3a32474d515f74657a767770675f646c6d6174273340253a384d47515f7c657874777a6d5764646763745f6c6b6c6763702531422732304d45515f7c6d7a7677726d5f68616e6e576e6e6769762533422730324d47535d746778747772675f60696e645d66646f61745d64616667697a2733422530324d47515f74657074657a5f63727a697b5d6d6262656374273b4a2d30385f4742474c5d616d6e6d725d6277666667725d666467637627334a253230554d4a4f4e576b6d6d707267717167665f76657a747570655d617b7c612731422d323057474a4f445d6b676f707265717167665d746778767572675f67746b2d31402732385745424544576b6d65787065737367665d766778767570655f677461312d3b402730305f4542474e576b676f787a67737365665d76677a747772675f73317461253b4a273032574d42474c5d6b6765727a6d717365645d76677a767570655d733376635d737a6f602731422d323057474a4f445d6c6d6075675f70676c66677267725d696e646f27334a2d303255454a474c5f666d787c6a577c677874757067273140253030554542454c5d647a69755d60756e666572712d3b4a273a38554542474e5d6e6d71655d636d6e74677876253b4a273032574d42474c5d657d6476615766726177273140273030554540474c5d706d6c716f6d6c5d6d67646531342e6f645d6035676265643534313630313031646437616263306b316334636438343632343d6a3a633169603438362475656e743d4b6e76656c27323249666b2c24756764723d496c7c6d64273a384b7269732730324d72656c474e253232456c676166672461636c3d31&jb=333534246c733d4567786b6e6c692532463726382d30382055696e646d75712730304c5427323033302c302d3b402730305f696e36362d3b4a273a387a3634292730324372706e65556562496976253a4e3731352e3b362532322043405645442732432530326e6b69652732324765616b6d292d3a32416a72676d6525304e393a3026382c363236332c343b27323253636661706927324e3d31352c333e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
5ugj8dr87emh6k3iegs46dib3gesrekhm56mde6gbb3fc99a22c8500dam1.e.aa.online-metrix.net/fp/ Frame 1303 81 B
438 B 228ms
33ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ugj8dr87emh6k3iegs46dib3gesrekhm56mde6gbb3fc99a22c8500dam1.e.aa.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
st10.sofi.com/fp/ Frame 27A9 209 KB
29 KB 49ms
44ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/check.js?&pageid=99998&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&org_id=5ugj8dr8&nonce=bb3fc99a22c8500d

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/HP?session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&org_id=5ugj8dr8&nonce=bb3fc99a22c8500d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6e9f17a337555791a7c958a9467dced2db722a9be23f7d930cc502b3f3abd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st10.sofi.com/fp/HP?session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&org_id=5ugj8dr8&nonce=bb3fc99a22c8500d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: bb3fc99a22c8500d
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
st10.sofi.com/fp/ Frame D740 0
387 B 39ms
39ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&jf=3136266e73603d6a303a3735666a6665353a693c30643a6a3a373636336363613a646035633131

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/ls_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st10.sofi.com/fp/ls_fp.html;CIS3SID=C666C434860B7807D7B0BD9D33AD47F0?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 22:17:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=FEC9063A6D37C2D49942D16159C81BEF Show response
st10.sofi.com/fp/ Frame 27A9 35 B
557 B 42ms
42ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/ARF;CIS3SID=FEC9063A6D37C2D49942D16159C81BEF?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&pageid=99998&sera_parametere=BBIOXltcWAQLAAYJVwZRVVoABl5aC19QUANVXAUIAwUGAQpVVFpaBFYHBh5GQw0NDBJGEhAcCiUXBSEdAnQVVlIIQAMPXFQEXEYQHQZ0FVMgUhZRJxwLUVpdEExGFQMgR1VxQ1R9HwVbDwZaVlMCAAAGUgMCDgoECwpXDgxSAVFRUAVXBg0BVwVXAAhXVAkBAQMVCAxXWgQPUAELU1MJXQNQAQVbDAlRVhQJSwgASFxTVwtUUg1aAwUFUwxWCVNTUwZSVAJbXFJQAFYLUwUJAAZQBARXXFtHU1teCQQDBkILCw5LUh9JCA8LWgEMCBYMCV8VBF56URNdXwYeV0YNVVBQFQQMSgQ2W1wHV0JDFgcAX0cCGWZaAF5eAVlWWxYBFl8AXw%3D%3D&count=0&max=0

