sofie.pages.dev Open in urlscan Pro
172.66.44.91 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sofie.pages.dev/
Effective URL:
https://sofie.pages.dev/
Submission: On September 27 via manual (September 27th 2024, 7:07:04 pm UTC) from MX — Scanned from DE

Summary HTTP 72 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 7 domains to perform 72 HTTP transactions. The main IP is 172.66.44.91, located in United States and belongs to CLOUDFLARENET, US. The main domain is sofie.pages.dev.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.

This is the only time sofie.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online) SoFi (Financial)

Domain & IP information

	IP Address	AS Autonomous System
7 52	172.66.44.91 172.66.44.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.241.55.115 44.241.55.115	16509 (AMAZON-02) (AMAZON-02)
17	91.235.132.67 91.235.132.67	30286 (THM) (THM)
1	18.66.122.44 18.66.122.44	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2251:de00:10:8d:3740:21	16509 (AMAZON-02) (AMAZON-02)
2	172.64.149.225 172.64.149.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.194.168 13.224.194.168	16509 (AMAZON-02) (AMAZON-02)
1	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	2620:f3:0:14:... 2620:f3:0:14:b401:8ee8:4321:ad82	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
72	12

52 172.66.44.91 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

sofie.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.55.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-55-115.us-west-2.compute.amazonaws.com

fontmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 91.235.132.67 (United States)

ASN30286 (THM, US)

st10.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-44.fra60.r.cloudfront.net

js.dvnfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:de00:10:8d:3740:21 (United States)

ASN16509 (AMAZON-02, US)

d3331otr86r7j1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.225 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

fp.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-168.fra2.r.cloudfront.net

d32ijn7u0aqfv4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:f3:0:14:b401:8ee8:4321:ad82 (United States)

ASN30286 (THM, US)

h64.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

5ugj8dr8woxlis6va4n7am3cqxrmedtqxq2chvikca3c3c800709e9d2am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	pages.dev 7 redirects sofie.pages.dev	1 MB
19	sofi.com st10.sofi.com — Cisco Umbrella Rank: 142629 fp.sofi.com — Cisco Umbrella Rank: 190401	84 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3451 h64.online-metrix.net — Cisco Umbrella Rank: 2673 5ugj8dr8woxlis6va4n7am3cqxrmedtqxq2chvikca3c3c800709e9d2am1.e.aa.online-metrix.net	837 B
2	cloudfront.net d3331otr86r7j1.cloudfront.net d32ijn7u0aqfv4.cloudfront.net	35 KB
1	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 351	2 KB
1	dvnfo.com js.dvnfo.com — Cisco Umbrella Rank: 111160	42 KB
1	fontmetrics.net fontmetrics.net — Cisco Umbrella Rank: 374980	74 B
72	7

	Domain	Requested by
52	sofie.pages.dev	7 redirects sofie.pages.dev
17	st10.sofi.com	sofie.pages.dev st10.sofi.com
2	fp.sofi.com	js.dvnfo.com
1	5ugj8dr8woxlis6va4n7am3cqxrmedtqxq2chvikca3c3c800709e9d2am1.e.aa.online-metrix.net
1	h64.online-metrix.net	st10.sofi.com
1	h.online-metrix.net	st10.sofi.com
1	d32ijn7u0aqfv4.cloudfront.net
1	d3331otr86r7j1.cloudfront.net	sofie.pages.dev
1	cdn.cookielaw.org	sofie.pages.dev
1	js.dvnfo.com	sofie.pages.dev
1	fontmetrics.net	sofie.pages.dev
72	11

This site contains links to these domains. Also see Links.

Domain
www.sofi.com
login.sofi.com
support.sofi.com
www.onetrust.com

Subject Issuer	Validity	Valid
sofie.pages.dev WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
fontmetrics.net Amazon RSA 2048 M02	`2023-11-07` - `2024-12-05`	a year	crt.sh
st10.sofi.com Go Daddy Secure Certificate Authority - G2	`2024-03-26` - `2025-04-05`	a year	crt.sh
*.dvnfo.com Amazon RSA 2048 M03	`2024-04-22` - `2025-05-21`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.sofi.com Go Daddy Secure Certificate Authority - G2	`2023-11-28` - `2024-12-29`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://sofie.pages.dev/
Frame ID: F881777968F59B20DA4F71AC249A5383
Requests: 28 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource
Frame ID: 6E8F47D24B846092C704369D25BC46E3
Requests: 2 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Frame ID: 5BD5B1A81588CCE50BCEBDE907D1CE77
Requests: 18 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/HP
Frame ID: 2D2B6B62E66962A61B41EBF88B7BBCFB
Requests: 2 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp
Frame ID: B9F5DE2F0F16B5757CE1640CEBD57196
Requests: 2 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp
Frame ID: 5CA09FC8B5D55AA86AB8C443019FC9E3
Requests: 2 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp
Frame ID: 764CFF16E43EB8085A325763BDDAEDBD
Requests: 2 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/check.js;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&jb=3532242462736f75354e6b6e7570266a736f3544696c7770246a7162773d4b6a706d65672668716035436872676f67253238313239
Frame ID: 84069D7961C0FC3DA3520794F5599DCB
Requests: 12 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/HP?session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&org_id=5ugj8dr8&nonce=ca3c3c800709e9d2&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 2BBD8012B3C7B4055F2BE5AE2ADCCEB6
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/ls_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2
Frame ID: F0724928999FC3233DBCFCDD48965D9F
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2
Frame ID: 2CB7BDCB201D2DC1D0039F8DB6D63D40
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/top_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2
Frame ID: 441ED58DB217BEDB250F09DA949A9FB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - SoFi

Page URL History Show full URLs

http://sofie.pages.dev/ HTTP 307
https://sofie.pages.dev/ Page URL
https://sofie.pages.dev/cdn-cgi/phish-bypass?atok=lke3kb3WRuCbH216DkZQRReEIZubFAmGTwB_6vSF1CA-172746... HTTP 301
https://sofie.pages.dev/ Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

72
Requests

100 %
HTTPS

27 %
IPv6

7
Domains

11
Subdomains

12
IPs

1
Countries

1461 kB
Transfer

2369 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sofi.com/

Search URL Search Domain Scan URL

URL: https://login.sofi.com/u/login/password-reset-start/sofi-auth-db?state=hKFo2SBCLWtWVFRHMlpwZDFtQzdZUzNQbmRaWHV5dnk3aUQ5UaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGg4bG5xeHhCQldYZW5BRXRoRE1WOHJvQUxhb3FhT3Jyo2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://login.sofi.com/u/login?state=hKFo2SBCLWtWVFRHMlpwZDFtQzdZUzNQbmRaWHV5dnk3aUQ5UaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGg4bG5xeHhCQldYZW5BRXRoRE1WOHJvQUxhb3FhT3Jyo2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I
Title: New to SoFi? Sign up

Search URL Search Domain Scan URL

URL: https://support.sofi.com/hc/en-us/sections/360010482151-Troubleshooting
Title: Help

Search URL Search Domain Scan URL

URL: https://www.sofi.com/terms-of-use/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.sofi.com/privacy-policies/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sofi.com/online-privacy-policy/
Title: SoFi Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sofie.pages.dev/ HTTP 307
https://sofie.pages.dev/ Page URL
https://sofie.pages.dev/cdn-cgi/phish-bypass?atok=lke3kb3WRuCbH216DkZQRReEIZubFAmGTwB_6vSF1CA-1727464013-0.0.1.1-%2F HTTP 301
https://sofie.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sofie.pages.dev/ HTTP 307
https://sofie.pages.dev/

Request Chain 22

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource

Request Chain 23

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1).html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Request Chain 24

https://sofie.pages.dev/Login%20-%20SoFi_files/HP.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/HP

