urlscan.io logo urlscan.io
SecurityTrails logo

www.sofi.com Open in urlscan Pro
104.18.33.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ablink.o.sofi.org/ls/click?upn=62LepVu039-2FQ-2FFRaRAB12ABCDEFGHIJKLMNOPQ4evSrwugOLMOPhEqDCs0f6ZYycaJ7a_4ZPAiyTlI2...
Effective URL: https://www.sofi.com/app-download.html
Submission: On December 08 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 104.18.33.107, located in and belongs to CLOUDFLARENET, US. The main domain is www.sofi.com. The Cisco Umbrella rank of the primary domain is 72473.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 3rd 2022. Valid for: a year.
This is the only time www.sofi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.56.25.118 16509 (AMAZON-02)
7 104.18.33.107 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
15 4
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 22236
87 KB
7 sofi.com
www.sofi.com — Cisco Umbrella Rank: 72473
279 KB
1 hcaptcha.com
cloudflare.hcaptcha.com — Cisco Umbrella Rank: 12753
80 KB
1 sofi.org
ablink.o.sofi.org — Cisco Umbrella Rank: 431640
471 B
15 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects challenges.cloudflare.com
www.sofi.com
7 www.sofi.com www.sofi.com
1 cloudflare.hcaptcha.com www.sofi.com
1 ablink.o.sofi.org 1 redirects
15 4

This site contains no links.

Subject Issuer Validity Valid
*.sofi.com
Go Daddy Secure Certificate Authority - G2		 2022-11-03 -
2023-12-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-02 -
2023-04-02		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.sofi.com/app-download.html
Frame ID: 23B3A054F5BB36A2914743542DD3AA15
Requests: 11 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 4FEB9AF381B05FA54B10BD7B48B83DB7
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome

Page URL History Show full URLs

  1. http://ablink.o.sofi.org/ls/click?upn=62LepVu039-2FQ-2FFRaRAB12ABCDEFGHIJKLMNOPQ4evSrwugOLMOPhEqDCs0f... HTTP 307
    https://www.sofi.com/app-download.html Page URL