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/check.js?&pageid=99998&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&org_id=5ugj8dr8&nonce=bb3fc99a22c8500d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f4bf28aee421e7e76b8b361506f36ae1dbc4450bd2ea13074d8daac02b71335e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st10.sofi.com/fp/HP?session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&org_id=5ugj8dr8&nonce=bb3fc99a22c8500d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 22:17:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
st10.sofi.com/fp/ Frame 1303 0
387 B 40ms
40ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5&nonce=bb3fc99a22c8500d&jac=1&je=33393624266866663531246866603d393934393f39646a6e3b3733376731343560613535366262313960633c3a613a246a6e746e3d3232393937323b247765693f3033352c3133342c32313a2e30332e786f3f6c6f2e6175646a356b69356a31673665363a3361616363346630613761313b32313b343136366a356333333f313e603c6c3a6464343a3432323138646536663031666164303c373b246570333d63333b6b3c67383d3b65383166323535643364646030643a3835613130363663386a656333613b6a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sofiapp.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 22:17:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 202 62472aa6eca6dc15256d33b7 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 148ms
146ms XHR
application/json 18.207.68.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/62472aa6eca6dc15256d33b7

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.207.68.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-207-68-144.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://sofiapp.cfd/
X-LaunchDarkly-Payload-ID: dcb4cfd0-d4f4-11ee-9bd9-c3ec1fdd7740
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Feb 2024 22:17:43 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 62472aa6eca6dc15256d33b7
events.launchdarkly.com/events/bulk/ Frame 0
0 120ms
120ms Preflight 18.207.68.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/62472aa6eca6dc15256d33b7

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.207.68.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-207-68-144.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: http://sofiapp.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Mon, 26 Feb 2024 22:17:43 GMT
strict-transport-security: max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.sofi.com
URL: https://www.sofi.com/logn-backend/api/v1/optimizely/activate?key=geocomply&id=45c135c8-7cd6-45b4-a5c4-320d59642868

Domain: www.sofi.com
URL: https://www.sofi.com/logn-backend/api/v1/optimizely/track?event=geocomply-pre-login&id=45c135c8-7cd6-45b4-a5c4-320d59642868

Domain: ts-risk.sofi.com
URL: https://ts-risk.sofi.com/device/conf?tenantId=cm544ol3dg8p0y2auumwyrey488tupg7

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SoFi (Financial)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sofiapp.cfd/	1970-01-20 18:44:32	Name: SOFI_USER_DNT Value: null
st10.sofi.com/	1970-01-21 04:19:05	Name: thx_guid Value: 922d49bcb67eb292115ec48deac4f2fa
.sofiapp.cfd/	1970-01-20 18:44:32	Name: SOFI_TXM_SESSION_ID Value: faa6a258-c3f5-40a3-99b9-b0ea72b2b5b5
.sofiapp.cfd/	1970-01-21 03:28:41	Name: SOFI_BROWSER_ID Value: 45c135c8-7cd6-45b4-a5c4-320d59642868
.sofiapp.cfd/	1970-01-20 18:44:32	Name: SOFI_GEOCOMPLY Value: 0
.sofi.com/	1970-01-20 18:43:07	Name: __cf_bm Value: QW4ir7EYr8wXZBLbbWdGt7vi3oWtrt3iJxyoqh7YCMU-1708985860-1.0-ARBmoQtC+vO8rZHTb3RVbg5UVwxZrdDD+qIs889YT7QdW193XxGpSCtFhODMcIv0L1jgXrnNemC/FGjzmd5ktS4=
fp.sofi.com/	1970-01-21 04:19:05	Name: soc_visitor_id Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjp7InNlc3Npb25faWQiOiJkYzAzMTA2YS1iZmUzLTQxNDEtODEzNy0yYWRmZjkwYWU3ODEifX0.77C1tGQ28OZpJNSLeL9A83AIfRXjH87yf_KKb33Ttp4IBq8iJ7NsyQXcZhH8N1aP_wVYZhxPnMeY2wVEknNk8A
.sofiapp.cfd/	1970-01-20 18:44:32	Name: SOFI_FP_SESSION_ID Value: 45d0d8e6-1a9a-4c4d-93c8-e293e2ff7ddeeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjp7InNlc3Npb25faWQiOiJkYzAzMTA2YS1iZmUzLTQxNDEtODEzNy0yYWRmZjkwYWU3ODEifX0.77C1tGQ28OZpJNSLeL9A83AIfRXjH87yf_KKb33Ttp4IBq8iJ7NsyQXcZhH8N1aP_wVYZhxPnMeY2wVEknNk8A
.sofiapp.cfd/	1970-01-20 18:43:06	Name: _dd_s Value: rum=2&id=cd853431-bc1e-4cd7-b05d-ccf92999263c&created=1708985860313&expire=1708986760313