Request Chain 49

https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp

Request Chain 50

https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp

Request Chain 51

https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
sofie.pages.dev/
Redirect Chain

http://sofie.pages.dev/
https://sofie.pages.dev/

4 KB
2 KB

123ms
48ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

459c1d18cc02ee9b48412ad3fec4ff4a5cd528a65e130ba282414ee768d296b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray: 8c9dc6050f9162b4-HAM
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 Sep 2024 19:06:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ldXehZtix%2FzeTKZg%2FudNWHSE1MBo3Zj%2BXvtvrMUTZg8zA%2FGaQ72DCcCHGuxftFnhemdkiwC0ybML%2B3bbzfWvnCP7j%2BnyLkU5uDSJBC8B3UFo1d6bf9IF2Gya%2BpNhuZ%2FSllw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://sofie.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H3 200 speculation
sofie.pages.dev/cdn-cgi/ 2 B
384 B 49ms
49ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQRPjUU59po2vXIV015VwSc6TVGaYebRl%2FWdEgIiBV89gBc5fBnyLgtHO1BkPRiRCvLyX%2F%2FnuK2mp1yVQBZ2jtnZQQagoR2jfGyitGfNa52sOiiw3RCKrfPBMbNqa5E8aJg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9dc605683362b4-HAM
content-length: 2
date: Fri, 27 Sep 2024 19:06:53 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 cf.errors.css
sofie.pages.dev/cdn-cgi/styles/ 23 KB
5 KB 46ms
46ms Stylesheet
text/css 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/cdn-cgi/styles/cf.errors.css

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"66f31df3-5df3"
x-content-type-options: nosniff
cf-ray: 8c9dc605683662b4-HAM
expires: Fri, 27 Sep 2024 21:06:53 GMT
date: Fri, 27 Sep 2024 19:06:53 GMT
content-type: text/css
last-modified: Tue, 24 Sep 2024 20:15:47 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
sofie.pages.dev/cdn-cgi/images/ 452 B
635 B 50ms
50ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "66f31df3-1c4"
x-content-type-options: nosniff
cf-ray: 8c9dc605b8a062b4-HAM
expires: Fri, 27 Sep 2024 21:06:53 GMT
accept-ranges: bytes
content-length: 452
date: Fri, 27 Sep 2024 19:06:53 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 20:15:47 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
sofie.pages.dev/ 191 KB
40 KB 161ms
161ms Other
text/html 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c516cf50ccaf93a37440aac1019c0e1c0a3e17df87ffe4cc66272fcb830db58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejuBowUHp%2BF%2F1CGzD8Q0eDLQ2U7FTghnkVs0yV2SoV3lfJ97AkutfHLioyI7bR7pjZY2FQndQyXOx6qxp04LJjc6PMIt0wTZFKvHKmrj2jgPs296v3S70ASJH9Q6C3bvq48%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc606092662b4-HAM
access-control-allow-origin: *
date: Fri, 27 Sep 2024 19:06:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3

200

Primary Request / Show response
sofie.pages.dev/
Redirect Chain

https://sofie.pages.dev/cdn-cgi/phish-bypass?atok=lke3kb3WRuCbH216DkZQRReEIZubFAmGTwB_6vSF1CA-1727464013-0.0.1.1-%2F
https://sofie.pages.dev/

191 KB
40 KB

73ms
73ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c516cf50ccaf93a37440aac1019c0e1c0a3e17df87ffe4cc66272fcb830db58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c9dc625596862b4-HAM
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Sep 2024 19:06:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8LxNXvBnNFzr3ZuHC0DuaNw4HY9Ri6Nq2AshJETbVUjnrrqJMrJ7ewCA4aH5Kcb%2BQo84A5PDiuRVCoYYLscbnfRBsX07GPaAyC9i1sb2tGT9heK5uE7MmmDIK1K9uFkFlrE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: private, no-cache
cf-ray: 8c9dc62518c762b4-HAM
content-length: 167
content-type: text/html
date: Fri, 27 Sep 2024 19:06:58 GMT
location: https://sofie.pages.dev/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 speculation
sofie.pages.dev/cdn-cgi/ 2 B
384 B 51ms
51ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWtOrZuUnHTnu5cxox9wCmF6TBHJbfscSY7PyW1RvIwAexlBbDvAU%2B1o3vbS3kFTmWXHR3JMWzu0VEMoYF0fhS%2B57MxsWjpIBBHVcctiDwas4JME%2F1Ib5suxYaLWmDpyxyc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9dc625da4462b4-HAM
content-length: 2
date: Fri, 27 Sep 2024 19:06:58 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 main.cdn.min.css
sofie.pages.dev/Login%20-%20SoFi_files/ 278 KB
56 KB 147ms
147ms Stylesheet
text/css 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/main.cdn.min.css

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e01ee182c3edd33151075d139238cd34bfd31434ffd3b93d6caf940a2cad19a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"76f5acfc7f4fe5754dadf133f69b2dbf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzHSgMn0GUDDJ2CJ4RvAezB%2FS7GjIarxXlxpUCnI7PreV%2FVq0dZiXClWBjHz1a0g2lkeuqCsREFmO4MAXspOgkHTmldB%2FJPWsb%2BRGyB7NZmMvPsj78cM2k50PNFsc4rR0iE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc625da5762b4-HAM
access-control-allow-origin: *
date: Fri, 27 Sep 2024 19:06:58 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 datadog-rum-v4.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 150 KB
150 KB 107ms
106ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/datadog-rum-v4.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "a1a2da28fed42a6f82f2f8b5761dd889"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DT7H%2FSndjMfdZeeNu7fmGCRkOCbtg0IslRg3l7tHgO4mExc5YkqnEhHkQneEQ0NefJW%2F3cdoXcZpwCC7fDm0Z%2Fc5zOHB%2F%2B9QSVpnWPsPkaE7xV3Wda2vn2EyW6xgA0OL7%2Bg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc625da5a62b4-HAM
access-control-allow-origin: *
content-length: 153156
date: Fri, 27 Sep 2024 19:06:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 tags.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 94 KB
95 KB 148ms
147ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/tags.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1b04e44e13264e635725b5000b61906440495517d32db66f38f2dd7f5eb7c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4194f1d2515128b68422e33fd8a7381a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFaqsKcjO59eFGeZKw9M6bJuA%2BwflcoDHqgZdLTpp9MdmRV0qTyrHhDLuO4H2awfMsnaKDD2afH4p34XTL%2BAjwi83eqHdqAPVBk%2BeF9GpqFw49hU902UpzgbFjxOQk%2FBOPk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc625da5d62b4-HAM
access-control-allow-origin: *
content-length: 96722
date: Fri, 27 Sep 2024 19:06:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 devicer.min.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 41 KB
42 KB 148ms
148ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/devicer.min.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "e488bbea3a9a385b6fb4069930804619"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrOLaAMECO0gCY0wWIyXH7r4c947IRsIIAyAzVUZMvnjc3OmcWW3Y%2B6AlAvDZMmWbVlNLaHKkFcAia0g5IAFRHKj8Vlb%2BHS1uk%2BUTEH%2FhmwpO9HmhpmXTbVBFVVF0yY%2BN4E%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc625da6162b4-HAM
access-control-allow-origin: *
content-length: 42146
date: Fri, 27 Sep 2024 19:06:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 otSDKStub.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 21 KB
21 KB 106ms
105ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/otSDKStub.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b076e67fe912df8ce03e6807c8fdf31b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fxw7S5H6DAoN9k4yc8ZKXzdm11TKVG3ioCys%2BNaa%2BOAGJeyr%2Bb3WU4TsMl%2FoWlwk89o3XXXjMxAo436n9GkQvmckVvbsUl1iKtg2C73qiuOEm%2FWfoBN1ocr1omdLIFSucUQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc625da6462b4-HAM
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 21216
date: Fri, 27 Sep 2024 19:06:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 otBannerSdk.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 381 KB
382 KB 98ms
96ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/otBannerSdk.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "2dae13afed9b5a040d2f8c549a070379"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDfulyMN2Wlgama700BQSmB7VAZfLGuFyERBFm%2FIfrJuXPB9xafAeNAf6r5CVPxVrd9HbgjzLyDCeChENphjPYcr0OpFaZKPHE3DzQDg5HTFq%2BO8LBY2OSmQENc%2B4BtyM%2BU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc627ad3562b4-HAM
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 390260
date: Fri, 27 Sep 2024 19:06:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sofi_logo_white_416x116.png
sofie.pages.dev/Login%20-%20SoFi_files/ 10 KB
10 KB 225ms
225ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/sofi_logo_white_416x116.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "cf50457f39fa22db7423b45f7bd67e7f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2F4MwjxMxXu5F3HYBAFarw7y4zJiJVBbJqlhmu0pdEWoLSlQ5lZU7cdw8ymlhGo4hyT0FWxRiO4K5E6s7KoGGFd2Ln9T2WDb5CKr4nubMZ8VTnqxLWQvfL2aYQAdxVGajw4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc6262b0062b4-HAM
access-control-allow-origin: *
content-length: 9807
date: Fri, 27 Sep 2024 19:06:58 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 7331d0a5289a23fb1966.png
sofie.pages.dev/Login%20-%20SoFi_files/ 22 KB
23 KB 163ms
162ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/7331d0a5289a23fb1966.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "1f550f47a56078534e65f09cb0e39623"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXpIh4uDdHGJS7XsYmiC31IoC%2B9fS%2BkCiQvlBzDJpwH6z%2BcgSG%2BtLbzjEzCCh2fzbE2vuGFJGMfHfIlxdANmQAcuLF0rTQQv1f02QL99QuHbKL0RIdXevDfC%2FMQGyx44sRk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc6268bc462b4-HAM
access-control-allow-origin: *
content-length: 22918
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 a26e7094b0235d2942ad.png
sofie.pages.dev/Login%20-%20SoFi_files/ 25 KB
26 KB 84ms
84ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/a26e7094b0235d2942ad.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8a2d3b01d16331376d2c9f72cd8329b0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hHN31ifumkf6oK0Khd%2BKkp0tOGI%2BXk33E4NOsyODQGIELPGrNes2EdFukUJ7M%2FzfZZlOQLYyYs8t4bO0CfGUrz2WU4dJhBMXVwnPflK0X34Yn5kXTHez7E7L88R7X2eBh8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc6279d1e62b4-HAM
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 26088
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sofi_logo_white.png
sofie.pages.dev/Login%20-%20SoFi_files/ 5 KB
6 KB 101ms
100ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/sofi_logo_white.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