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

486 kB
Transfer

994 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ablink.o.sofi.org/ls/click?upn=62LepVu039-2FQ-2FFRaRAB12ABCDEFGHIJKLMNOPQ4evSrwugOLMOPhEqDCs0f6ZYycaJ7a_4ZPAiyTlI2UbDwNljZkTA7tSqEeOJ5gBJBbwVvL7SrMkWoSsvkAyqasQJJcnD4xOccoTzZIh-2FfBdcCWENEgTyFdgmNNyWVx9B8el1BG5wS-2Bty3WTF9GhVBwFIJdpCVITILjTgABEJX4pINFk3-2BcGuzhrgyfZIOE6o1mSW3XubT3He-2FI9NPAuCzXjgE5iOP8MIAB12ABCDEFGHIJKLMNOPQ3X0471WXK-2FnXnjypvShBqdmAyy2nzW2W8hs2hphlEW3S4x3O-2Bc2-2FCqVoGyVpSpVcqR1qdF3vVQUPOp8EA4kHu2zAB12ABCDEFGHIJKLMNOPQ-2B-2F2NL8uvULWISHX3XhKz4J6OpDVhtKtx9D9u0j-2B250khDv-2FYCeyEe4piN9OHAW27BP-2AB12ABCDEFGHIJKLMNOPQV7TIZI4iRuj9ehOBGZjdeQKNnPKrE0K6Sta8-2BKImmuRbie2PV8O1p-2F1njD7v6sozv4Aq5fJFJYjeB3FVVlnVPUF7ZrD4E5zPMitt7L-2FQc1-2FP-2BiU-2F6PAQwjXi4fE3iiQuCfX6VPqQsF800JFhk-2BHki5Lk5LX6rtyXBlKPtT3DiaxF8PG8WG-2B39ISSHGQ4-2BgENBrRJLZLp-2FTanE0GO0CIAXIZ-2BcOPvCW-2B6vzhAB12ABCDEFGHIJKLMNOPQtDYS7BIpW8RLrbL-2B0DtLTVp8Ms7i9zCAB12ABCDEFGHIJKLMNOPQqhCYAB12ABCDEFGHIJKLMNOPQ5aFpIIujx5irQJH2E1dnWyo7hTWOVRcXHy HTTP 307
    https://www.sofi.com/app-download.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/915c1199/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request app-download.html
www.sofi.com/
Redirect Chain
  • http://ablink.o.sofi.org/ls/click?upn=62LepVu039-2FQ-2FFRaRAB12ABCDEFGHIJKLMNOPQ4evSrwugOLMOPhEqDCs0f6ZYycaJ7a_4ZPAiyTlI2UbDwNljZkTA7tSqEeOJ5gBJBbwVvL7SrMkWoSsvkAyqasQJJcnD4xOccoTzZIh-2FfBdcCWENEgT...
  • https://www.sofi.com/app-download.html
313 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sofi.com/app-download.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abf08052efb4d42d355118ab576a543faab054e01331fd768fbdf32de22855df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass
1
cf-ray
7767c24a0ea1bb91-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 08 Dec 2022 19:03:04 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKJKyMl%2FT8wXt2MehmEUzlBLAkbSrB1ciQxDmUxaJYoSoFWOsinYXq5xKlvcJzZAYPVtSrXE3u1%2FRYihhlKYoKfeALAibS9tYytwsEz4XR5dtFiGh8E8RG50B6RiTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Dec 2022 19:03:03 GMT
Server
openresty
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow
branch-server-fallback
Branch-Server-Fallback
cache-control
no-cache
esp-server-fallback
Error-Response-Email-Server-Provider
location
https://www.sofi.com/app-download.html
v1
www.sofi.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sofi.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7767c24a0ea1bb91
Requested by
Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38013c91aa52ddd73063163b3f46ae1fcefe2b581b400d763921f00fab91b2f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sofi.com/app-download.html?__cf_chl_rt_tk=6nS0Ua2ejf5y4iw6IimqwcrQon5jTilivpV_RgIGpkM-1670526184-0-gaNycGzNCBE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZHjoJm9ANVzMsEjH9nhJwhV7m6wLYu22s%2BQwCh1a4148YHZdx4y7jcYVX5scIWph5DuJKK2SuFJ0z9nPxmoYWuU86pIQyk96TVou8CJIBBAI5Mq1g4z4Ij%2FNFm9%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7767c24b08fcbb91-FRA
transparent.gif
www.sofi.com/cdn-cgi/images/trace/managed/js/ 		42 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sofi.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7767c24a0ea1bb91
Requested by
Host: www.sofi.com
URL: https://www.sofi.com/app-download.html?__cf_chl_rt_tk=6nS0Ua2ejf5y4iw6IimqwcrQon5jTilivpV_RgIGpkM-1670526184-0-gaNycGzNCBE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sofi.com/app-download.html?__cf_chl_rt_tk=6nS0Ua2ejf5y4iw6IimqwcrQon5jTilivpV_RgIGpkM-1670526184-0-gaNycGzNCBE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 02 Dec 2022 17:55:18 GMT
server
cloudflare
etag
"638a3c06-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7767c24b0902bb91-FRA
content-length
42
expires
Thu, 08 Dec 2022 21:03:04 GMT
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6292e56b84d52df8bf30d8066cb00c02955c80f2f8b0232ef45bdf9fd5cdc1e

Request headers

Referer
Origin
https://www.sofi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6820c0bd7e84991223198fb475a2c5163b3f16e490eccfed580435e90380904