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Access to fetch at 'https://www.sofi.com/logn-backend/api/v1/optimizely/activate?key=geocomply&id=45c135c8-7cd6-45b4-a5c4-320d59642868' from origin 'http://sofiapp.cfd' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.sofi.com/logn-backend/api/v1/optimizely/activate?key=geocomply&id=45c135c8-7cd6-45b4-a5c4-320d59642868 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Access to fetch at 'https://www.sofi.com/logn-backend/api/v1/optimizely/track?event=geocomply-pre-login&id=45c135c8-7cd6-45b4-a5c4-320d59642868' from origin 'http://sofiapp.cfd' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.sofi.com/logn-backend/api/v1/optimizely/track?event=geocomply-pre-login&id=45c135c8-7cd6-45b4-a5c4-320d59642868 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Access to fetch at 'https://ts-risk.sofi.com/device/conf?tenantId=cm544ol3dg8p0y2auumwyrey488tupg7' from origin 'http://sofiapp.cfd' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://ts-risk.sofi.com/device/conf?tenantId=cm544ol3dg8p0y2auumwyrey488tupg7 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://sofiapp.cfd/u/login/hKFo2SBWaWhNY0FfVlAzaWM2Ymp5bkxSc1RlUW9EbExWbUhEaKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHgxZXoxWXYxbGdmWnczeW9Fb1ZTUlVNcnA5SXpTb1o0o2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I/login.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ugj8dr87emh6k3iegs46dib3gesrekhm56mde6gbb3fc99a22c8500dam1.e.aa.online-metrix.net
app.launchdarkly.com
cdn.auth0.com
cdn.cookielaw.org
cdn.geocomply.com
d25w3v87zu4vev.cloudfront.net
d3331otr86r7j1.cloudfront.net
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
form-builder-dn.pifyapp.com
form-builder.pifyapp.com
fp.sofi.com
geolocation.onetrust.com
h.online-metrix.net
js.dvnfo.com
platform-websdk.transmitsecurity.io
rum.browser-intake-datadoghq.com
s3-eu-west-1.amazonaws.com
sofiapp.cfd
st10.sofi.com
ts-risk.sofi.com
www.cloudflare.com
www.datadoghq-browser-agent.com
www.sofi.com
ts-risk.sofi.com
www.sofi.com
13.33.193.10
151.101.194.217
172.64.149.225
18.207.68.144
18.66.122.44
2600:1f18:24e6:b900:3169:462d:2c37:b982
2600:9000:211a:5400:10:8d:3740:21
2600:9000:2449:cc00:10:474e:104a:2961
2600:9000:275d:4a00:19:f7cc:81c0:21
2606:4700:4400::ac40:9b77
2606:4700::6810:7c60
2606:4700::6812:1f64
2606:4700::6812:83ec
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
52.218.101.147
52.222.165.229
78.140.140.218
91.235.132.130
91.235.132.67
91.235.134.131
01d40df7c31566ce3812adb24f0b682ae7e19d4fae67bbf69179c3e6fab3655a
028cc35887b02d9e71c8f14c5b69c3494488562f9c33004dcd63a8b9a563de71
053eefe502bf6815b0e76770ec0f9bc88bb4d4ee5473c443ba963fc7a095af38
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c
0e2ec14f83afb9e3a7616cf4ece561a2f08cc96f7b8c0d14f6df8d2ea084d438
10ae87d78aab5b7c6936448bf87e64afe9db35199d91ebb2e27fc49b33a6a236
13637c2d3a04a168df5e92ecb808fe82b8c1648a94d4fea62567bb2e0d70c9fe
16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef
1b635500638166765ffe8f2b14989d2d5b1e985763d2278fb84881cb8a7b0726
1df9aee0014c1553fa6f462aa38714f3f35678bba639483b6141e42e52ec2951
212caf96afef925399b89e4e7af9412084fdf9c9f33fee4e5ce5a2dc85e284b4
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
3854a392addc01f30920c57288a277c0f9c9576bb130767dddcd0648f6137038
3c621bb0340388553bb7ef0eed1a7a4132bbea868919c1a82dc717af24f963a9
4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a
48aae8f9290ead28771d3454402ec3698cbc0b6d1003200cde499a7ad6c2409f
4b8a91b9e33a0df97b69ed284a8686d40424b7d4f9dbe32508b66f5394086d3d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50b5c57d4cad6ff9ed8aab829ce398d4dbc8023957451b3af893971908d1a975
51ba9b3220ef32faedd7860a4de97ba4185ca6ee8fe1744229bb1d68463f9861
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5d919bc66b38ac680ee561d439850e5803abda744c109c52bea13e67917699c9
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6d63ced7a3abe85b5e0074b9ae8ce4a9113e3fb51ccf69b091c816edb7221496
6e9f17a337555791a7c958a9467dced2db722a9be23f7d930cc502b3f3abd7e1
70ca68b691e622dd981a4e3885186f47ffb49855a1195f62e8f9599c5027fc51
734b5f8af2a3d77d664c4306cd97ba44f4f065966d57c34c094db079a51a7e57
750b51c455cf50f416fc103d3f0a56bdd72863523dd3c06474df640de26afae3
785b4abc81574912041bb1f8bc6bc17fb879561bc35e05061fd5a3101961edee
7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c
7b12b1b29c2644cea0f0cacbdacc8ceec9a2230ed0b9042db23c61a7d5d99c1d
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
86bb6a1fe8c41c3bcb8a7ff89233d87e96e2c091903add96e34ae38c3237df89
9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9805d400f061228a65761951c0707ce8f1263a404c9a19b2c2cc334da42eba45
9e20851ce82d5ba36404b183a720ed27e955ff9ec15d649c189e07aeb9115312
9fd478026a766f14e1f270947c329fb26b1a430aa7cb0394e51fa342e97b9919
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a7017ff1f3138504fc8a0fce18ad30710b171330bd5ffc4b59ba3560206bcfef
a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411
ab1291f91042e175fa02a9c1d5d5881cd51a0fa1d5e45d5d1f9e8259f9bd50e2
afb65149d9834510e9b504ed35c36917f9be723b49c87d28a09305a42100d7e9
b0b5456e079b93dfe868be4c0f53b773e9ce54a95b2bd4f7460cf07cca557cf0
b228e3f3f5b48402cb7ec7ed96e1df9d58dfbdc59c03097581d6d9941cd06cd3
b726a2cced0a9e28dc93be27ae974937e87d68df8b09baf2a4fca2ba5c5a0404
be88542bc94765d005d79ae6d6119cdf5ac312260acee2a1d9cccb577d0e14ba
c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d2acb30ae6b758902448c385a50eb7c317dee6894e1fdbd20ca7130725a23847
d7a96e18645d3ee3a7a42407b25fea96cc5330c409c0593f032312a28255df26
d8f9fff758328d1c552a6f409395474cf1f43bcb8e96abd07073c2473308228a
e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea335e1de5f7b3743ec647c1f18cd6bebfa0c5bcc82028f0470ab3cea213bbc4
eb99ffb30fc879bb90e4024007da413e74223ae70e5003cc47abdb6c672aa321
f4bf28aee421e7e76b8b361506f36ae1dbc4450bd2ea13074d8daac02b71335e
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
fb60d4fab2712b8c5ade28625430a6a1a5b82c3b33068c2ad660ab061cedff32
fbc2e32e6ff7c44773e0ef8cc511776801a150dca548e642b9d1b50b07f8be27
fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

sofiapp.cfd Open in urlscan Pro 78.140.140.218 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

95 %HTTPS

52 %IPv6

18 Domains

25 Subdomains

24 IPs

4 Countries

1249 kBTransfer

4741 kBSize

9 Cookies

7 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sofiapp.cfd Open in urlscan Pro
78.140.140.218 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

95 %
HTTPS

52 %
IPv6

18
Domains

25
Subdomains

24
IPs

4
Countries

1249 kB
Transfer

4741 kB
Size

9
Cookies

81 HTTP transactions
0 data transactions