531bfc51d17a7e129febf996996bfa92e3f75ce119f930f98e6297cf8c28f424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "9c94acd90ce39a7f0ae7d0c252ea1465"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5QaxbE79oheLoM1IUbygAOLiww8xXXViKG1iLyKBZXmCLa8N3Tblp7ySb%2BrweqG6rA7MP1zNUTbdrQgKvJVo1C6CVYPPWSDa0G8HpgVdg3nk0EiSi63k%2F4%2FiZSwU5K1oSw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc6279d3262b4-HAM
access-control-allow-origin: *
content-length: 5482
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear
sofie.pages.dev/Login%20-%20SoFi_files/ 68 B
522 B 98ms
96ms Image
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3087446afe87c5da27035fd77db71f3d9911966b3cd33a452f80d731fbf8159

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8f82f00b9c2c7991a901ca7dc1041e36"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3VUZ%2FbE6ayot4qPrgqlIZgWRCK9JFeXWOSbZraNsTvwKwdhy9sPlzu%2Fp8VIQyQGVs5n0ma0Q%2BrTxWDWpHEeSZzHtvhZOZT6D0sDf7YZDgJxbUSv8wazI%2BxSd1QUDYxWrOM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc627ad3362b4-HAM
access-control-allow-origin: *
content-length: 68
date: Fri, 27 Sep 2024 19:06:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Sofi_83x40@2x.png
sofie.pages.dev/Login%20-%20SoFi_files/ 3 KB
4 KB 291ms
289ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/Sofi_83x40@2x.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "d7a27abdbe1a050e46ceafbb4c233810"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9VN8RgmuFPPZjCgtE%2F8q7zaKGwTv8%2BHRfjIBu9ebfCDb3zF8jGh%2BSnXWiLvOgaNyfIbQL01kx5Es6y4kgVf4RL1T8MFDt5VROb7xislPmxQByWkiBzvLtpD%2B5aX5h%2F1SuY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc627ad3962b4-HAM
access-control-allow-origin: *
content-length: 3234
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 powered_by_logo.svg
sofie.pages.dev/Login%20-%20SoFi_files/ 5 KB
3 KB 91ms
90ms Image
image/svg+xml 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/powered_by_logo.svg

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"abfcc415dc9b4da4aa49439bb8bf3e0c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80cW%2Fo4Xq2iIuFtq9qzANvgfPHQg0xeFIsc1HOaP7OPIvjaAfR%2BysuadIBEtGrUiflIWVq1ZuyitOVuBHIxHhf5P0fQPNOpW3KEkTLLxjFYiSCgDeoydUxr927%2BLlV5cc5w%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc627ad3d62b4-HAM
access-control-allow-origin: *
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sofi.com.png
fontmetrics.net/ 0
74 B 743ms
307ms Image
image/png 44.241.55.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fontmetrics.net/sofi.com.png?u=https%3A//sofie.pages.dev/&r=https%3A//sofie.pages.dev/&ra=0.21795390944486948
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.241.55.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-55-115.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

apigw-requestid: ex1NHh2FvHcEPkQ=
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png

GET
H/1.1 200
OK tags.js Show response
st10.sofi.com/fp/ 95 KB
13 KB 175ms
46ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&page_id=1&allow_reprofile=1

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

36d35352915179175a83d7822d748ec6bb7e00c72dc34ee67be219982909b705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Keep-Alive: timeout=2, max=100
Date: Fri, 27 Sep 2024 19:06:59 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H2 200 devicer.min.js Show response
js.dvnfo.com/ 41 KB
42 KB 141ms
47ms Script
application/javascript 18.66.122.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.dvnfo.com/devicer.min.js
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

etag: "a9b687ac5b02886eefbb098c4495522b"
age: 75669
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 42146
x-amz-cf-id: fKzz6lUshwEY5a4jUd_X_ScZODtFMirqGzjkWqtzYcDSfIDVPXxlNw==
date: Thu, 26 Sep 2024 22:05:50 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 10:54:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256

GET
H3

200

saved_resource Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 6E8F
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource.html
https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource

149 B
553 B

190ms
190ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c9dc627fdb662b4-HAM
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Sep 2024 19:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FqsxaX04CgP2zCZlpizmGDSzUg%2FRl8xYGa3i8%2Bbc8Pkzn%2B4Hs7KTYc3OO1bdUiL5HZuCfeaFArUYqaSp%2F83otVda1kulW38t9sIpMEsFjxOUgnp6Grfu0iM1RW5qy7E%2FLc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c9dc627ad4662b4-HAM
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
location: /Login - SoFi_files/saved_resource
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGggJlLu4OTFeS7kdd1r0%2Fdw1DYnLMv61JBhgnmASrhJtvK0cpwq2oifjaZ%2Fj7Pkcw9rptQAasNBY5GsfzT1rs2s8ZN0tPaHcSX0AL0ICkzQHhDSqik4wl6HCobKBNXj8hQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

saved_resource(1) Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1).html
https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

4 KB
2 KB

189ms
188ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ad61dc5fe4a2ddda825bfc739ca6312f351f863daa399cebded5be4befb6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c9dc627fdb962b4-HAM
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Sep 2024 19:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NIqHKzxVn2CMfQi1EOyEAdKO7lrgPUsUTbi10K%2F5Z1aR5Bl977b6CL4b%2FAHptR%2BpCXP%2Bcz2THFK68gz%2BzJhIw90dGlQjf%2FDF9TVZNdV%2BmR4WkzMrG8Cb0hYlxB8xDkDF%2BpI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c9dc627ad4862b4-HAM
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
location: /Login - SoFi_files/saved_resource(1)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKZtkh4TeYFxSAG4Ef3GONMk2J4%2BNK0QXmA45fZq2mWv2mO1dEznbdHn%2BCQUiRRSraVFKYohL2kd8z0KLgiviR0J2B0vnjxmjobGEjmyHmBPltkcxeOn1sTxR3Ty1W5ooeI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

HP Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 2D2B
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/HP.html
https://sofie.pages.dev/Login%20-%20SoFi_files/HP

0
457 B

187ms
187ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/HP

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c9dc6280dc162b4-HAM
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Sep 2024 19:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuekIHzzErqXMfDvVnnZ3W3EuFTnb9IguPLnu%2FskqrFuIP%2FBapjMpXx9lQar%2Fm5cD7yJXNWN2%2BRiG1TVPr0LmjeCxS%2BMMA0A83XeKdQpvIAaShgLnBZJ288z2CNdtg4LGrI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c9dc627ad4962b4-HAM
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
location: /Login - SoFi_files/HP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQtczBne73F4BkSCm76pCpLf97CX%2BMBHTZFqvYz5sBWHuzWiBxncmgumS%2BZcl8FFnBPcsMxeZEruG9I1KYajUBHe86W6aXmFryOLS4jys7Q7l9qymYScJnP95DZNycSaGQU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 SoFi_Multi_icon_50x50_Ver5@2x.png
cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/bc742579-0b3e-4334-a7ea-e64a8d4f1d3a/c11d81c8-68c2-49c4-ae81-af347e6319e4/ 2 KB
2 KB 154ms
60ms Image
mage/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/bc742579-0b3e-4334-a7ea-e64a8d4f1d3a/c11d81c8-68c2-49c4-ae81-af347e6319e4/SoFi_Multi_icon_50x50_Ver5@2x.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

content-md5: l+87OFbbL6ySRiFyfS2kBg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DB767C7AAECFB0
age: 85456
cf-cache-status: HIT
x-content-type-options: nosniff
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: mage/png
last-modified: Mon, 26 Jun 2023 19:35:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8314e596-101e-000c-16ae-12ae8b000000
cf-ray: 8c9dc6284fa237cc-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1648
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 TTNorms-medium.woff2
d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/ 19 KB
20 KB 152ms
47ms Font
binary/octet-stream 2600:9000:2251:de00:10:8d:3740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/TTNorms-medium.woff2
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:10:8d:3740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/