Request headers

Referer
Origin
https://www.sofi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
binary/octet-stream
api.js
cloudflare.hcaptcha.com/1/ 		283 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Requested by
Host: www.sofi.com
URL: https://www.sofi.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7767c24a0ea1bb91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b0e6423efabd18996c0f2a57cb1acb977ccff0456dca71b2257312b82f9a9d9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:04 GMT
strict-transport-security
max-age=0
via
1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Wed, 30 Nov 2022 18:05:22 GMT
server
cloudflare
etag
W/"7d1663d2f7dac7d5e43b506d00d378b8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
7767c24b7bfb9158-FRA
x-amz-cf-id
jL4fq8pYUKCk1_YAj4ssLI3o8kwJGs1ZRXLurGmxwz_6H3y9GA8SCA==
ee37ab5864a39e5
www.sofi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7615090257410838:1670523869:g_KS-s_iwLoDWFVchhBc-O6spzeaKXvKo1pBudUjO5k/7767c24a0ea1bb91/ 		117 KB
62 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sofi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7615090257410838:1670523869:g_KS-s_iwLoDWFVchhBc-O6spzeaKXvKo1pBudUjO5k/7767c24a0ea1bb91/ee37ab5864a39e5
Requested by
Host: www.sofi.com
URL: https://www.sofi.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7767c24a0ea1bb91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15a4f62ed2e00fabdd3f95ba873e2bc88afe880adea2528ae7b3066a0c6ad4a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sofi.com/app-download.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
CF-Challenge
ee37ab5864a39e5
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 08 Dec 2022 19:03:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf_chl_gen
hP2Prl9Ls1gk0Tsw/7MAiN01yP56dvPsNPWsWUoVlOAB5Fu8C7bKN+9NW3dtOq2ig4oLDx1UXU4snqcITvJyafO1r8ccGvNq2piYr5uubgF7Am6UE+AFL355PWoA9BQCNSzRLEZE2pUrMhxkcP6mf4NJZrqFsFJOG9N82RMkynSpH/rPtKv7Q6G5uw7JlqswdhOOQjr/zDJIdg4BC3/XN3fH5vW/+C4tB03+bACt4YQvd6K3jfIqlxf4P0oWO8BuGpIqDdV+J51HliAN6dpD+3Cj4W88nOt/tD4e2p6YkYrhFDYiOu32hyK6XZ+8+F1F$wVarU9VzKNdZyAsYRuye3w==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUyDKoECKvMx7bgulCD0xlA4zb0Qu9dTAGQNOYhgnhyrPurRylxOO%2B4jmC8s0q48Subyfm79UhZSS5ciciOdUGPLGZk96G5c49AdfbeWlhmGImw21McvvXJtPodp1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7767c24c0b58bb91-FRA
Ae_cs-GiczgWe9W
www.sofi.com/cdn-cgi/challenge-platform/h/b/img/7767c24a0ea1bb91/1670526184347/ 		61 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sofi.com/cdn-cgi/challenge-platform/h/b/img/7767c24a0ea1bb91/1670526184347/Ae_cs-GiczgWe9W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b097e8667f562ccf97bbc9f8b523afe41c0cda4456110b615cae6b93b5282c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sofi.com/app-download.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj6ytNZqm8lLWxycHwXiHJulnFcWz6MXJdsM4bF%2FJmG0YBzQUkGAqe2IxkBiU5r9az2D2Xg7cVPpH1X%2FUOb2ps4%2BSp%2B9WIM2I6fV472DDkDaO9TRcTc5TeM%2FUkS%2FbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cf-ray
7767c24f4b62bb91-FRA
vZ6f6fUL_AqB-WN
www.sofi.com/cdn-cgi/challenge-platform/h/b/pat/7767c24a0ea1bb91/1670526184349/6c51930bd03af7c921a4d3f91a142fb2dd5cb399d27e17a1ef83b918b201a63f/ 		1 B
780 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sofi.com/cdn-cgi/challenge-platform/h/b/pat/7767c24a0ea1bb91/1670526184349/6c51930bd03af7c921a4d3f91a142fb2dd5cb399d27e17a1ef83b918b201a63f/vZ6f6fUL_AqB-WN
Requested by
Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sofi.com/app-download.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gbFGTC9A698khpNP5GhQvst1cs5nSfheh74O5GLIBpj8ADHd3dy5zb2ZpLmNvbQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAmD3IvteToI8EsMoGLgLOgtLTktXI-87yGsx2pSGGzDeT4O9B7A086g7743oSR38rOGuJjQXF7guCKhbUl2Eooc3e1tVJSKKpfokrVROYfmCKvOnuXkVmRnAjsT5OQlvcuEdiPCy1Xi0ljKHZODYr8XfT4OZAQ9UcFLD1qQzRQDpyVfo3E3DFWi1HVoq19qYKvDFPIkMj2j5y0Qs6z5IHyLIpCMu3pXw1C3FkluM2vwMSkdLnLf0tJ5CY4hCv2DiGKbIkYhDyf5q472B7t00KF0u9hsZ_cwfxUwa8ryNnwN1ZD39zzhNvjPKKbBLpA4k4T5l1rnhGiP9zz2OE-r0pKwIDAQAB, max-age=15
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2g5y5H0e%2BxujSQKmOJJJyjlB20%2FssjrCvAqYWZsUaWg%2BSu2NQQpC%2BXfnBXGw44UnLX3aqNq4sF9F9y3F19P6kt7rgLAJt5FwsalClzLEom3ERFt0Lbbz6kOgTkF6Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7767c2552987bb91-FRA
ee37ab5864a39e5
www.sofi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7615090257410838:1670523869:g_KS-s_iwLoDWFVchhBc-O6spzeaKXvKo1pBudUjO5k/7767c24a0ea1bb91/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sofi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7615090257410838:1670523869:g_KS-s_iwLoDWFVchhBc-O6spzeaKXvKo1pBudUjO5k/7767c24a0ea1bb91/ee37ab5864a39e5
Requested by
Host: www.sofi.com
URL: https://www.sofi.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7767c24a0ea1bb91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49873a2acb50cca27257da2dbab32ed9e627b79e6bac8077a5ce429a3c8cc6f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sofi.com/app-download.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
CF-Challenge
ee37ab5864a39e5
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 08 Dec 2022 19:03:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf_chl_gen
y4BTejZ5Yt6VF9BCp8hMf/bF6AeNv5Qfi6EXBOKA/4s=$08X6utE8GiPnX6OEPae49w==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO0rvFY1245kkfc%2FQxMA3R90wnMFHY9by8FC9mVxKGmzdtPyX%2Bp3c3Lx7gQ%2BeYBg5jBL9iY7J3Ycxb5%2F%2FJKyTpgBjnO%2Ft982MPpAyig%2BfDXRwBnFBeceICqo9m%2B%2FJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7767c255eb4cbb91-FRA
api.js
challenges.cloudflare.com/turnstile/v0/b/915c1199/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/915c1199/api.js?onload=_cf_chl_turnstile_l&render=explicit
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/915c1199/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7b3df2dfbe03ad34226a9df2d7076835c33da4299a3e310bd48d8cf30d40f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
7767c256c875926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
/turnstile/v0/b/915c1199/api.js?onload=_cf_chl_turnstile_l&render=explicit
date
Thu, 08 Dec 2022 19:03:06 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
7767c256a83c926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
accept-encoding
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 4FEB 		19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11fef3c3f0dbf7380fb488d01d2b052c17adb9f134ae8daee4e80cb0b3f16855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7767c25728b4bb4a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 08 Dec 2022 19:03:06 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 4FEB 		59 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7767c25728b4bb4a
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f72c86a1adad4c2f18e4caaedbe9a707e0273f8d007e5bf87397f8ccdd949d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:06 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7767c25789afbb4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
d10fcdd4d2c8535
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5175789598056245:1670523886:9J-ZpZxBQrIAsw4n-Wk8xd5WX6tYBg-stQWsoVWEv9s/7767c25728b4bb4a/ Frame 4FEB 		81 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5175789598056245:1670523886:9J-ZpZxBQrIAsw4n-Wk8xd5WX6tYBg-stQWsoVWEv9s/7767c25728b4bb4a/d10fcdd4d2c8535
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7767c25728b4bb4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02410cc3a90a1c3dbf4e6d5c9b2b9db696916a0e38c11cf0a4030b6190b3111c

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
CF-Challenge
d10fcdd4d2c8535
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 08 Dec 2022 19:03:06 GMT
content-encoding
br
cf_chl_gen
mDW11f1j7RLw7N82vex4MAuYXAaYxv6WNgoURd0NMxRZab3i2G8DAVwASGBRPDcNWgWDuSuPakWvmw99cPow1ENYEOpuwTKkoiYxodFGhL758m+uJsTtjcqnLhG6eH7MSOM28ySGTWMq2pH5j6B4GwyUX0KojefkFfNg0z1SIBmoPAoZ7HHfvMBP27QGRC4eyybVSeo5/09rnzBGJx4SnVITkuSqE3iR0y1HGjjf3RhbJJTMFZ5R9ntyT/bS0KAMmW5dfjFqMYdQst9/GUMUBAEG0X6bMcZmmhi4JERcyXSvLQ6wyD9+vtB0C+pCJm2DHC6GJaPakCGxWBrqKb9DQsjGQ098Pwqnag+ZIEn6Ltk=$S/aEGw2DOCm9iLQ7YWcwZw==
server
cloudflare
cf-ray
7767c2587b82bb4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
C7tjLJK_MlVF9lq
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7767c25728b4bb4a/1670526186330/effa7a4b81bfc5730f9d5a7a036f006dd34cc170660d4f70592fb30985178d54/ Frame 4FEB 		1 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7767c25728b4bb4a/1670526186330/effa7a4b81bfc5730f9d5a7a036f006dd34cc170660d4f70592fb30985178d54/C7tjLJK_MlVF9lq
Requested by
Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:06 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g7_p6S4G_xXMPnVp6A28AbdNMwXBmDU9wWS-zCYUXjVQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAmD3IvteToI8EsMoGLgLOgtLTktXI-87yGsx2pSGGzDeT4O9B7A086g7743oSR38rOGuJjQXF7guCKhbUl2Eooc3e1tVJSKKpfokrVROYfmCKvOnuXkVmRnAjsT5OQlvcuEdiPCy1Xi0ljKHZODYr8XfT4OZAQ9UcFLD1qQzRQDpyVfo3E3DFWi1HVoq19qYKvDFPIkMj2j5y0Qs6z5IHyLIpCMu3pXw1C3FkluM2vwMSkdLnLf0tJ5CY4hCv2DiGKbIkYhDyf5q472B7t00KF0u9hsZ_cwfxUwa8ryNnwN1ZD39zzhNvjPKKbBLpA4k4T5l1rnhGiP9zz2OE-r0pKwIDAQAB, max-age=15
server
cloudflare
cf-ray
7767c25ac8aebb4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
c_h91uXO9yR40rs
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7767c25728b4bb4a/1670526186331/ Frame 4FEB 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7767c25728b4bb4a/1670526186331/c_h91uXO9yR40rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
573c36d7ad452885cbda19890e57dc7438cfa4ba7ff1d42f34f2750fb31a323d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:03:06 GMT
server
cloudflare
cf-ray
7767c25c1ba3bb4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
d10fcdd4d2c8535
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5175789598056245:1670523886:9J-ZpZxBQrIAsw4n-Wk8xd5WX6tYBg-stQWsoVWEv9s/7767c25728b4bb4a/ Frame 4FEB 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5175789598056245:1670523886:9J-ZpZxBQrIAsw4n-Wk8xd5WX6tYBg-stQWsoVWEv9s/7767c25728b4bb4a/d10fcdd4d2c8535
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7767c25728b4bb4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3efd873dcb5b814d00c6c5281e3d89cf14905648400492779f6f44bcf39319a