Response headers

access-control-max-age: 3000
x-amz-version-id: tWFIccWSDU2FnlQO9nqnLRHMyfTsP1qd
etag: "3e26a26dab9abc3132782dba39642cab"
age: 73531
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-cache: Hit from cloudfront
x-amz-cf-id: guLZH0NWf0Pp8b9bSEY-q5LhD5hHZXdGeCTjL4v5km8SUz-dWC4HxA==
date: Thu, 26 Sep 2024 22:41:29 GMT
content-type: binary/octet-stream
vary: Accept-Encoding,Origin
last-modified: Thu, 19 Sep 2024 16:39:09 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=86400
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19760
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 6E8F 2 B
384 B 49ms
49ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7JpgOGO86eWmPTOh9kKZS0hOGR1dwqmGzySqnpOnHyl0OfPb%2F5D1s43x3Cn2rbcmbZYpmQv9I2T%2BO9zzuuNKh4Ye95fsKT9HsASf8Q01P4WvyCpDnGDIx0Lg2sb%2BRLKIrs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9dc6293f6462b4-HAM
content-length: 2
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 5BD5 2 B
384 B 94ms
47ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MP0yUo9w8Hs95mISO7mnXuQtpl%2FZ9ShYBX2IuUqgq3p%2F3LWQw2OhmlKgt2bV3rD9X6m52qA%2BfP51GqkPn79vC9E8cn9iY961ETxxwNzVAdlmQze0isdA897RHG%2F7OimaLr0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9dc6298fcd62b4-HAM
content-length: 2
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear.png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
467 B 87ms
86ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CkBvrQG%2B2lu0Og%2FiqMj3%2FHWmfgrEKVKWUdeubvhX2yXjsKf%2BhzcdVK0ffBabVr%2F1H6JtBhFKdh9EcvG4T6wTJnOIwyrK38DNwu8xGbL%2FIeXTehtcNfxlsc72Kwhfy1q%2F18g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc6294f7362b4-HAM
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 es.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 134 B
584 B 94ms
94ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/es.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d6733cf8650b87b9f3d0210b17f1a9f877a15e39f0d54a60fff89a45675f907

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4616eef37aedf75de220963badc2d7fa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JMGmIbjENtyb7dNU48fhEUiyN0VTq9DVAYj4gmGTDpa6C91RbnzYtrHFg1YTa7mnUsqI0dBUhGtl%2F6hiFsEW7TNLRihopQ4f34gSlryn7umvbVQDGB1zKvL4I%2FCRRIBS3vg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc6294f7662b4-HAM
access-control-allow-origin: *
content-length: 134
date: Fri, 27 Sep 2024 19:06:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(1).png
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 81 B
535 B 91ms
90ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(1).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b87004ef08cffb1fb9c44ce4fd1c0212"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IvuhPU%2BjuKOT1RkbWLokTgrmpcvsUFDNm%2BlWiBEpS08ScZioACi%2BxpYBhngX9jyDvuoSmXiNeCKRMWg8AvBtVPig%2F%2B4UfzmyRIiLLFtLdztZpekwPc1frSBII5TKLeHgaAY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc6294f7762b4-HAM
access-control-allow-origin: *
content-length: 81
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(2).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
445 B 82ms
80ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(2).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xG3e1oJ6%2FQGBWkOFNizpP1BJcaCxz14UZaHHfbBmnFMhfqvTopRM%2B5d0tdAVAtoVDxzYqTIIsnyrhRdCTbfOLiWOoZJyG9p9vpP%2F3BYPH%2FeVeL016ePRNvNc84z8JkVDf6U%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc6294f7862b4-HAM
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(3).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
441 B 62ms
62ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(3).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=arY6Vw3VfO3zUn3RXTisPz6tn%2BX6fZ3nnm0ewIwjQuLuhaUJQqJJPN54oKrSSBY%2Bka03KkRqCTiedp0qf6pwvFhUM7TRluY2roxKMJCHsbVzuuxTsUlaEiojtgpaNgpnKUw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629c84262b4-HAM
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear3.png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
445 B 75ms
74ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear3.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iDhEmI4sv75SBIo891tFedvdjnl%2FFbSNItthjhye%2FRqGprSYOhGu1eMnQD%2BbRJFwrHQBvgWilCm9L60OwmFbN8BVKMU%2FThMcdfQnBzuatsFR6B9ewf2qMTkiC6iQ4W0e%2FqE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629d85862b4-HAM
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(4).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
442 B 79ms
78ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(4).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmpztS3JEvD%2BDw8UyiYmUVBLhd9ZvwJsYWHjNB1paN5IxFl0K5Ykp8Ft%2FoojorNsY1ADcW9sEy9oO21%2BVIey0PqCOXsboYZoF8ckxR1kn4kmAl8nDPBzidrZpb6wuv9G0us%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629e85f62b4-HAM
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(5).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
449 B 69ms
67ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(5).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppxV8vklhF84%2BVyTxqlIN8kA9bq5OL%2B5Ey6uut0Joj%2BTH691x9p04H%2BQ92f0ofdh%2F03afjyt6DiLtZROnSFvqRzA5%2BG2ayEGLZTnmL7Tn%2B4Ns2VseA%2FXPxm31oCCuJVJ72Y%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629e86262b4-HAM
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear3(1).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
450 B 67ms
65ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear3(1).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FKA0hBsdeSuUc8LXUmDtmUTckjRvRD2K%2F%2BH27POxhZZFB9%2Fh0r1r0F0TCmW%2Bkj%2BiPh4Iw87hm6vnVNI6Wzvb8rD3reOxTMTBLffJLSieqs1C7EdOOdR9O%2FVRlqxwvKrukzs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629e86362b4-HAM
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear1.png
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
444 B 70ms
68ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear1.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJ4w79XIeiQkENVTNVO7fF5UD3Nkr0Df1zQDbLPidI9gAHAbAEtCRUm1bzUYcPq9xiJHdcwDl%2B%2B93xloI3FZCS6az54h2OL%2FrqeCfrdAC8LQqoO4RDnXMo5MWAmUEPZ6vTI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629e86462b4-HAM
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 clear(6).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 0
445 B 74ms
72ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(6).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIoVYsP7YEnTHcCzTk5JjivYgpNT0k%2FE%2BZd5RwhnNEy5pX%2FdnmUw5vWu%2FG03YLc9qNZBatBzo0BVe1JXFX6nORDOwulCsnFan31UD3wfd8penCFVzWLm5jirdtwx3M3qphU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629e86662b4-HAM
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 204
204 clear3.png;CIS3SID=73C3C92285AD10012B157EE96029AE07 Show response
st10.sofi.com/fp/ Frame 5BD5 0
218 B 44ms
42ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=99
Date: Fri, 27 Sep 2024 19:06:59 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 204
204 clear3.png;CIS3SID=73C3C92285AD10012B157EE96029AE07 Show response
st10.sofi.com/fp/ Frame 5BD5 0
218 B 86ms
42ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear3.png;CIS3SID=73C3C92285AD10012B157EE96029AE07?org_id=oiwd0wpz&session_id=9f681a74-0fc3-4664-9102-9e289ab8392a&nonce=97996d36fb90c329&je=3933342e26726776353a322c343e3634352c382636303238382c32263f3532383224332e38323238302c332e383032323224312c32303838303a404c5745666f6d3a4a52373b2c343f342e3f372e3731312c34362c3d31342e343126323633324952332638303232514b5d3032415657363a464d57393232

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=98
Date: Fri, 27 Sep 2024 19:06:59 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H3 200 clear(7).png
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 81 B
534 B 73ms
72ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(7).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b87004ef08cffb1fb9c44ce4fd1c0212"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FN%2BaQcyOZJ06h4AbIXV2orNSkYfQQstL6fq3O%2FKb3B92OWvThlvijyQzrNy6uR%2BpVAQzbP8CmOcisqfKp9ekeyH08BN6hQwCz8xrf2m0gB5igJaG8JTMz3Y8wyDo1CeDtM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629e86862b4-HAM
access-control-allow-origin: *
content-length: 81
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 check.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5BD5 380 KB
381 KB 112ms
111ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/check.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08c4523f38d0898e4dfe1409e82a373b099a21265d48b784364468711d02c007

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "354c9e8d2ad9a45e8472d70985499272"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WlI%2Bhrvbu0FtKVH%2BAfA%2B9Iopr12ajcQpX8SysPZ8GK0V%2BwJAk9cloRaAhBjxChjC%2BMzYEHk2qH2%2BZ0etD7%2F1oUP55LNi3MZKWqry19GPBshAMJAIzb32NapWUGp61U%2FbMs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c9dc629e86a62b4-HAM
access-control-allow-origin: *
content-length: 389076
date: Fri, 27 Sep 2024 19:06:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 2D2B 2 B
390 B 137ms
49ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/HP

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kFpFPWZLjhtzhNV%2BlcS%2B6EGj77MyPeopgVxW5jtxzQEZTN1ZB9KlVA%2F6N48bUu4Ak3nTNQP15kTwQ%2FVM3lk9D00GMESH8oD%2BNIqr65fUd3L4Wp4Ft5pc39HdVT6TuIK%2FgfA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9dc629d84d62b4-HAM
content-length: 2
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ingestion Show response
fp.sofi.com/api/ 207 B
1 KB 288ms
199ms XHR
text/plain 172.64.149.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Requested by

Host: js.dvnfo.com
URL: https://js.dvnfo.com/devicer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f98d8a9e5c57c7ca09d9494674f525838feddd429705a2f82099f2028a4c974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

domain: BYFxAcGcC4HpcgewGYEsCmA6cBDA5upJgCboBuQA
pkey: CwZgjA7BDGBGCcBaW0AMBDRwz1Y+ATAQGyIFgCsAZlRPBemCAUA
attributes: N4IgzgJg1gagpgJzASwPYDsQC4QEYB0uIANCMmAMIZhzoAuy6A5tnQgK5ykCGdbyAI3Z04YbKAYBbOAFV6yADYVuChdhABWAJxaSIdjQQBBJrTrqAsqgBeihdwD0G-AAYABAAoAGrlwBuNwAZRnYADzdQgA4ANgB9aIAWAEo3IwAHNIU4AHU4AQBpZDonAGYAdnwS6M98gAkAFQtA4jcFZCg4NwBxOABjKFQUigALBFRpB1wAJi1XOfcAZW4AM24EZFKKqr0AdzyIdYA3RHVVhRo9e2Z2blN1CDgAWge9XtQFVAQAETg0umH1FMEnoHodkL04BY4JJPgBPdSRPRpZChOAKABKvDQ6iIpGRqIUPz+AJwQL0n2QZixGHqsLScHUVwgYF63HpjzS60ka3hpGGawgOzWcCo6F67AQCFovXhOGi5OEiHRonewjQmBwuGiLhcoWmOt2jAgqB2yrAqoYGBx2t1+pcehZUtoZot6utOr1UwNPEO3EU3AEWQWvSd6BdCjVVs1Ns93pAUjg1gwcAA8stljRzDhHvq9Amk+gGTgAKIS1D0hwAIUQbUwpBoYBQGAWdE+tyL8Y4DNIH1ZChbbbuODYnD0RrgqIgXwE6hH3ZA3AgEGr-LBn1OKgupHLtC+vAD3AuODOW5AmV4y0+knUwXQYQiMXiwLxEaYjDEOAACl8AGJuGCUnsCAAD6fp8dABlkbhfKg4rSPQbg-levDAQAPGymTgtS6AOGkEDLMBeHLH4IihMURGEfhAB8xAjGM0huN+f4AXAQGgeBkGdDBcFmIhyF0GhGFtKylo4RRREkRO5H4ZRyw0XR4zIOwkiMb+-6AYg7EIBBgZcbBym8UhCDcgJ6EZMJ2G4TJEmkdJBFETRFjgmM5rLHQbjFhApiqcxGkgWB2mcdB+nwe5RkmYJ5lYaJVn2fhklkbFsk0bkBRFG4QiKHQjyMD5Wk6VB3EGQh4UoWZmEieqSU2VJ1XUa83DoL6YDZEajAsDgsKiA1TWHj+7WIJyjBZiAED7lgyDcqYuHMH4AiHnAiTEGU0RlHAkS4C4GjLAIEAQrgfTLFMKzRFMu0JNwvQuAkXrcLseRMAo-XMIN6z0KcEAlJEOoaBoAgaC4ywJAI6YJIk3DbRAUzLNM0QQGUZTLPdAiPcWZG0E26AfiARgAHJdIExaxO+EFinAECxGsCDcLCYB+MWXj1LEunoBTkiMNyoT04zsS9G0aS8xgbDvNzTNvB8CDM+w6aILE-IKMssTLB8vCi7EDzErz9iSGkavK6gvDM1krN69TTDq78-xq2k7ywkwGCxKg6aZlr3A62rYD8g8ku2RKcCxB8EBq77UqCzrUqNuqzN-L0wdSX7YecqImOxAgTB0LHDNMyH-vLFlsuNeQqDC8imc8znsTs5KnyuzrsStrE5OmB76JdJWfgpsWCyN1koXE6zE6xOww0d13SsCKgqe0N7lfIGk3K6533dgKTY0IBT3vIL6DDHHTS-1-Hof66r+8V8fdAB4wcBrKP3cV-Livn7fB9kQnD9KyrF+1tfCDP8c2mDypjTR2AgABWfQ6B+GyMWSsBNBYSyljLSWT9oGwMCInCONAKYV0PBnKBMC4FvHDsncmL86AJzgHg1BhDxhJ0bKQiulDej+GoegohdCsFkITmAEoVCCFsNoZghhh9-Y8IzrEMAacBD4LQRbIQ5spQDylJLRgl4ZFwIePIiRXtEB01YRbTWOd1HoIONwHYiDli6OMQHVANBBb0CktYyQ7AFAMHVtTHY1ibYKDtg7GELxSB7BRgoeASA3Q4FSgTNwBB3AeBTPSdAUSu5uCmK4NwCl2bKSSMjR6yolEnAiXkQo7lImBBySE6e65ClpXMIEh6Cg5DcjAB0CAeTvYFJAAASQcQoNwnT1hgDcPE2gSTmBX3KY0w8LT4CsyqV0npfSxT4HKS2aUihKxFGxvaOpwSFhe3aoERqTAbimFCZjdQpTuiBAWIEDyCxolpLiQkpJ9yCY3LuQ89wGSlKSGyTs1GYzCxQggmNCCtRDwkhAGUAMu0lzQyBNEOAJQpgaBKAISIR1ogYssZESIEBogQxWTohAwLFz7nBZ7e4CRcBkoSC4M6uBIi9GiOiiACRLEIwSFDb6f1egJERHyQ8wRyaHOuO2bGc49D8jAMK1pKoIyiQ3Ocec0rZUpmxieFVQrKTLjGDsQwSrTyc3qKgdgvRhhgWGls8k6ATVmuGC2NYdAFjsAyOBcmhr5ytntcWY49AXVuoARAT1ehuDsAgNiTUQJXAJBKAkMoGgpgJq1C4Moz4QBBPRPUCgCIXD4BRc4Com0NCvFQKgKAlJizoE4sG4cXZLiwRUAOM2Ioy0VqLHeVQ251hvnQDIdY6hhh8DSGALADgHCuUpPgNI4r8CggcHoKUljJSIH7cgQdw7R3jsnXAads7516EvPQLZxBcDECmKeyI56XDnrPVMEo56EjnuiMQDQL6NBlFfVoYg2oQQSmwmmZQqhsBTA2qQBM2MDCIBMGYLAbgb1uG0N+xDOhgJuCCV8I4iA4MIaQy0JDaGrjHPbDh-DOgyNaDQ+LT4RJ-ikZQ8hgjbhQTgkhNCOE9G8MMbQ-iNEmJLScfI9xtwvHCSW2GIJxjqG3AUipKJWk9JJMUbQ7J+g2EjDMCyEp4T-J15CilKKcUK6xSwm00x01IgEDhkjOgMz0mdhGhNNZ0SdnKNuEdHAZ08qbOubQ9wX0-pdLBlDM59Uvm3D5mTGmDMlDwuRcLHB3wFGWjRE2mhhsmNm0kfgylzauWXCEcbf2VsLbEv5dy7gND45JzTno6ls9bh6t+aXCufzaAEB1aS413wKmEl7h0gtTrDWmtuF6GkdgFB7CNiGxVnj9g6CXmMjN7rlXmOoFxsXeo1N+jLZG5kdgvbR05ZW7N0bjVmqtVZu1ODF6TvdZKFR87fUBoICGvQODn7utPsa1MVbQTHrPVMK9t6dAbsIdOrdxIUw0P-YUGjEQWN1RHfBzdFLN0Yf1LOWF47UO0fQ-Q-UtpiBsPRLx2jh7BPgkzONB1nHsbycY+CZM5p5MifKLq-TxrsbGePWZ9MyptOUcPq5xT2HqyxTrM2Rz4XiRRf1L2YuA5RyTlwCxxgaXDPKcAt7WxkF5KIVwZl5zxI0Qef9mJaS0F3AKUSbcEbl9XO3Oqp1aK4jphkdo+Q4kJ32rWfeZc3Tr3CQfcyp1eqjnQeQ+ysrHqwwZXHcpYBmh41przWWuPXVgGieCsydtanh1EFtIBptkGzP4Ok8Rfz76swxf3UQDL9nvz4a0CJch1nxrp1GdZooIl4PKXTotA2qtt45bK3Vt0vX47Q-B89daEVrLpgqCj7gPR6fbgh8qZ7YwNdq+usb7cEuxAyid9T737Po9dAjsaCvev3AwvIhlFW1QdgDiIBuHqJNFfKSsUgAAL6-6AA
Referer: https://sofie.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: 58334c58-355e-484a-98f7-2e5c2a96d65e
x-envoy-upstream-service-time: 16
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQDJ4ldIf9Gt9wBRb%2F1NbfV9fAvjrvyEdlVDx5%2Fd3xvUPD7Ga6G4EmiMmEuFu74KWV2DQ6XB6cq9oaT4t8zltNMrBe5IzH8h%2B8o0OlzmY8Z6GADt2Cr4P%2Fek8GYP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8c9dc62d5bba62d7-HAM
access-control-allow-origin: https://sofie.pages.dev
date: Fri, 27 Sep 2024 19:07:00 GMT
server: cloudflare

OPTIONS
H2 202 ingestion
fp.sofi.com/api/ Frame 0
0 354ms
236ms Preflight 172.64.149.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: attributes,domain,pkey
Access-Control-Request-Method: GET
Origin: https://sofie.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attributes,domain,pkey,tokenFormat
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://sofie.pages.dev
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8c9dc62b4c40ca6c-HAM
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0eBwzm9Psf53rFp4gDvxMNhcKDo6uudlqRkzFuk%2BmBxzgPQCnlSlQlgLVUqa4Tr%2FBg6wB3aduMvi4V3KSeL6swbn06%2B2iZt%2BJELS8c1qsJGrQKZh%2FbvxR1xt9oy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 5BD5 81 B
474 B 41ms
40ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=oiwd0wpz&session_id=9f681a74-0fc3-4664-9102-9e289ab8392a&nonce=97996d36fb90c329&ck=0&m=1

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=97
Date: Fri, 27 Sep 2024 19:06:59 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H3

200

ls_fp Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame B9F5
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp.html
https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp

0
470 B

64ms
64ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c9dc62bcb2562b4-HAM
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Sep 2024 19:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ic2bCtNMGLnCUcnmAarKSnPc2F5NbZuLP7d%2B%2FWUEsifs0Q8oZV5mKdMnORMAAMrMNJF9FdjYR0q3sqylidRhsXBMhJf3tYDi4TJ5IrSms6ldWp8cGSo%2F28gA28zOkNATags%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c9dc62b6aa262b4-HAM
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
location: /Login - SoFi_files/ls_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3%2FZSw%2Bimbjd0tG2ZKZXHN%2Ftvd0DlpKKOX68H6bH8S%2FhtYk3fsV0H6me1dWpF%2BejiR03nRCPkUw%2FBnXZA0RSAbgY9tgwa17u22faljvaSRRfaAODnVItrvebkN4yMPwl8NA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

sid_fp Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 5CA0
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp.html
https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp

149 B
554 B

61ms
61ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c9dc62bcb2162b4-HAM
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Sep 2024 19:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D0zVSzMQXG4vEfaijXpjmYjdNmvsuq68xoIPqZNZV3Xw8P18EEi%2Bak60FX31YDmS6tn7OLv7fERBsFT%2BUYkuquf9bGwjKsWp2YEwyKSMdJMbiAe0qw8oBeN0%2BQK8ZNsZIPM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c9dc62b6aa662b4-HAM
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
location: /Login - SoFi_files/sid_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJ0qqaGBX7VEaNs%2BUewZwHYEhMTiXm9UnfJqt8skTYfBr3R6qXlJWwmDxQ%2FcRB1fRXgLpWl4oL8RQehN6jh7ZdaF2Nl4kTZ0JyxoKGEcqqqgrXOp%2F0mdhPNMNuH1QN0OUkU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

top_fp Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 764C
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp.html
https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp

0
454 B

58ms
57ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c9dc62bcb2e62b4-HAM
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Sep 2024 19:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtD9l1uO3K2gc9W2yyA0rk0Z9U0TaIqhXfy2M6hbHT%2ByRnBTLoEs%2FyZcfR1%2B7Lxbm6s84jaKhPs%2B9DOUGzKTsQJ4FIS43hMsAGqsEGnBARJup0vHcJJngY2fUD818b3pJUI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c9dc62b7aa862b4-HAM
content-length: 0
date: Fri, 27 Sep 2024 19:06:59 GMT
location: /Login - SoFi_files/top_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fd2frGkde01XvcAphJjVfOHYKjR2LrsCfAWLyrkTscEvWd3ju12KQvJUAUcYJEKm8lvQfvHys1lDQrKcgGxCMnQkpRBfJY2DqIbkpWdS9Z5s2m%2FGZjrY1A9BqATLmrB%2F0DE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 5CA0 2 B
386 B 53ms
53ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7diUxyRaCq%2F8BHX1qKqvM5DKo4jqcfLSHvL7BFKXx5DPkLQwHdKZ95UJXAdNORzxFL0X%2F4ZMJcwonETJ0oScmIrdOm7nWlomwFy3BeKo0hc8DYYaXm79q914gbdxB4F%2B0LQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9dc62c2bb262b4-HAM
content-length: 2
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 764C 2 B
381 B 101ms
53ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0G9a1jBymbkxoCgdyJpsuhGZafRCLEbMvNyIu50XfXOlMQRS4pCrD25xgvVNehYBl2hu1esUu23l%2BV1Xse1GVz3yOEujihJ3QnwsuoMUBUurZWN7t2VtplQZclM1Kuv0PM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9dc62c8c2e62b4-HAM
content-length: 2
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 speculation
sofie.pages.dev/cdn-cgi/ Frame B9F5 2 B
381 B 150ms
54ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcM39lDisiKFurrybvI4TvAi2yIjK0Jcmh8R6NXGBD7VMfZsmicRbBgRMbFoOOPCVRG6YbPSpaxbI9eO7WZCfw4dOxLSOcUl2GQYBPsHHPpePEcZqDEySM1KI2M96QicYCI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9dc62cdcb762b4-HAM
content-length: 2
date: Fri, 27 Sep 2024 19:06:59 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK check.js;CIS3SID=9817192D568C183BCA5A0714BC35EA91 Show response
st10.sofi.com/fp/ Frame 8406 364 KB
66 KB 69ms
69ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/check.js;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&jb=3532242462736f75354e6b6e7570266a736f3544696c7770246a7162773d4b6a706d65672668716035436872676f67253238313239

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&page_id=1&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

98a81411a15d94d619de6178aecbdcb19d0992295dc53621e8d45e2402a521da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Date: Fri, 27 Sep 2024 19:06:59 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
tmx-nonce: ca3c3c800709e9d2
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 8406 81 B
475 B 40ms
39ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Fri, 27 Sep 2024 19:06:59 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H2 200 favicon.ico
d32ijn7u0aqfv4.cloudfront.net/assets/icons/ 15 KB
16 KB 154ms
56ms Other
binary/octet-stream 13.224.194.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-168.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ae398dbea814491b5f373fa25680e1a7cfdaa9f293e949d89495af91f1bf00d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

x-amz-version-id: WYotLR2IlXrB_IjVQJtvSQ16BNJMDvt_
etag: "3614d0a26a831df997f00b03a831e285"
age: 12999
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bQj__wL1ZRHeHeMuoWHwOzP6ITd_Rb14j3XapfU-3CfeEbdQrhHYww==
date: Fri, 27 Sep 2024 15:38:32 GMT
content-type: binary/octet-stream
last-modified: Mon, 07 Dec 2020 14:42:31 GMT
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 15406
x-amz-cf-pop: FRA2-C1
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
server: AmazonS3

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 8406 81 B
474 B 81ms
43ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Date: Fri, 27 Sep 2024 19:06:59 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK HP
st10.sofi.com/fp/ Frame 2BBD 0
0 117ms
40ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/HP?session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&org_id=5ugj8dr8&nonce=ca3c3c800709e9d2&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/check.js;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&jb=3532242462736f75354e6b6e7570266a736f3544696c7770246a7162773d4b6a706d65672668716035436872676f67253238313239

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Fri, 27 Sep 2024 19:07:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame 8406 81 B
531 B 120ms
40ms XHR
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*, 5ugj8dr8/ca3c3c800709e9d2162f9d0e-fb00-4554-8432-c1fdfe867796
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private, must-revalidate, max-age=0
Etag: 7997fd57474c4172b4fc2c616fbd187a
Connection: Keep-Alive
Expires: Wed, 26 Sep 2029 19:07:00 GMT
Access-Control-Allow-Origin: https://sofie.pages.dev
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Fri, 27 Sep 2024 19:07:00 GMT
Last-Modified: Fri, 27 Sep 2024 19:07:00 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK ls_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91
st10.sofi.com/fp/ Frame F072 0
0 124ms
43ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/ls_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 27 Sep 2024 19:07:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame 8406 0
398 B 41ms
41ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&jb=3334246e7b613d346d363233316d35323261313c663733313562673861386c3366646b66346430

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=95
Date: Fri, 27 Sep 2024 19:07:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK es.js Show response
st10.sofi.com/fp/ Frame 8406 134 B
655 B 40ms
40ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/es.js?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

974334668363e9a4cf194b2d79b45ed7f26e42bbb5ea15f03b21b46429fa443c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Date: Fri, 27 Sep 2024 19:07:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK sid_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91
h.online-metrix.net/fp/ Frame 2CB7 0
0 137ms
43ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 27 Sep 2024 19:07:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91
st10.sofi.com/fp/ Frame 441E 0
0 118ms
41ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/top_fp.html;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 27 Sep 2024 19:07:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
h64.online-metrix.net/fp/ Frame 8406 0
399 B 579ms
189ms Script
text/javascript 2620:f3:0:14:b401:8ee8:4321:ad82
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h64.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&i=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=100
Date: Fri, 27 Sep 2024 19:07:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 204
204 clear.png Show response
st10.sofi.com/fp/ Frame 8406 0
219 B 42ms
42ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&ja=323232322e26633d3e32247a3d3e3026663d393e30327a3930303226636635333432387a313032322e7378793531327833382664707235392c333438322c3332323024333432382e3130323224313630382e333230382c3136303824313032382e33322c31302e6f763f3a35663733663b3134396d3460663238396236366a6c333a356a3261643361342e6f6c3f3a247361663f3a34266c603f6a747478732533412d3a4627304e716f6469672e786365677b2c646774273a462670643f372670603d6538303a6c6663373d37313b3364346d60673a313b33676036693939323132662668603d3138326a6a30633b3c6438613235316a3335343c60653b613a6e313839393033266a7b6f3d4c69667d7824687b603d4168706f656727303833323b24687b6f753d446b6c75782e6a736275354b68706d6567266c68613d3e246c66653f38246c6f7c703d302e7678643d4d75726f706d2d3244406d706c6b6e246d69766a70353630323166396332626d613232653e6363353638383830636c3335373432316e663637303a313633663e6561613a366663393c616662643f3a333331393b3663266672356a76767871253143273a4625324e716d66696d2e7061676d7b2e66677e27324426723d786e7765616c5f646e637b6825354d64636c736d21706c756f616e5d75616c646d77715f6567666b695d706e637b6d7225354d64636c736d21706c756f616e5d636c6d62675f63637a6d60637c273547646364736521786e776769665f7175696b63746b6f6d27354766636c7b6723726477676b6c5d7b686f6363756376652d35456661647b6523726477676b6e5d726d636e726463796770273d4566616471672170647567696e577e6c615d786e617b6570253d47646364716523726e7d67696e576667766164767225354d6e616e716d23706e756569665d71746f5d766b67756d7225354d64636c736d21706c756f616e5d6869746127354766696e71672e656c5d613f7f656267645567624744253230312638253032204d70676e454c2d3032475b273232302c382532304b6a706f6d61756d29576d6a474e273a32474e534e253a3247512d3030332c322d3230284772676e4744253230455b2d32324544514c273232455b273032392c302730324b68726f656b776d295f65624b697c5f656049617625303055656a454e4346454c475d6b66737461666167645f69727261797b2d3340273a32455a545d6264676c66576f696c6f63702533422d303245585c5f636c697857636d6c7c706f6e2531422d30324750565f616d6e67725f627d646465725768616c66576e6c6d637c2733402530304d5a565d6c6770766a5d6b6c616d78273142253a30455854576e6c6d637c5d626e656c642d3140273a32455a565d6e726167576667707460253342253a38455a5657726f6e79656f665d6d646e7165765d6164616d702d31402532384558545f7b606166677a5d74677876757a675d6e6766253140273a3045585c5d7665787c7572655f6b676d72706d71736b6f6c5f6a7276612d31422730324d58545f7c677a74757a655f636f65787267717b6b6f6c5f70677c6127314a273232475a5c5f746570767772655766696c746d7a5f636c61716f76726d70616127314a273232475a5c5f74657076777265576d697272677a5f616e696f705d746d5f6d6665672d31422730324d58545f7b504542253b42253230474d535d6764676d676e765f616c6667705d756b6c762d3342253a324d45535766626f5f7a6d6e66677a5d6d6b706f61782731402d30304d475157737461666663726457646572697e69746b746d712531422732384d47515776657a76777a655f66646d6374253b42253230474d535d766d7a747772675f6e6e6d637c5d6c6b6c67697225334a2730304f4d535f7465707c757067576a616e665d66646d63762d31422730324745535f7c677a74757a655f6861646e5f646e6763745d6c6b6e6d6370273b402530324d4d535f766d70766578576172726171576f60686d6174273340253a3255474a454c5d616d646f725f6a776466657a5f666c6f697c2531402d303055454047445d616d6572726771716d645f746d7a7675726d5f6173746b2d3340273a32574742454c57616d6f7870657171676c5f7465707677726557657463253b4a2530325f4742454c5d63676f72706d717367665d7c6578747d70675f657c633125334a2d3232554d40474e5f616f657270677b7165665d766d7874757a675d73337c632533422d3a3055474a454c5d636d6d787067717b67645d7667707475726d5d7133746b5f7372676a2d3340273a32574742454c576667607d655f70676c6c6572657a5d6b6e6667253342253a385747404f4e5f666560756f5d716a6966657071273b4225323855474247445f6465707c605f7667707675706527334a2730325f4742454e5d6c72617757607766666d727325334a2d3232554d40474e5f6e6f7b675d61676c74677a762d3342253a325545424f4c5f6d75647c695d667a6377273340253a3255474a454c5d726d6479676f665d6f6f646d313626676457683f3a3e643361383661303533603c3a6563663a3c3639616c366337623d633630386a306166373d33362477656c7e3f4b6c7c676c273032416e632e2e75656c7235496e7465642d32324b7a6b732732324f78676c4544273232476c6f696e652e6161643d3926676c6857603d3261693631636437376c3035643a3161613630316662633e3a6134666d626330343e3132673a6c35&jb=3131362464713d4d67786b6c6c69253246352638253032205a31332531422d30324e616c757a27303878383657343629253a30417070646d576760436b74273244353b352c313e2732322a4940544d4c2d30412532386c696b652d3a3045676b696f2b2530304b6a706d6567253044333a392e3026322c30253a30536166697a6927304e3733352e3136

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=100
Date: Fri, 27 Sep 2024 19:07:00 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK clear.png
5ugj8dr8woxlis6va4n7am3cqxrmedtqxq2chvikca3c3c800709e9d2am1.e.aa.online-metrix.net/fp/ Frame 8406 81 B
438 B 155ms
39ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ugj8dr8woxlis6va4n7am3cqxrmedtqxq2chvikca3c3c800709e9d2am1.e.aa.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&di=yes

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Date: Fri, 27 Sep 2024 19:07:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 204
204 clear3.png;CIS3SID=9817192D568C183BCA5A0714BC35EA91 Show response
st10.sofi.com/fp/ Frame 8406 0
218 B 42ms
41ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear3.png;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&jac=1&je=3836242465656468352a3125324b312532433b2d324164386130643866373d64363b6a346337343438663730303b3738316c646232356b693532666d32386037316539613335393333306064396563376c676034333c29

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=99
Date: Fri, 27 Sep 2024 19:07:00 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 204
204 clear1.png;CIS3SID=9817192D568C183BCA5A0714BC35EA91
st10.sofi.com/fp/ Frame 8406 0
400 B 44ms
43ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear1.png;CIS3SID=9817192D568C183BCA5A0714BC35EA91?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&jf=343334247b69645f7a6c663d746c725f33353c50755178406c3434376e417f70247161665f6663766d3d31373a353636343832302673616c5f767b78673d7565603a6d6166716924736b665d6365793d3b323739333831333036383f32633a3e363861653164383032333834303a3063303634386b673164303b30313037383b343032383234673963376c343a323d35373261313835343239376366663a323733353839643a303d3164636532396a6433363966313a3b3b6e363361383b3039376c30613764386d3434326c6364316566363d3733373936616336373e3031363e373133626d36356134693c633a63693038363331376a6732323a3163636664696531646b602473696c5f736967353b30363738303232306439316431366d363066323a693230373c356438383d623763623b3b31603230313264353233393736633c353037313a3d3932653f303630306a633930623b38323033383264603230613c3b373330323464633a313664656e333b62353f633266336e31313064313133353537316d3533613e3165353b3b3f6532323c373463613c363134267b6166703f38

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Date: Fri, 27 Sep 2024 19:07:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame 8406 0
398 B 41ms
40ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=162f9d0e-fb00-4554-8432-c1fdfe867796&nonce=ca3c3c800709e9d2&jac=1&je=36353b242e6a666e35313a266a6e683d34643e3b63323a383163673734393b3b60646a6163643b3a6a65353139353136266266746e3d38323634383b3a2675696b3d3935302c39352e322c333a2c313026362c3136382e3532267f6d693f3a382c3237352c37263332372e7569343f646c62663a396631373a6a6265303a383237363832313424706f3d666d2460697673763f273f4225323a6e67766564253232253b49312c32382732412530327b7663767d71253030273b4125323a616a61726f696e67253a3a2535462e637566683f636935603b6d3465343a336b6361633e643061376b313932393b3e3336346a3763313135393e603666306664363a34383033386e673666303b666364383c3d39246770313d613131633c6732373167383366323f3766336e666030643038376139303c34633a6a6763316331622e677a363561373a35363a32386169643b32373c306133626e3d65323b6a67663437646338247763603f253540273a3261726b6a6b74656b747572652d3a322731492732302530322d3041273a30626b766c6d7373253a302733412d323225323a2d3241273a306270616c647b2730302d31412737402d3544253a412732326e756c6c566d7a736b6d664e69717427323a2731432d37422737462d3243253a306f6f62616c6525323a2d334364696e73672530432d30306f6766656e27303a2533412d303025323a253243253a3a706e637c646f706d27323a2731432d30322730302d3243253a30726c617c666f726d5e6d72716b676c2530322733492730302d30322730412d32327767753434253a322533416e696c71672d35442475636c352735402d3032607063666473253a302733412d354225354c2d3241273a306d6d626b6c6d2730302d314164636e7b6525324b27303270646174666f7a652530302d3141273230253a3027354c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=96
Date: Fri, 27 Sep 2024 19:07:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online) SoFi (Financial)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sofie.pages.dev/	1970-01-20 23:52:30	Name: __cf_mw_byp Value: lke3kb3WRuCbH216DkZQRReEIZubFAmGTwB_6vSF1CA-1727464013-0.0.1.1-/
st10.sofi.com/	1970-01-21 09:27:04	Name: thx_guid Value: a310627c97e825c79c1e084f3af69d38
st10.sofi.com/	1970-01-21 09:27:04	Name: tmx_guid Value: AAwQhLhRR5CKW4oqjQxXEFS5JLrM4vGPml3bPM0826f9raXgc95LiykiwV-byK0vf10uHhOMEBYI9QgROIeg28rQclrb1Q
fp.sofi.com/	1970-01-21 09:27:04	Name: soc_visitor_id Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjp7InNlc3Npb25faWQiOiJhZGM3NmQwYS1mM2MxLTQ5NDMtYjcxMC1mYjk1ODk5MGZjYmEifX0.MbcS7v4KfFaZIozZuP50zX0LcYhy1zRFjkSy8nlVOCrulTIT6wTKIn1lbxR2Qg6eiIrIXqRvPVY_lpNVhD2ADQ
.sofi.com/	1970-01-20 23:51:05	Name: __cf_bm Value: 25Xz0DxZ1q0PCOL7d5gc5xv22R43OlvARBCTm3z5dO0-1727464020-1.0.1.1-X4cCBvNwgvAU_MQ0iM71RxG7PmKpGJdRvZxoSLqWmwzNKeLGkBVXFiIosjzWhUsutqd__d_GZa4hsp1zuG9Xfg
.sofi.com/	1969-12-31 23:59:59	Name: _cfuvid Value: rT9QBf_h5nzirMQhmbOlgcwhi5cy.2LVG8zObBYxn9A-1727464020211-0.0.1.1-604800000

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/datadog-rum-v4.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/tags.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/devicer.min.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/otSDKStub.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/otBannerSdk.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear.png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/es.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(2).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(3).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear3.png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(4).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(5).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear3(1).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(6).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/check.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ugj8dr8woxlis6va4n7am3cqxrmedtqxq2chvikca3c3c800709e9d2am1.e.aa.online-metrix.net
cdn.cookielaw.org
d32ijn7u0aqfv4.cloudfront.net
d3331otr86r7j1.cloudfront.net
fontmetrics.net
fp.sofi.com
h.online-metrix.net
h64.online-metrix.net
js.dvnfo.com
sofie.pages.dev
st10.sofi.com
13.224.194.168
172.64.149.225
172.66.44.91
18.66.122.44
2600:9000:2251:de00:10:8d:3740:21
2606:4700::6812:562a
2620:f3:0:14:b401:8ee8:4321:ad82
44.241.55.115
91.235.132.130
91.235.132.67
91.235.134.131
08c4523f38d0898e4dfe1409e82a373b099a21265d48b784364468711d02c007
0ae398dbea814491b5f373fa25680e1a7cfdaa9f293e949d89495af91f1bf00d
16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef
36d35352915179175a83d7822d748ec6bb7e00c72dc34ee67be219982909b705
40ad61dc5fe4a2ddda825bfc739ca6312f351f863daa399cebded5be4befb6d0
4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459c1d18cc02ee9b48412ad3fec4ff4a5cd528a65e130ba282414ee768d296b2
531bfc51d17a7e129febf996996bfa92e3f75ce119f930f98e6297cf8c28f424
5d6733cf8650b87b9f3d0210b17f1a9f877a15e39f0d54a60fff89a45675f907
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c
7f98d8a9e5c57c7ca09d9494674f525838feddd429705a2f82099f2028a4c974
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8c516cf50ccaf93a37440aac1019c0e1c0a3e17df87ffe4cc66272fcb830db58
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
974334668363e9a4cf194b2d79b45ed7f26e42bbb5ea15f03b21b46429fa443c
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
98a81411a15d94d619de6178aecbdcb19d0992295dc53621e8d45e2402a521da
a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
c3087446afe87c5da27035fd77db71f3d9911966b3cd33a452f80d731fbf8159
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d1b04e44e13264e635725b5000b61906440495517d32db66f38f2dd7f5eb7c42
e01ee182c3edd33151075d139238cd34bfd31434ffd3b93d6caf940a2cad19a0
e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

sofie.pages.dev Open in urlscan Pro 172.66.44.91 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

27 %IPv6

7 Domains

11 Subdomains

12 IPs

1 Countries

1461 kBTransfer

2369 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

sofie.pages.dev Open in urlscan Pro
172.66.44.91 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

27 %
IPv6

7
Domains

11
Subdomains

12
IPs

1
Countries

1461 kB
Transfer

2369 kB
Size

6
Cookies

72 HTTP transactions
1 data transactions