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/eteem/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
CF-Challenge
d10fcdd4d2c8535
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 08 Dec 2022 19:03:07 GMT
content-encoding
br
cf_chl_gen
FcvjZF/gr5sJpoR8EGA+gCFJv2SOMZECY/zDvb1XEJc=$40M1HQ90xvwQPcuOIfcd5A==
server
cloudflare
cf-ray
7767c25e597dbb4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| _cf_chl_opt function| _cf_chl_hload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 function| sendRequest object| _cf_chl_ctx string| _cf_chl_hlep string| prefix object| Raven object| hcaptcha boolean| _cf_chl_hloaded object| _ function| _cf_chl_turnstile_l object| cfChallengeAPI object| turnstile

1 Cookies

Domain/Path Name / Value
.sofi.com/ Name: __cf_bm
Value: rfN7ovq_39DcMArB2oXLr5qYtwDXVbpE_0lDTRff1G4-1670526184-0-AdNAVsC+t+/UgxaJR6sLn/Y01rR65CYim1oMMq9MlrGDXZ2UFOB8NHe57ubldtLucR1MQGLFsApx4RImh6Fb3/M=

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://www.sofi.com/app-download.html
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.sofi.com/cdn-cgi/challenge-platform/h/b/pat/7767c24a0ea1bb91/1670526184349/6c51930bd03af7c921a4d3f91a142fb2dd5cb399d27e17a1ef83b918b201a63f/vZ6f6fUL_AqB-WN
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7767c25728b4bb4a/1670526186330/effa7a4b81bfc5730f9d5a7a036f006dd34cc170660d4f70592fb30985178d54/C7tjLJK_MlVF9lq
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN