www.sofi.com Open in urlscan Pro
104.18.15.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ablink.r.sofi.com/ls/click?upn=3D62LepVu039-2FQ-2FFRaRff734w3RUpNc%3D
Effective URL:
https://www.sofi.com/app-download.html
Submission Tags: falconsandbox
Submission: On September 08 via api (September 8th 2021, 12:11:09 pm UTC) from US — Scanned from DE

Summary HTTP 164 Redirects Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 71 domains to perform 164 HTTP transactions. The main IP is 104.18.15.42, located in and belongs to CLOUDFLARENET, US. The main domain is www.sofi.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 19th 2020. Valid for: a year.

This is the only time www.sofi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.52.150.75 52.52.150.75	() ()
11	104.18.15.42 104.18.15.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:1b0... 2a02:26f0:1b00:18e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.225.38.117 13.225.38.117	16509 (AMAZON-02) (AMAZON-02)
13	52.222.196.116 52.222.196.116	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4007:80d::2008	15169 (GOOGLE) (GOOGLE)
1	23.72.2.243 23.72.2.243	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	216.58.201.230 216.58.201.230	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1d::84 2a04:4e42:1d::84	54113 (FASTLY) (FASTLY)
6	2a03:2880:f01... 2a03:2880:f01f:6:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.129.2 151.101.129.2	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	52.222.158.3 52.222.158.3	() ()
1	52.84.174.83 52.84.174.83	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:217... 2600:9000:2171:b000:16:cfb1:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
4	159.203.152.45 159.203.152.45	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.206.174.109 34.206.174.109	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.230.83 34.120.230.83	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:88:... 2a00:1288:88:800::4001	203070 (YAHOO-FRA) (YAHOO-FRA)
2	18.219.93.205 18.219.93.205	16509 (AMAZON-02) (AMAZON-02)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
6	2a00:1450:400... 2a00:1450:4007:815::200e	15169 (GOOGLE) (GOOGLE)
2 3	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
5	2600:1f18:24e... 2600:1f18:24e6:b901:343e:fcbb:d36e:974c	14618 (AMAZON-AES) (AMAZON-AES)
1	3.225.115.141 3.225.115.141	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:218... 2600:9000:218f:4800:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2.20.88.229 2.20.88.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4007:811::2002	15169 (GOOGLE) (GOOGLE)
1 31	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
2	34.120.121.20 34.120.121.20	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
2	34.232.184.65 34.232.184.65	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4007:807::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:402... 2a00:1450:4025:401::5e	15169 (GOOGLE) (GOOGLE)
1	104.21.83.150 104.21.83.150	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.165.186.74 54.165.186.74	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.129.208 151.101.129.208	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.158.92.16 18.158.92.16	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	() ()
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.222.152 52.57.222.152	16509 (AMAZON-02) (AMAZON-02)
1 1	23.40.112.231 23.40.112.231	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.159.118.206 18.159.118.206	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	() ()
2 2	18.194.158.62 18.194.158.62	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:43f8:c79a:f116:17d6	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.40.113.157 23.40.113.157	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.222.165.170 52.222.165.170	() ()
1	3.208.250.137 3.208.250.137	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.86.239.241 52.86.239.241	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.49.107.116 52.49.107.116	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
2 2	185.94.180.125 185.94.180.125	() ()
1 1	52.28.248.40 52.28.248.40	() ()
1 1	18.206.102.118 18.206.102.118	() ()
2 2	216.58.198.194 216.58.198.194	15169 (GOOGLE) (GOOGLE)
1 1	107.20.192.231 107.20.192.231	() ()
1	52.51.228.134 52.51.228.134	16509 (AMAZON-02) (AMAZON-02)
2 2	52.222.174.22 52.222.174.22	() ()
2 2	35.244.159.8 35.244.159.8	() ()
2 2	92.122.149.105 92.122.149.105	() ()
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	69.173.144.138 69.173.144.138	() ()
1 1	13.225.25.113 13.225.25.113	() ()
2 2	35.227.248.159 35.227.248.159	() ()
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.145.203 45.79.145.203	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.194.132 151.101.194.132	() ()
2 2	185.64.189.115 185.64.189.115	() ()
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 11	2a03:2880:f14... 2a03:2880:f142:82:face:b00c:0:25de	() ()
1	2a03:2880:f04... 2a03:2880:f042:f:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:218... 2600:9000:218c:1600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
164	53

1 52.52.150.75 (San Jose, United States) 1 redirects

ASN- ()
PTR: ec2-52-52-150-75.us-west-1.compute.amazonaws.com

ablink.r.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.15.42 (None, )

ASN13335 (CLOUDFLARENET, US)

www.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1b00:18e::13b8 (Paris, France)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.38.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-38-117.cdg3.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.222.196.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-196-116.cdg50.r.cloudfront.net

d32ijn7u0aqfv4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.72.2.243 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-2-243.deploy.static.akamaitechnologies.com

a10819474327.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.201.230 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s18-in-f6.1e100.net

6375438.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01f:6:face:b00c:0:3 (Pantin, France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.2 (United States)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.158.3 (United States)

ASN- ()
PTR: server-52-222-158-3.cdg52.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.174.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-83.cdg50.r.cloudfront.net

tlxgvxfc.micpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2171:b000:16:cfb1:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.203.152.45 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rbx.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.174.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-174-109.compute-1.amazonaws.com

contentdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.230.83 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 83.230.120.34.bc.googleusercontent.com

tgtag.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:88:800::4001 (Aubervilliers, France)

ASN203070 (YAHOO-FRA, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.219.93.205 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-93-205.us-east-2.compute.amazonaws.com

collector-11685.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4007:815::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.89 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:24e6:b901:343e:fcbb:d36e:974c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.115.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-115-141.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:218f:4800:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.20.88.229 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-88-229.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:811::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 52.46.154.242 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.121.20 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 20.121.120.34.bc.googleusercontent.com

api.trafficguard.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.184.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-184-65.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4025:401::5e (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.83.150 (None, )

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.165.186.74 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-186-74.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.208 (United States)

ASN54113 (FASTLY, US)

sdk.iad-03.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.92.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.222.152 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-222-152.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.112.231 (Paris, France) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-112-231.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.118.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-118-206.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN- ()
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.158.62 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-158-62.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:43f8:c79a:f116:17d6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.113.157 (Paris, France) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-113-157.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.165.170 (United States) 1 redirects

ASN- ()
PTR: server-52-222-165-170.cdg52.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.250.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-250-137.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.239.241 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-239-241.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.107.116 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-107-116.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.248.40 (Frankfurt am Main, Germany) 1 redirects

ASN- ()
PTR: ec2-52-28-248-40.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.206.102.118 (Ashburn, United States) 1 redirects

ASN- ()
PTR: ec2-18-206-102-118.compute-1.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.198.194 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: par10s27-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.192.231 (Ashburn, United States) 1 redirects

ASN- ()
PTR: ec2-107-20-192-231.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.228.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-228-134.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.22 (United States) 2 redirects

ASN- ()
PTR: server-52-222-174-22.cdg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN- ()
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.149.105 (London, United Kingdom) 2 redirects

ASN- ()
PTR: a92-122-149-105.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.25.113 (United States) 1 redirects

ASN- ()
PTR: server-13-225-25-113.cdg3.r.cloudfront.net

pixel.placed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN- ()
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.145.203 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-03.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States) 1 redirects

ASN- ()

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f142:82:face:b00c:0:25de (Marseille, France) 1 redirects

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f042:f:face:b00c:0:8c (Marseille, France)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:218c:1600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	23 KB
16	sofi.com 1 redirects ablink.r.sofi.com www.sofi.com rbx.sofi.com analytics.sofi.com	32 KB
13	cloudfront.net d32ijn7u0aqfv4.cloudfront.net	743 KB
11	facebook.com 1 redirects www.facebook.com	2 KB
9	doubleclick.net 3 redirects 6375438.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	3 KB
7	yahoo.com 2 redirects sp.analytics.yahoo.com ups.analytics.yahoo.com cms.analytics.yahoo.com	6 KB
6	google-analytics.com www.google-analytics.com	20 KB
6	facebook.net connect.facebook.net	310 KB
5	google.com adservice.google.com www.google.com	1 KB
5	datadoghq.com rum-http-intake.logs.datadoghq.com	466 B
5	optimizely.com cdn.optimizely.com a10819474327.cdn.optimizely.com logx.optimizely.com	123 KB
4	braze.com sdk.iad-03.braze.com	1 KB
4	google.de www.google.de	843 B
4	adnxs.com 2 redirects acdn.adnxs.com ib.adnxs.com	6 KB
4	branch.io cdn.branch.io api2.branch.io	25 KB
3	stackadapt.com tags.srv.stackadapt.com	2 KB
3	pinterest.com ct.pinterest.com	1 KB
3	bing.com bat.bing.com	9 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	529 B
2	tapad.com 2 redirects pixel.tapad.com	930 B
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects us-u.openx.net	620 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	737 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	497 B
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	779 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	996 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	657 B
2	bidswitch.net 2 redirects x.bidswitch.net	881 B
2	adsrvr.org 2 redirects match.adsrvr.org	909 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	fontawesome.com use.fontawesome.com	8 KB
2	trafficguard.ai api.trafficguard.ai	1 KB
2	app.link app.link	1 KB
2	tvsquared.com collector-11685.tvsquared.com	9 KB
2	yimg.com s.yimg.com	7 KB
2	quora.com a.quora.com q.quora.com	14 KB
2	pinimg.com s.pinimg.com	18 KB
1	atdmt.com cx.atdmt.com	563 B
1	taboola.com 1 redirects sync.taboola.com	299 B
1	ispot.tv 1 redirects pi.ispot.tv	341 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	612 B
1	exelator.com loadus.exelator.com	324 B
1	placed.com 1 redirects pixel.placed.com	564 B
1	rubiconproject.com 1 redirects token.rubiconproject.com	353 B
1	mookie1.com 1 redirects odr.mookie1.com	599 B
1	samba.tv 1 redirects ads.samba.tv	290 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	888 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	764 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	bluekai.com 1 redirects tags.bluekai.com	811 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	484 B
1	agkn.com 1 redirects aa.agkn.com	337 B
1	getrockerbox.com getrockerbox.com	714 B
1	mparticle.com jssdkcdns.mparticle.com	1 MB
1	reddit.com alb.reddit.com	125 B
1	rlcdn.com di.rlcdn.com	66 B
1	tgtag.io tgtag.io	21 KB
1	contentdsp.com contentdsp.com	5 KB
1	c212.net cdn.c212.net	1 KB
1	micpn.com tlxgvxfc.micpn.com	15 KB
1	redditstatic.com www.redditstatic.com	7 KB
1	googletagmanager.com www.googletagmanager.com	101 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	21 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
164	71

	Domain	Requested by
31	s.amazon-adsystem.com	1 redirects 6375438.fls.doubleclick.net s.amazon-adsystem.com
13	d32ijn7u0aqfv4.cloudfront.net	www.sofi.com
11	www.facebook.com	1 redirects www.sofi.com
10	www.sofi.com	www.sofi.com www.datadoghq-browser-agent.com
6	www.google-analytics.com	www.googletagmanager.com www.sofi.com www.datadoghq-browser-agent.com
6	connect.facebook.net	www.sofi.com connect.facebook.net
5	rum-http-intake.logs.datadoghq.com	www.datadoghq-browser-agent.com
4	sdk.iad-03.braze.com	www.datadoghq-browser-agent.com
4	www.google.de	www.sofi.com
4	www.google.com	www.sofi.com
4	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
4	sp.analytics.yahoo.com	www.sofi.com
4	rbx.sofi.com	www.sofi.com rbx.sofi.com
3	api2.branch.io	www.datadoghq-browser-agent.com
3	tags.srv.stackadapt.com	contentdsp.com www.datadoghq-browser-agent.com
3	ct.pinterest.com	www.datadoghq-browser-agent.com www.sofi.com
3	ib.adnxs.com	2 redirects www.sofi.com
3	6375438.fls.doubleclick.net	1 redirects www.googletagmanager.com www.sofi.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.sofi.com
2	image6.pubmatic.com	2 redirects
2	pixel.tapad.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	use.fontawesome.com	jssdkcdns.mparticle.com use.fontawesome.com
2	logx.optimizely.com	www.datadoghq-browser-agent.com
2	api.trafficguard.ai	www.datadoghq-browser-agent.com
2	app.link	cdn.branch.io
2	collector-11685.tvsquared.com	www.sofi.com
2	s.yimg.com	www.sofi.com www.datadoghq-browser-agent.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	cdn.optimizely.com	www.sofi.com
1	cx.atdmt.com	www.sofi.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	pixel.placed.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	beacon.krxd.net	s.amazon-adsystem.com
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	aa.agkn.com	1 redirects
1	analytics.sofi.com	www.datadoghq-browser-agent.com
1	getrockerbox.com	rbx.sofi.com
1	jssdkcdns.mparticle.com	www.sofi.com
1	adservice.google.com	6375438.fls.doubleclick.net
1	q.quora.com	www.sofi.com
1	alb.reddit.com	www.sofi.com
1	di.rlcdn.com	www.googletagmanager.com
1	tgtag.io	www.sofi.com
1	contentdsp.com	www.sofi.com
1	acdn.adnxs.com	www.sofi.com
1	cdn.c212.net	www.googletagmanager.com
1	tlxgvxfc.micpn.com	www.sofi.com
1	cdn.branch.io	www.sofi.com
1	www.redditstatic.com	www.sofi.com
1	a.quora.com	www.sofi.com
1	a10819474327.cdn.optimizely.com	cdn.optimizely.com
1	www.googletagmanager.com	www.sofi.com
1	static.cloudflareinsights.com	www.sofi.com
1	www.datadoghq-browser-agent.com	www.sofi.com
1	ablink.r.sofi.com	1 redirects
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
164	86

This site contains no links.

Subject Issuer	Validity	Valid
*.sofi.com Go Daddy Secure Certificate Authority - G2	`2020-10-19` - `2021-11-20`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-17`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
quora.com R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.micpn.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.c212.net DigiCert SHA2 High Assurance Server CA	`2019-11-19` - `2022-01-05`	2 years	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
rbx.sofi.com R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
content.to Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
tgtag.io GTS CA 1D4	`2021-08-26` - `2021-11-24`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-10-27`	2 months	crt.sh
*.tvsquared.com Amazon	`2020-10-16` - `2021-11-14`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
*.quora.com R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.trafficguard.ai Sectigo RSA Domain Validation Secure Server CA	`2021-03-25` - `2022-03-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.iad-03.braze.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-08-22` - `2021-11-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.sofi.com/app-download.html
Frame ID: 20F4E93F02C05374314CFAA6B8834394
Requests: 120 HTTP requests in this frame

Frame: https://a10819474327.cdn.optimizely.com/client_storage/a10819474327.html
Frame ID: A029EA3B3C9FFA9E43FC99F1825EEBDD
Requests: 1 HTTP requests in this frame

Frame: https://6375438.fls.doubleclick.net/activityi;dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html
Frame ID: 476E71AB4D17C7365BC939B47610FF80
Requests: 2 HTTP requests in this frame

Frame: https://di.rlcdn.com/710883.html
Frame ID: 2D55B3E6CC010B12837954BC5CFF40DB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=540463841704364350&dcc=t
Frame ID: B60DCA013155A7D40BC352FFA88EE35A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8
Frame ID: C19EB9A0537384D4BEC8221632F4A01A
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ablink.r.sofi.com/ls/click?upn=3D62LepVu039-2FQ-2FFRaRff734w3RUpNc%3D HTTP 307
https://www.sofi.com/app-download.html Page URL

Page Statistics

164
Requests

98 %
HTTPS

27 %
IPv6

71
Domains

86
Subdomains

53
IPs

9
Countries

2783 kB
Transfer

6084 kB
Size

95
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ablink.r.sofi.com/ls/click?upn=3D62LepVu039-2FQ-2FFRaRff734w3RUpNc%3D HTTP 307
https://www.sofi.com/app-download.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://6375438.fls.doubleclick.net/activityi;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html HTTP 302
https://6375438.fls.doubleclick.net/activityi;dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html

Request Chain 61

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=540463841704364350 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=540463841704364350&dcc=t

Request Chain 86

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=164960203903000177446&ex=neustar.biz

Request Chain 87

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6519454446 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6519454446 HTTP 302
https://sync.1rx.io/usersync/tradedesk/3ad148e2-82a9-402c-8693-66a94651a300 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003%26ex%3Drhythmone.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=RX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003&ex=rhythmone.com

Request Chain 88

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=5f3e6c2776a81c7d9d916abf8b21da86

Request Chain 89

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=mhM%2Bm99999Y2JpCC

Request Chain 90

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPd5099ed8-109d-11ec-a008-06c38a68672a HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7eb0f8222e5b44d2ef22d5edd2798748d963172e&ex=aoldisplay.com

Request Chain 91

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0fad49e0-2b96-4fae-a556-4d952b470930

Request Chain 95

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=708125e73b6e31242d8fb92e41f71061&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 96

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 98

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e1e8e028ca2fb159

Request Chain 99

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=OcjwI6s5ShqXS_DnpubMNA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=OcjwI6s5ShqXS_DnpubMNA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=29215417617883007251006277751597495068

Request Chain 100

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=gYUdWqGmR52q3sh8zgZBtg HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810116850495614285&gdpr=&gdpr_consent=

Request Chain 102

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3579160021180489284

Request Chain 103

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d546bc16-109d-11ec-ab9e-186cd56e0306 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d546bbcd-109d-11ec-ab9e-186cd56e0306

Request Chain 104

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%229a4559df-3b17-4acf-ab0a-32da6e653780%22,%22Time%22:%2220210908T081101.638505%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9a4559df-3b17-4acf-ab0a-32da6e653780

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEFAIJw6b4bDS0F5TNVxfNkQ&google_cver=1

Request Chain 106

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 107

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=7d4da39b996f3cefdb8a6a5855bfcad8

Request Chain 108

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=39fe79a9-67a8-cc1f-1f04-9c3af1a56cc7

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KGqfZVGN2t8Gb_ETOUC1rjc4dOw4ZgIC

Request Chain 110

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=4595D9AE5F843FA0

Request Chain 111

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5697522992566525399&ex=appnexus.com

Request Chain 112

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=JkDJ-ue0cXaOreWBKrAySMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=9ad2Pf8ARtKna6O1tcpfPw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 114

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732

Request Chain 116

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=CB914F2D56A83861382ED07F0250633C

Request Chain 117

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-zIE5vs11l2MWGFW.YlMLYLP_ZRKu7E4-

Request Chain 118

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=dd9d6d51c61cca1b9320b8e865699cb97115e611faab01691366fd5372972299

Request Chain 119

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=E5864962-7002-4391-ACDC-9A2D5EEF59C0

Request Chain 120

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4907cc11-df8b-4260-a86c-95eb7f47b3c8-tuct8322dd5

Request Chain 133

https://www.facebook.com/tr/?id=1460194797568320&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103062531&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=28&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&exp=p0&rqm=GET HTTP 302
https://cx.atdmt.com/?c=2037441792944231580&f=AYy9EtIMuwabheFDTMOFu_i8rg_WcQVo2ep2WKmymEtmdD0C3NlbElDIEUJ45iezFP1VxGoH3ya8u7iHV7iAauyI&id=1460194797568320&l=3&v=0

164 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request app-download.html Show response
www.sofi.com/
Redirect Chain

http://ablink.r.sofi.com/ls/click?upn=3D62LepVu039-2FQ-2FFRaRff734w3RUpNc%3D
https://www.sofi.com/app-download.html

41 KB
11 KB

783ms
722ms

Document
text/html

104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ed9252d591965b753cc675a961a0f2f401c1167cdd3a9efd63a0ec2c8deff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.sofi.com
:scheme: https
:path: /app-download.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Sep 2021 12:10:58 GMT
content-type: text/html
last-modified: Mon, 23 Aug 2021 20:32:07 GMT
expires: Wed, 08 Sep 2021 12:20:58 GMT
cache-control: max-age=600 public
x-sofi-wordpress-cache-status: HIT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
access-control-allow-origin: https://sofi.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-sr-trace-id: a98ac9ee72cff9b474e19391ad544f5f
set-cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; HTTPOnly; Secure __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; path=/; expires=Wed, 08-Sep-21 12:40:58 GMT; domain=.sofi.com; HttpOnly; Secure; SameSite=None __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058; path=/; domain=.sofi.com; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDmRuhGOiYm64GNKroLs0bVB033Pu7nRrTUhyMgB8NVRCEp0JcJZC4G74VP8QkTxE4SSCHClYx4MxtaxjL0kr4BqjaMGUseaKpJt5%2BFQj7ZMC9FkM0UZnnBuakkfoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68b813a22eee087b-CDG
content-encoding: br

Redirect headers

Server: openresty
Date: Wed, 08 Sep 2021 12:10:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
location: https://www.sofi.com/app-download.html
cache-control: no-cache
branch-server-fallback: Branch-Server-Fallback
esp-server-fallback: Error-Response-Email-Server-Provider

GET
H2 200 14812420277.js Show response
cdn.optimizely.com/js/ 372 KB
98 KB 451ms
381ms Script
text/javascript 2a02:26f0:1b00:18e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/14812420277.js

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1b00:18e::13b8 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

28beb050e14f9ad88c22bab7ae5964e1319fbc6fa690a64b8177cb6a5d8af844

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: da3pQSZMfApQrsiG1VnN.QisTIbxxM6n
content-encoding: gzip
etag: "cb65a029017e97a50b797d81d8a8fcdf"
x-amz-request-id: 8ER749ZJQ4GVTMZE
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 3257
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="14";dur=0,cdnip;desc="2a02:26f0:1b00:18e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 99609
x-amz-id-2: TPl6DUk0Z8Nay99nkjcQx1cNUf2YIDXZ5/xbExkq9rxdr/vnVVHCBzDCKvOnQzIazTDUvr/no1s=
last-modified: Thu, 02 Sep 2021 19:07:18 GMT
server: AmazonS3
date: Wed, 08 Sep 2021 12:10:59 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 datadog-rum-us.js Show response
www.datadoghq-browser-agent.com/ 64 KB
21 KB 94ms
22ms Script
application/javascript 13.225.38.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.38.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-38-117.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:10:23 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:21:10 GMT
server: AmazonS3
age: 54
etag: W/"20e006a0c5730657dae04bb52a46d540"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 89cec266da5afe1c0fd332f7f04e94e3.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: j2m9F_xToPuE2IkcPQ4zqjPs-RgsKSEOl9ma2jKTM_6JpS6k1qHoxg==

GET
H2 200 sofi-logo.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/ 2 KB
1 KB 679ms
679ms Image
image/svg+xml 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/sofi-logo.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f91ce153fa2b6cadea9b2bb9755dee3e2c039f031cda26d42e72d444df031ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/home-page/sofi-logo.svg
pragma: no-cache
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
last-modified: Mon, 23 Aug 2021 20:32:09 GMT
server: cloudflare
x-sofi-wordpress-cache-status: HIT
etag: W/"612405c9-965"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4W4QtsQ9RumENJCMvBjrcmhCEJkFnjBEy4LxbegmiuH9eobsiVejFWT82Mr3BqlB%2FtjbP6%2BllBurdVIawuFEPmf6EPl5BfyNu1R0gwu4AelOegUio4L02rRq6xI7yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: https://sofi.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-sr-trace-id: f5d73a500b9fa73729d0f6956754fa5e
cf-ray: 68b813a78f10087b-CDG
expires: Wed, 08 Sep 2021 12:20:59 GMT

GET
H2 200 app-download-oval.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/ 1 KB
888 B 685ms
683ms Image
image/svg+xml 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/app-download-oval.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

757486aacc667f9866ded46708f5110edc0fb4b347b45d32463c5fb3ed458d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/individual/app-download-oval.svg
pragma: no-cache
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
last-modified: Mon, 23 Aug 2021 20:32:09 GMT
server: cloudflare
x-sofi-wordpress-cache-status: MISS
etag: W/"612405c9-45a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bzi8hZrGaGLAnOwyoFydSjVm5WMe5gZc4v7MCFO7cAqqmfgFfSiRQYjjEJU7q3DcBtLwmLdiYQ0GnOaXQAYtAba2KigO6z%2BOu6ptssQRDtzrv5398N%2FtWkUlHmuOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: https://sofi.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-sr-trace-id: 870f7a5bb69916addbdfe4c9303f80dd
cf-ray: 68b813aa2ada087b-CDG
expires: Wed, 08 Sep 2021 12:21:00 GMT

GET
H/1.1 200
OK app-download-phone2.png
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 115 KB
116 KB 172ms
22ms Image
image/png 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/app-download-phone2.png
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d01731504733769dd4193c64072561f6bcc9bd16a0482203a8cb4290a24206a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 08:27:24 GMT
Via: 1.1 c9eda0567a1d169784ebe65d259cdee9.cloudfront.net (CloudFront)
Age: 17984615
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 117978
Last-Modified: Fri, 06 Sep 2019 22:44:35 GMT
Server: AmazonS3
ETag: "aca7de8862f785ccf1dbe398d0917330"
x-amz-version-id: HOuA7XXeKIJD1bctq3Bfeqq8hoIGizE7
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/png
X-Amz-Cf-Id: zasECEOCDMvIHSkBgudxTyAqoZZi44scKj38rZV3w1gUQSAatzxN7g==
Expires: Sat, 05 Sep 2020 22:44:34 GMT

GET
H/1.1 200
OK AppStoreBadge_136x40%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 10 KB
11 KB 174ms
23ms Image
image/jpeg 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/AppStoreBadge_136x40%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec4be84528c51c7c0a7fe71c7bc019978880b73e1b524a1f87376e997ea6ee33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:48:24 GMT
Via: 1.1 9f5dc8aa3b00e084cc2e91009dfdc836.cloudfront.net (CloudFront)
Age: 2204556
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 10394
Last-Modified: Mon, 15 Apr 2019 17:22:13 GMT
Server: AmazonS3
ETag: "bf9e6ca17e75dbbc66eef2bf770aa086"
x-amz-version-id: jFyi40ZLxv.qOzyk4s5X8mgQt50pycZt
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: SV1UwrFTCZx5wilu1CoiFlYA6Ge_1bkIS6yDjv9E8DYfgO6xlnniHA==
Expires: Tue, 14 Apr 2020 17:22:12 GMT

GET
H/1.1 200
OK GooglePlayBadge_136x40%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 10 KB
10 KB 204ms
29ms Image
image/jpeg 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/GooglePlayBadge_136x40%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db4fa78826fe4188ac570d30b1489bba9da09aaeed88978c533ddb3758a18c36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 08:47:52 GMT
Via: 1.1 9f5dc8aa3b00e084cc2e91009dfdc836.cloudfront.net (CloudFront)
Age: 19106587
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 10059
Last-Modified: Mon, 15 Apr 2019 17:22:00 GMT
Server: AmazonS3
ETag: "04630f3b5bb245a06026221bc0215156"
x-amz-version-id: to0uSdSMpkRbhrxo6MTCeSND5HdFdchQ
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: CavM4ikR07u7Ly2U6tzTd-9gvx-Uhaq5k6zgitp8LsTE_oUcXGDRww==
Expires: Tue, 14 Apr 2020 17:21:59 GMT

GET Growth-Web-QR-Code_QR-code.jpeg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 0
0

GET
H2 200 icon-stopwatch.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/ 4 KB
2 KB 675ms
674ms Image
image/svg+xml 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/icon-stopwatch.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4762e026911b2ede445fd0355c5880b8c8a644223615d72b81c329fe78cc3441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/home-page/icon-stopwatch.svg
pragma: no-cache
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058; optimizelyEndUserId=oeu1631103059649r0.5235099047622389; _dd_s=rum=1&id=16af557b-3796-403a-a2ea-26082f3ffb7d&created=1631103059692&expire=1631103959692
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
last-modified: Mon, 23 Aug 2021 20:32:09 GMT
server: cloudflare
x-sofi-wordpress-cache-status: MISS
etag: W/"612405c9-1126"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbKfCt5WWb6GZedgkdpkVv0%2F8LieIoa8ueXj%2FKslD%2BZ7dzXLU5hWN2bN4JWmBfp65vM3YPnttza0O16NT8Kvdc%2Fa4Bp5zMD0OtkTjyC%2BRPFVO%2BRLmfInLYEEl3GR7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: https://sofi.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-sr-trace-id: 4b9f7a9bb2b559621b3af0979328a225
cf-ray: 68b813ab2c9b087b-CDG
expires: Wed, 08 Sep 2021 12:21:00 GMT

GET
H2 200 icon-easy-qualification.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/ 3 KB
1 KB 687ms
687ms Image
image/svg+xml 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/home-page/icon-easy-qualification.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

019d6c917442f8081762fc259dc8f4f352ea782c7d420dc533c30076ec6789f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/home-page/icon-easy-qualification.svg
pragma: no-cache
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058; optimizelyEndUserId=oeu1631103059649r0.5235099047622389; _dd_s=rum=1&id=16af557b-3796-403a-a2ea-26082f3ffb7d&created=1631103059692&expire=1631103959692
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
last-modified: Mon, 23 Aug 2021 20:32:09 GMT
server: cloudflare
x-sofi-wordpress-cache-status: STALE
etag: W/"612405c9-b9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2F%2B4reJSaT8yPzp%2BbpFwtzAH86X3gGeMv6vdZeKA%2BWvhoBtN2YYMH8t%2FK0t5EWX%2F6HQD7sjDUgIU5CsjZZgxLK4qPWImdECSXEms7xosz0p9Rokmcxe%2BEzm%2BLq4boA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: https://sofi.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-sr-trace-id: f27eb7696f38ecb7bac2ae6919697b03
cf-ray: 68b813ab2c9c087b-CDG
expires: Wed, 08 Sep 2021 12:21:00 GMT

GET
H2 200 handshake.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/ 2 KB
2 KB 662ms
661ms Image
image/svg+xml 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/handshake.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e42fb43b9cc17b68b16ad7bb7d6bc27885cc0b59dfdab426a25cbed4f07b7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/individual/handshake.svg
pragma: no-cache
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058; optimizelyEndUserId=oeu1631103059649r0.5235099047622389; _dd_s=rum=1&id=16af557b-3796-403a-a2ea-26082f3ffb7d&created=1631103059692&expire=1631103959692
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
last-modified: Mon, 23 Aug 2021 20:32:09 GMT
server: cloudflare
x-sofi-wordpress-cache-status: HIT
etag: W/"612405c9-95e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gzTBE6zQhA75%2BeniuNyF8r70tKXTe9mbWmDAxwHMY%2BwLSNwxY7Z9n%2BUXmUohjGOnVz8mqlEsr%2FF9xRAp0ZHuDIqM7A5e%2FRywh9TbJXfR%2FhNRE6hrdIoiBQZMYhZfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: https://sofi.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-sr-trace-id: 5777a7f802f94331244e1914abd8f765
cf-ray: 68b813ab2c9e087b-CDG
expires: Wed, 08 Sep 2021 12:21:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 5070ms
41ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:04 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 22:03:28 GMT
server: cloudflare
etag: W/2021.8.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 68b813ca8fa94339-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 432 KB
101 KB 228ms
78ms Script
application/javascript 2a00:1450:4007:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32f6eee04beb4eb61bfcdbd47e4317b61d4c8f97291ef95d4353c2c7a28c1ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:10:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102451
x-xss-protection: 0
expires: Wed, 08 Sep 2021 12:10:59 GMT

GET
H2 200 f1a9d4422327431a96141bbe48fcccd3.png
cdn.optimizely.com/img/10819474327/ 23 KB
23 KB 131ms
131ms Image
image/png 2a02:26f0:1b00:18e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.optimizely.com/img/10819474327/f1a9d4422327431a96141bbe48fcccd3.png

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1b00:18e::13b8 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0a97584f8fc590eedc46aa12a890bf40f4ace7d4e1cbdc9042d2fb1db747b76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: IQ8aq8cbcZfAHcm_VS1VNWSIOmXTOZF9
last-modified: Tue, 06 Apr 2021 00:12:22 GMT
server: AmazonS3
x-amz-request-id: MDKP9XPQZV2GQ5BR
etag: "9d0d06f0d2b3bfd752e19557f663f7d8"
strict-transport-security: max-age=15768000
content-type: image/png
date: Wed, 08 Sep 2021 12:10:59 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="20";dur=0,cdnip;desc="2a02:26f0:1b00:18e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
accept-ranges: bytes
content-length: 23215
x-amz-id-2: tVavPygN/uIJj+U+N5+Sfc94kX6qJnAqSH2cbO/1g2dl0UQK35SiLPA0n0iYdZY7A407uX/NDcI=

GET
H2 200 app-download-bg-tablet.svg
www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/ 1 KB
938 B 659ms
659ms Image
image/svg+xml 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/wp/wp-content/themes/sofi-v4/src/img/svg/individual/app-download-bg-tablet.svg

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8d353e883e65df6163f278b0bfaf6fa159894b68670ad668f34b02a8e6f451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp/wp-content/themes/sofi-v4/src/img/svg/individual/app-download-bg-tablet.svg
pragma: no-cache
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058; optimizelyEndUserId=oeu1631103059649r0.5235099047622389; _dd_s=rum=1&id=16af557b-3796-403a-a2ea-26082f3ffb7d&created=1631103059692&expire=1631103959692
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
last-modified: Mon, 23 Aug 2021 20:32:09 GMT
server: cloudflare
x-sofi-wordpress-cache-status: STALE
etag: W/"612405c9-58e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NpvHiPqLLD0oxzZPmtXxBecOOK9XKw%2FbDQsRP%2FDl%2F6TkeOynQtca7STkmVNGPEn4ugXWfG8LKKFB95D0qPjlvEqftusBglHfVxP2Cpq%2FHstb6ResC1WeDfvr%2F2%2FXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: https://sofi.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-sr-trace-id: aa24c1ee17f6a7b8d80f98f9edf291f6
cf-ray: 68b813ab2ca4087b-CDG
expires: Wed, 08 Sep 2021 12:21:00 GMT

GET
H/1.1 200
OK SLR_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 87 KB
87 KB 213ms
29ms Image
image/jpeg 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/SLR_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af2966c91e845002ab923ea607a7d02f8aeb87698b9f1099a627a72835add06d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 23 Jun 2021 18:32:33 GMT
Via: 1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
Age: 6629906
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 88754
Last-Modified: Wed, 10 Apr 2019 17:25:37 GMT
Server: AmazonS3
ETag: "b98120b4108ec2bfa4be3e5583acdd65"
x-amz-version-id: xZcNsOlGjqc7czN9XZ6aY.rX0E2RzHEj
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: EWWpfvr37kwWei2ZVYJb0x4lyDMML1qIkByOCEJBomn1X7dsIukjNA==
Expires: Thu, 09 Apr 2020 17:25:36 GMT

GET
H/1.1 200
OK USL_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 73 KB
74 KB 223ms
31ms Image
image/jpeg 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/USL_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e264b4b1c2b568b974eb4ee23328522d1a4fa24247736bc6b138f7fbdb3faef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 27 May 2021 16:52:41 GMT
Via: 1.1 2ba5677785db2f66bc73820b2a261477.cloudfront.net (CloudFront)
Age: 8968699
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 75149
Last-Modified: Wed, 10 Apr 2019 17:25:27 GMT
Server: AmazonS3
ETag: "d18108ae07303846db0bd29f81980e60"
x-amz-version-id: J81YgJfsZwuvaQr8EA4qwO3s9QbCGfJo
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: AS8FsX8IgHOjp1IpflswpiZeoIP2gwcr5FmQCAjiZn-N3tBdIQyTPA==
Expires: Thu, 09 Apr 2020 17:25:26 GMT

GET
H/1.1 200
OK PL_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 68 KB
69 KB 137ms
33ms Image
image/jpeg 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/PL_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef461c7c1d3972fcb7338c3c42215fd18ae5bf13736b2de69232a93ad25da76d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 23 Jun 2021 18:32:33 GMT
Via: 1.1 2ba5677785db2f66bc73820b2a261477.cloudfront.net (CloudFront)
Age: 6629907
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 69546
Last-Modified: Wed, 10 Apr 2019 17:25:35 GMT
Server: AmazonS3
ETag: "c458af220b5869f69dfda61268d0c43f"
x-amz-version-id: zondZueZ.X6Kp.y3rKyVOn5OI4Kr_mUY
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: 8_8zG34wlQXmuFla8qbTE_qW28vAyvetyIGfkVnApBDLf0H3FYhkNw==
Expires: Thu, 09 Apr 2020 17:25:34 GMT

GET
H/1.1 200
OK HL_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 104 KB
104 KB 125ms
20ms Image
image/jpeg 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/HL_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ab2a342c7d07c83514822dcf164546b7228b874b50f4e5b2722fbe42058da9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 05 May 2021 09:19:26 GMT
Via: 1.1 31a1ed822e5cb0d9c8c86a015f42b7bf.cloudfront.net (CloudFront)
Age: 10896694
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 106368
Last-Modified: Wed, 10 Apr 2019 17:25:29 GMT
Server: AmazonS3
ETag: "0203eeace95e567b525e084fb24d7033"
x-amz-version-id: 7IPBM38RyuIyoL64vbdJ5iESURJLS9eU
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: a_rM_c1FVnDUIsqXWIZ_ogWPrqVyq1of5R6b_QI16e7Uti4T2K-L9Q==
Expires: Thu, 09 Apr 2020 17:25:28 GMT

GET
H/1.1 200
OK Invest_PCard_desktop%402x.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 105 KB
105 KB 125ms
21ms Image
image/jpeg 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/Invest_PCard_desktop%402x.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd26f8e52d236e0c762ab5de965b5131e51561ccbd279b19ba5bad0cf229a19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 05 May 2021 09:19:26 GMT
Via: 1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
Age: 10896694
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 107179
Last-Modified: Wed, 10 Apr 2019 17:25:32 GMT
Server: AmazonS3
ETag: "dd3685846052f01570618595accb26ff"
x-amz-version-id: gGjhqGrtL.ptaBD7PJgH6MOteeW4_kXN
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: BXdBWv1txENs-d5XZe6q3_k0cAQyREb1gXpEAOx0W0YrFSJYU13eFA==
Expires: Thu, 09 Apr 2020 17:25:31 GMT

GET
H/1.1 200
OK MemberExperiences_Money_Tile_Desktop%402X.jpg
d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/ 48 KB
49 KB 124ms
19ms Image
image/jpeg 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/MemberExperiences_Money_Tile_Desktop%402X.jpg
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64f707b22d1f8339a6506450fbb8c745633b98478703368b46823f86d53dcc33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 05 May 2021 09:19:26 GMT
Via: 1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
Age: 10896694
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 49592
Last-Modified: Thu, 20 Feb 2020 21:33:35 GMT
Server: AmazonS3
ETag: "80183033f098fe9836e9ef4ef248d1b4"
x-amz-version-id: ytSWApAeeqgcBsBpND3hjx_sZL_TCzYS
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: VVSR30dRH99dQ3jbjv5I20iX7c6bHuYdzKjFv2c3e_bRN7QHtQBIhA==
Expires: Fri, 19 Feb 2021 21:33:34 GMT

GET
H/1.1 200
OK TTNorms-bold.woff2
d32ijn7u0aqfv4.cloudfront.net/assets/fonts/ 20 KB
21 KB 164ms
20ms Font
binary/octet-stream 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/fonts/TTNorms-bold.woff2
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6292e56b84d52df8bf30d8066cb00c02955c80f2f8b0232ef45bdf9fd5cdc1e

Request headers

Referer: https://www.sofi.com/
Origin: https://www.sofi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: FgwCGZURQMB0KrL30NNyoOFOuNpwBCTL
Via: 1.1 e832b62df62ac7dea0463212e63d91f7.cloudfront.net (CloudFront)
ETag: "8270a9f410a8e846a7fe9422e3db696c"
Age: 2549986
X-Cache: Hit from cloudfront
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 20388
Last-Modified: Thu, 29 Apr 2021 21:24:41 GMT
Server: AmazonS3
Date: Mon, 09 Aug 2021 23:51:14 GMT
Vary: Origin
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Access-Control-Max-Age: 3000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
X-Amz-Cf-Id: 1k4Q56FEh4typIrrS3sa6je9HXh7LooYnDz66VlemFpOpb__0aHfVQ==

GET
H/1.1 200
OK larsseit_extra_bold.woff2
d32ijn7u0aqfv4.cloudfront.net/assets/fonts/ 37 KB
37 KB 163ms
20ms Font
binary/octet-stream 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/fonts/larsseit_extra_bold.woff2
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73acf9dbdd2a86dfbb64cebff7b5f0fe6182c3e3f5e84b5e857580d5685f475f

Request headers

Referer: https://www.sofi.com/
Origin: https://www.sofi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: xA5hpBfnGKObgQr1MCGLqiFlBozLEa7y
Via: 1.1 a3d0a2c557e0fa30cfdc1da901dc92e5.cloudfront.net (CloudFront)
ETag: "9b85cfd6cee46b560a0d1a6c3edfa743"
Age: 505593
X-Cache: Hit from cloudfront
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 37412
Last-Modified: Thu, 29 Apr 2021 21:25:10 GMT
Server: AmazonS3
Date: Thu, 02 Sep 2021 15:44:27 GMT
Vary: Origin
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Access-Control-Max-Age: 3000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
X-Amz-Cf-Id: 7iiKHfMLgtLA5709TaZrBvS5D2WLyOX-qF6K4Yrge3vYGiQpbhxUNA==

GET
H/1.1 200
OK larsseit-bold.woff2
d32ijn7u0aqfv4.cloudfront.net/assets/fonts/ 38 KB
38 KB 177ms
33ms Font
binary/octet-stream 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/fonts/larsseit-bold.woff2
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5104b1a5bd92dd06a62a537a136104a71f98978b37c594bf6c91f9968849a13

Request headers

Referer: https://www.sofi.com/
Origin: https://www.sofi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: mP0sBMIWNQYxsJ9_oUQpbSLDc54CX9dq
Via: 1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
ETag: "a6bd5a2b8ed00506661a751147ef5d7f"
Age: 615192
X-Cache: Hit from cloudfront
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 38407
Last-Modified: Thu, 29 Apr 2021 21:21:32 GMT
Server: AmazonS3
Date: Wed, 01 Sep 2021 09:17:48 GMT
Vary: Origin
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Access-Control-Max-Age: 3000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
X-Amz-Cf-Id: pBCrC5I3g_e_ihGqWVGipXRbOHVQVbX1n6mMzLJT1eybMpzDxwNTIg==

GET
H/1.1 200
OK TTNorms.woff2
d32ijn7u0aqfv4.cloudfront.net/assets/fonts/ 20 KB
21 KB 178ms
35ms Font
binary/octet-stream 52.222.196.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/fonts/TTNorms.woff2
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.196.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-196-116.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6820c0bd7e84991223198fb475a2c5163b3f16e490eccfed580435e90380904

Request headers

Referer: https://www.sofi.com/
Origin: https://www.sofi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 12:31:50 GMT
Via: 1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
Vary: Origin
Age: 1899550
X-Cache: Hit from cloudfront
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 20292
Last-Modified: Thu, 29 Apr 2021 21:25:43 GMT
Server: AmazonS3
ETag: "211431d80c2d89ca748b74743a4c102d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: .BuA7OLeZWVUnc3Pip4of8gszLHWonQo
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: CDG50-P2
Accept-Ranges: bytes
Content-Type: binary/octet-stream
X-Amz-Cf-Id: t8YS5CSFOpvemB7lyBQtbYuieLYj5vWlNwJ7RgKhsKy0sQaDACk1PQ==

GET
H2 200 a10819474327.html Show response
a10819474327.cdn.optimizely.com/client_storage/ Frame A029 1 KB
1 KB 246ms
137ms Document
text/html 23.72.2.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a10819474327.cdn.optimizely.com/client_storage/a10819474327.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/14812420277.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.72.2.243 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-72-2-243.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

3b562c569c0e6df3c32faa9fde2836a4713eb6b746de6e800c5efb930fed934e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a10819474327.cdn.optimizely.com
:scheme: https
:path: /client_storage/a10819474327.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sofi.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/

Response headers

x-amz-id-2: t1rnfmU/umS0UH86aTlYsQ0yXa6KWYtCBlW2NbEkBSGrb3O04gXYqRCLpt2O4vtGmBFm0Otc92M=
x-amz-request-id: 01BYKHSXN4JS5DFQ
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Sep 2021 19:07:12 GMT
etag: "51dc051c7e38020c3db5f451b1b24d8d"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: KZh7fPDm3km.H6hZrkjaXJyqA56Rh2jp
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 769
vary: Accept-Encoding
cache-control: max-age=120
date: Wed, 08 Sep 2021 12:11:00 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="14";dur=0,cdnip;desc="23.72.2.243";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 84ms
39ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:10:59 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: F018C4F9915B4978952BBE23335D3EC6 Ref B: FRAEDGE1210 Ref C: 2021-09-08T12:11:00Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2

200

activityi;dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref... Show response
6375438.fls.doubleclick.net/ Frame 476E
Redirect Chain

https://6375438.fls.doubleclick.net/activityi;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~or...
https://6375438.fls.doubleclick.net/activityi;dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sof...

2 KB
1 KB

45ms
43ms

Document
text/html

216.58.201.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6375438.fls.doubleclick.net/activityi;dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.201.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s18-in-f6.1e100.net

Software

cafe /

Resource Hash

036b7d77ac0392e2cffaf260738a332263662817c9178eb9f8a10441c5f75172

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6375438.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sofi.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Sep 2021 12:11:00 GMT
expires: Wed, 08 Sep 2021 12:11:00 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 814
x-xss-protection: 0
set-cookie: IDE=AHWqTUn7Z1vIVnXCLVyQUET_atq-r8TGGxURa9y9BI7vGOcJsrs0FPrsk11YaDUqbp8; expires=Mon, 03-Oct-2022 12:11:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Sep 2021 12:11:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6375438.fls.doubleclick.net/activityi;dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 136ms
17ms Script
application/javascript 2a04:4e42:1d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "d281f5ef4add283680ff41edc6dd28c4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 132ms
17ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: kt34EkLCLEsMID/Es1s6VEffEl+c5mxjcuJP3DvvjOJfaOwpoSCNbOLBKpt69TWi32hneC0iJXfU/bCh7+oG8g==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Wed, 08 Sep 2021 12:11:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 127ms
12ms Script
text/plain 151.101.129.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 2156
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: LPqU6a7EuNiiQTiqONvV05BHRbU8VySTIEl5fFs/P5A8SUwQxRjoZDgdkRl7+LjzJA+BjwCwsMA=
x-served-by: cache-bwi5155-BWI, cache-hhn4037-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1631103060.331188,VS0,VE0
date: Wed, 08 Sep 2021 12:11:00 GMT
vary: Accept-Encoding
x-amz-request-id: CG3F0MGTVSY7Y9B9
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 651

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 22 KB
7 KB 121ms
7ms Script
application/javascript 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Jul 2021 17:50:00 GMT
server: snooserv
etag: "912f60c72fda50b2f21068c65115175d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7018

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 140ms
29ms Script
text/javascript 52.222.158.3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.3 , United States, ASN (),
Reverse DNS: server-52-222-158-3.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 21:28:14 GMT
server: AmazonS3
age: 280
etag: "494b4c270c41c5456742136e682b1007"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 4bb1350a7e907cdd02f8977c1aa46622.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 08 Sep 2021 12:06:21 GMT
x-amz-cf-pop: CDG52-P2
content-length: 23861
x-amz-cf-id: vwi9ilVtNxfTfy8qYDhwhBc68iRICcfjtGKlaAM_GkXHS0U3sxoC2Q==

GET
H2 200 1.js Show response
tlxgvxfc.micpn.com/p/js/ 42 KB
15 KB 172ms
61ms Script
text/javascript 52.84.174.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tlxgvxfc.micpn.com/p/js/1.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-83.cdg50.r.cloudfront.net
Software: /
Resource Hash: 4ca96fce30a4c081ee7216b8305dfdbde550daf1a2dde8ebe5931675bc3b80a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:08:00 GMT
content-encoding: gzip
age: 180
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 4cdc479f5a3e085b3677cdfbbae00b5f.cloudfront.net (CloudFront)
cache-control: no-cache max-age=0
x-amz-cf-pop: CDG50-P1
timing-allow-origin: https://www.sofi.com
x-amz-cf-id: tLInK_CC7oKlTTM9eZ8rUab3NESd45NYD8yJnkvUcxY0X7ZRQn_pFg==
x-uuid: 4bed2037-ebbb-433b-9109-a99b707cd8f4
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 154ms
23ms Script
application/javascript 2600:9000:2171:b000:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:b000:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 19:40:42 GMT
via: 1.1 bbfe794cf908362a338386171e1a8cab.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
age: 59418
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
content-length: 747
x-amz-cf-id: 3GRBWBp08sAT75tQS-dO-rqnr--864RqFwIe52sszJcPQnvgzBK15g==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 117ms
8ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:00 GMT
Content-Encoding: gzip
Age: 27047
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21969-LGA, cache-hhn4065-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.13.10
X-Timer: S1631103060.325028,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Jun 2021 04:37:09 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 12366

GET
H/1.1 200
OK wxyz.rb.js Show response
rbx.sofi.com/assets/ 44 KB
10 KB 410ms
104ms Script
application/javascript 159.203.152.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbx.sofi.com/assets/wxyz.rb.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.45 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 41ce98b6a5242e847585b14cb284048a261b34a13405fa99901c7a88a1b9438a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:00 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 events.js Show response
contentdsp.com/ 13 KB
5 KB 376ms
104ms Script
text/javascript 34.206.174.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://contentdsp.com/events.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.174.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-174-109.compute-1.amazonaws.com
Software: /
Resource Hash: ec140efc696d53bf7f060a2691af9e045d3c48fb7c5c90debafbfb0dc7ae47f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 12:11:00 GMT
cache-control: max-age=30
content-encoding: gzip
content-type: text/javascript

GET
H2 200 tg.js Show response
tgtag.io/ 65 KB
21 KB 70ms
9ms Script
application/javascript 34.120.230.83
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tgtag.io/tg.js?pid=tg-g-002155-001
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.230.83 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 83.230.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3006c9fd6d5b0c3339a8a7b2daee6a42c1cd00898ed9529f95dd7b673aa6d011

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 20:17:09 GMT
content-encoding: gzip
age: 57231
x-guploader-uploadid: ADPycdtw6w63Wi12-0hvnJfYCw3j-iNZ0Kc16R78z6_WV8WO-Sm7bvIoMKad1SHZProcRZzUpRgk7JFKC-WApTD17xM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 20547
last-modified: Wed, 25 Aug 2021 11:13:15 GMT
server: UploadServer
etag: "ca101e90a0c9d7f118282a4c0e8ebb6b"
x-goog-hash: crc32c=oualaA==, md5=yhAekKDJ1/EYKCpMDo67aw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1629889995805298
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, no-transform, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 20547
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 08 Sep 2021 20:17:09 GMT

GET
H2 451 710883.html Show response
di.rlcdn.com/ Frame 2D55 0
66 B 121ms
16ms Document
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://di.rlcdn.com/710883.html
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: di.rlcdn.com
:scheme: https
:path: /710883.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sofi.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 195ms
42ms Script
application/javascript 2a00:1288:88:800::4001
YAHOO-FRA

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:88:800::4001 Aubervilliers, France, ASN203070 (YAHOO-FRA, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 11:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: EY38MDHEX39GXK7Q
x-amz-id-2: DacroComx/LS0mf2AsGVm89zH0vdhl8084tedAWVmNQ4Hi5ciAo2OzeSFLHKEf6CFGcvt1bynWI=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK tv2track.js Show response
collector-11685.tvsquared.com/ 20 KB
9 KB 489ms
115ms Script
application/javascript 18.219.93.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-11685.tvsquared.com/tv2track.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.93.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-93-205.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Jul 2021 14:21:37 GMT
Server: nginx
ETag: "60df20f1-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Wed, 08 Sep 2021 12:21:00 GMT

GET
H2 200 refer
www.sofi.com/measure/pixel/ 35 B
633 B 753ms
660ms Image
image/gif 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/measure/pixel/refer?referrer=https://www.sofi.com

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /measure/pixel/refer?referrer=https://www.sofi.com
pragma: no-cache
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058; optimizelyEndUserId=oeu1631103059649r0.5235099047622389; _dd_s=rum=1&id=16af557b-3796-403a-a2ea-26082f3ffb7d&created=1631103059692&expire=1631103959692; _gcl_au=1.1.1157100793.1631103060; mjs-sid=1631103060150
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/app-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
content-length: 35
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e8cey79fxR2lHocvReraUU3iq67yuD1C2n6Gokkjpxwicd3PhCuj7WdZsSpaVNFrcfVQWO%2FXHdxz8F2W3TcATLGP9cjFxKrdhvSxyYZ8Pk5JdpjwRXT1k1%2BbueGxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://sofi.com
access-control-allow-credentials: true
x-sr-trace-id: bb5d068285e8212d0f9b90cbdd2a0344
set-cookie: SOFI_REFERRER=%7B%22domain%22%3A%22www.sofi.com%22%2C%22path%22%3A%22%22%2C%22query%22%3A%22%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36%22%2C%22processed%22%3A%22false%22%7D;Path=/;Expires=Thu, 09-Sep-2021 12:11:00 GMT;Max-Age=86400;Secure
cf-ray: 68b813af0aad087b-CDG
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 uievent
www.sofi.com/measure/pixel/ 35 B
702 B 752ms
660ms Image
image/gif 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sofi.com/measure/pixel/uievent?sessionId=1631103060150&pageviewUUID=57ab075a-e40c-4756-81e0-f778fada3b53&screenWidth=1600&screenHeight=1200&windowWidth=1600&windowHeight=1200&pageHost=www.sofi.com&pagePath=/app-download.html&filteredPath=/app-download.html/&partyId=&targetId=&targetType=&latitude=&longitude=&appVersion=&queryString=&eventName=&eventType=mjs-pageview&action=&value=&mjsVersion=3.5.1&eventEpochTime=1631103060148

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /measure/pixel/uievent?sessionId=1631103060150&pageviewUUID=57ab075a-e40c-4756-81e0-f778fada3b53&screenWidth=1600&screenHeight=1200&windowWidth=1600&windowHeight=1200&pageHost=www.sofi.com&pagePath=/app-download.html&filteredPath=/app-download.html/&partyId=&targetId=&targetType=&latitude=&longitude=&appVersion=&queryString=&eventName=&eventType=mjs-pageview&action=&value=&mjsVersion=3.5.1&eventEpochTime=1631103060148
pragma: no-cache
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058; optimizelyEndUserId=oeu1631103059649r0.5235099047622389; _dd_s=rum=1&id=16af557b-3796-403a-a2ea-26082f3ffb7d&created=1631103059692&expire=1631103959692; _gcl_au=1.1.1157100793.1631103060; mjs-sid=1631103060150
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sofi.com
referer: https://www.sofi.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
content-length: 35
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHAo4MLs0F9N6XcxgLsrQq8EC7BnMxwQkdBXZiA1lom9mrGGw2uiK4cLrdF6VSeL%2BDCWvvBZpjn3mQC5rWGn%2FlQCwmxyTgWcUp%2FaPqkWiwzuajfd6rgytFnJHOjcsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://sofi.com
access-control-allow-credentials: true
x-sr-trace-id: 1636567b458ffa113c3c8b5154e08527
set-cookie: SOFI=0bP54lg72NlC7AVUbCkNTQ3N40ipXV6v6/6iJKGZPt4bKQK/ZbDuSVG5NBREU28OKD2FzZKz0UE2LsOoFl6cykBfHooxlDcdoYo3mU254EJdrtkSdxsK6lwAr2A7ZhZCEuTIWfKdT9eYQH7G3ijGSzIxUfXbtsR6uvV8iPANGNUcJu3PWgmqn6mWxKGOvBGS2u6aIekoQrRVsobQAYdV-UA_UUID%3Da47cd1fe-9c9d-4084-b057-12d2106bd740%26__TIMEIZ%3D1631103060894%26UUID%3D71816d82-fd64-42c4-8428-0b684698c178;Path=/;Expires=Mon, 07-Sep-2026 12:11:00 GMT;Max-Age=157680000;Secure
cf-ray: 68b813af0ab2087b-CDG
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activityi;register_conversion=1;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F...
6375438.fls.doubleclick.net/ 0
0 29ms
28ms Image
text/html 216.58.201.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6375438.fls.doubleclick.net/activityi;register_conversion=1;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.201.230 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s18-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
962 B 1165ms
1078ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001983556279&.yp=428757&gtmcb=474799130

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
X-Content-Type-Options: nosniff
Age: 1
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 08 Sep 2021 12:11:01 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
962 B 794ms
708ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001983556279&.yp=427891&gtmcb=344113213

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
X-Content-Type-Options: nosniff
Age: 1
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 08 Sep 2021 12:11:01 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
962 B 840ms
768ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001983556279&.yp=428763&gtmcb=2003782911

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
X-Content-Type-Options: nosniff
Age: 1
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 08 Sep 2021 12:11:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 131ms
24ms Script
text/javascript 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLSZML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5500
date: Wed, 08 Sep 2021 10:39:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 08 Sep 2021 12:39:20 GMT

GET
H2 204 5296050.js Show response
bat.bing.com/p/action/ 0
109 B 231ms
231ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5296050.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 12:10:59 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 56ECD2FD78B44FDB9ED685925063544C Ref B: FRAEDGE1210 Ref C: 2021-09-08T12:11:00Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
148 B 33ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5296050&tm=gtm002&Ver=2&mid=cb1c50f8-38c4-47cd-8433-508e81ab554a&sid=d488ea90109d11eca5fc25c4a1eecfce&vid=d4890df0109d11eca8d597614e330cfb&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=SoFi%20App%20Download&p=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&r=&evt=pageLoad&msclkid=N&sv=1&rn=17612
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 08 Sep 2021 12:10:59 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 22F815E040A94D78B6BC417A32C16708 Ref B: FRAEDGE1210 Ref C: 2021-09-08T12:11:00Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
337 B 101ms
14ms Image
image/gif 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=0e376ffe-59b2-4c91-8a47-32d3269918f9&it=1631103060338&v=0.0.20&u=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&st=1631103060337&et=1631103060338&if=0
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 161ms
114ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1631103060345&id=t2_2c7jq6xc&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=2c1b955e-53c5-42fd-b604-0e5c2c666a81&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
94 B 471ms
204ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1631103060370
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 12:11:01 GMT
content-length: 2
content-type: application/json

GET
H2 200 main.89cd5bf4.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 29ms
23ms Script
application/javascript 2a04:4e42:1d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "6deee3ea7ecc4a5d9687c1bd57018c16"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 17418
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/55b106ccc5dc4e798eae9ce732b5c92e/ 43 B
423 B 433ms
99ms Image
image/gif 3.225.115.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/55b106ccc5dc4e798eae9ce732b5c92e/pixel?j=1&u=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&tag=ViewContent&ts=1631103060375

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.115.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-115-141.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,2323cf00ec2f69e152390e2791624288,10.0.0.194,24932,185.232.23.184,,114217711979,1,1631103060.927,0.001,,.,0,0,0.000,0.004,-,0,0,197,175,87,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 1460194797568320 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 761ms
758ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1460194797568320?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd746d12bcd3161bf23d7acbcbb49aeea5f283cad8611ae4e04e30e5e6e7b1c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tp/sjU1iw41Cfqnf7wGCsauIvYhrDU5+iDuOzJHz8r82Aiw6PP43h57R63AnEbOQm8SDAHvLv5eoEOB2Pr7i4g==
x-fb-trip-id: 1460883810
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 12:11:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 90 B
561 B 5485ms
177ms Script
text/javascript 2600:9000:218f:4800:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_dhquKJwnbvSjI23qTDPX6icmqri4sNI7&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:4800:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

211640e3c6af9798776ac0d22cfa7465ae29422e84a243aa1f62b907785102a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:05 GMT
via: 1.1 72b94a25bcecdbda64f33818ad380f7e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: CDG52-P2
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-cb9pBJ04VSr8pBeZZ0qPRbmI+cs"
x-amz-cf-id: oo1aM8IHtyR8fbR4woh5XwtOW-yr7-1Xbqj6LpUm_qelM4OaCqenNQ==

GET
H2 200 / Show response
ct.pinterest.com/user/ 492 B
826 B 138ms
41ms XHR
application/json 2.20.88.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2615220189149&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1631103060495

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.88.229 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-88-229.deploy.static.akamaitechnologies.com

Software

Resource Hash

15d45fecc69fc7bb124a89ac1a7baed0ced324dd70fcaaa8c827a8ede2bac133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.05841502.1631103060.23a2d610
x-envoy-upstream-service-time: 0
x-pinterest-rid: 2414672694396146
pin-unauth: dWlkPU56VXdaVGcxTm1FdE5HSXlZaTAwWkdSbUxUaGhOR010T1dRM1pUY3pZVGsyTUdSaQ
access-control-allow-origin: https://www.sofi.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 347
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 45ms
45ms Image
image/gif 2.20.88.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2615220189149&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sofi.com%2Fapp-download.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1631103060496

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.88.229 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-88-229.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:00 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.05841502.1631103060.23a2d649
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 8079402437446269
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=*;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2F...
adservice.google.com/ddm/fls/z/ Frame 476E 42 B
515 B 127ms
29ms Image
image/gif 2a00:1450:4007:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=*;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html

Requested by

Host: 6375438.fls.doubleclick.net
URL: https://6375438.fls.doubleclick.net/activityi;dc_pre=CIDThLSs7_ICFWcB0wodplIA1g;src=6375438;type=brand0;cat=unive0;ord=1833402465724;gtm=2wg910;auiddc=1157100793.1631103060;u1=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html;ps=1;~oref=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6375438.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set iu3 Show response
s.amazon-adsystem.com/ Frame B60D
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%...

562 B
1 KB

124ms
124ms

Document
text/html

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=540463841704364350&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

2e9c3750a2eae2cb301c12b6c6a0568307052d278f012c3cb0cfaac140890e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://6375438.fls.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Cookie: ad-id=A0qbV6bMh0GSuYh6a9lTfBw|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6375438.fls.doubleclick.net/

Response headers

Server: Server
Date: Wed, 08 Sep 2021 12:11:00 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 562
Connection: keep-alive
x-amz-rid: RGWA29ATNSHZW5S6ZBM8
Set-Cookie: ad-id=A0qbV6bMh0GSuYh6a9lTfBw; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 12:11:00 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 12:11:00 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Wed, 08 Sep 2021 12:11:00 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: NSRPYBMSM3Z88Z61BD9G
Set-Cookie: ad-id=A0qbV6bMh0GSuYh6a9lTfBw|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 12:11:00 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=540463841704364350&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

POST
H2 200 event Show response
api.trafficguard.ai/api/v3/client-side/validate/ 61 B
724 B 171ms
113ms XHR
application/json 34.120.121.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trafficguard.ai/api/v3/client-side/validate/event

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.121.20 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

20.121.120.34.bc.googleusercontent.com

Software

Resource Hash

18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: W/"3d-+VrgqwIBqu+GaYyaxm1oD9TgRqA"
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sofi.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 61
x-xss-protection: 0

GET
H2 200 10147941.json Show response
s.yimg.com/wi/config/ 2 B
460 B 125ms
43ms XHR
application/json 2a00:1288:88:800::4001
YAHOO-FRA

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10147941.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:88:800::4001 Aubervilliers, France, ASN203070 (YAHOO-FRA, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 11:13:29 GMT
x-content-type-options: nosniff
age: 3451
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: H64C7S7MSXNWRSW1
x-amz-id-2: sGDWUcQxv1OOtHEqt9zK3XFBgNCREHsvjwY5URlXRIBU6jl1/bS8Ye9xuLH9mHuxaw6B57/+pFU=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
461 B 87ms
22ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-56752751-10&cid=1585788945.1631103061&jid=1700389284&gjid=622894344&_gid=1999999240.1631103061&_u=YGBAgEABAAAAAE~&z=744747224

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Sep 2021 12:11:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 26ms
25ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1145119451&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1700389284&gjid=622894344&cid=1585788945.1631103061&tid=UA-56752751-10&_gid=1999999240.1631103061&gtm=2wg910WLSZML&cd3=2021-09-08T12%3A11%3A00.241%2B00%3A00&cd8=57ab075a-e40c-4756-81e0-f778fada3b53&cd9=WEB&cd1=1585788945.1631103061&z=163559422

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 18:39:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63119
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
274 B 99ms
42ms XHR
text/plain 2.20.88.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.88.229 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-88-229.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:00 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.05841502.1631103060.23a2d6b8
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1734373317040190
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
357 B 420ms
99ms XHR
text/plain 34.232.184.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.184.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-184-65.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.sofi.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: b9bc36a3-4ee2-44b3-9dd9-c21ee6ba0d77

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/704f7088dcd95042947a0264fb79cec3/ 3 MB
1 MB 78ms
19ms Script
application/javascript 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/704f7088dcd95042947a0264fb79cec3/mparticle.js
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: a4094fde029cf666bfd029252bc379a2c39344c12018f6d460a77a42959b4223

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 2090
x-origin-name: fastlyshield--shield_ssl_cache_dca17778_DCA
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 1272377
x-served-by: cache-dca17778-DCA, cache-mxp6928-MXP
server: Kestrel
x-timer: S1631103061.757024,VS0,VE2
vary: Accept, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 08 Sep 2021 12:36:10 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 110ms
34ms Image
image/gif 2a00:1450:4007:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=1585788945.1631103061&jid=1700389284&_u=YGBAgEABAAAAAE~&z=889432952

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 5086ms
27ms Image
image/gif 2a00:1450:4025:401::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=1585788945.1631103061&jid=1700389284&_u=YGBAgEABAAAAAE~&z=889432952

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::5e Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK integrations Show response
rbx.sofi.com/ 42 B
246 B 101ms
100ms Script
text/javascript 159.203.152.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbx.sofi.com/integrations?source=sofi
Requested by: Host: rbx.sofi.com
URL: https://rbx.sofi.com/assets/wxyz.rb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.45 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:00 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 jpuid Show response
getrockerbox.com/ 67 B
714 B 173ms
110ms Script
text/javascript 104.21.83.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: rbx.sofi.com
URL: https://rbx.sofi.com/assets/wxyz.rb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.83.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d43f6ac00fd702949001f3a369f34965fb4f68e648516e0e239ccd9169f90e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZYo%2FEFYXVXevUoq2Fu%2F2lp%2BO2KByJAqTv4nN%2BjTCgaQmm7SRq1eW7iXkA4o%2F94pRYC2oF4nrEdVwC701pBf1AEeGqvxYCgDLRgf9RD0f4aYJNtS%2FeH7BfF1dk1fNVeTIRxg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 68b813b2dc4239cf-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK sp.pl
sp.analytics.yahoo.com/ 43 B
962 B 1145ms
1079ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2008%20Sep%202021%2012%3A11%3A00%20GMT&n=0&b=SoFi%20App%20Download&.yp=10147941&f=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&enc=UTF-8&yv=1.10.1&tagmgr=gtm

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:02 GMT
X-Content-Type-Options: nosniff
Age: 1
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 08 Sep 2021 12:11:02 GMT

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 248ms
247ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1631103060710
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 12:11:01 GMT
content-length: 2
content-type: application/json

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 83 B
310 B 418ms
98ms Stylesheet
text/css 54.165.186.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: contentdsp.com
URL: https://contentdsp.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.186.74 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-186-74.compute-1.amazonaws.com
Software: /
Resource Hash: b6eab182de87f1e545562a1e5629ae7471e08bfa4eb45e5ee1115e39073d65fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 08 Sep 2021 12:11:01 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 83
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 651 B
881 B 418ms
99ms Fetch
image/jpeg 54.165.186.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.186.74 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-186-74.compute-1.amazonaws.com
Software: /
Resource Hash: 8f9d9c6cce1d45f754689133301c994bda1116a56fdf0eb8a54e6cd160a3bd9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 08 Sep 2021 12:11:01 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H/1.1 200
OK tv2track.php
collector-11685.tvsquared.com/ 42 B
276 B 115ms
114ms Image
image/gif 18.219.93.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-11685.tvsquared.com/tv2track.php?action_name=SoFi%20App%20Download&idsite=TV-8181361845-1&rec=1&r=986669&h=12&m=11&s=0&url=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&_id=199023ae2d7d778f&_idts=1631103061&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=723
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.93.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-93-205.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: nginx
Connection: keep-alive
Request-Id: 9e21629f-6665-4309-b7c9-8805c7a79530
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

OPTIONS
H2 200 /
sdk.iad-03.braze.com/api/v3/data/ Frame 0
0 139ms
100ms Preflight 151.101.129.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Protocol

Server

151.101.129.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Origin: https://www.sofi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Sep 2021 12:11:01 GMT
via: 1.1 varnish
x-served-by: cache-hhn4073-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1631103061.986704,VS0,VE93
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 503 identify
analytics.sofi.com/mp/web/v1/ Frame 0
0 99ms
34ms Preflight
text/html 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.sofi.com/mp/web/v1/identify

Protocol

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://www.sofi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bwj50gCyYq%2Bpdhm71jeGb51YuA6gYEDdFPFdh5MhrcKDYjeLakXo3E3%2Fnpv7aUXBrGt6FKViK9KdxcLdTvJX7TVaSwtrE7QICz8%2BmPdfKPWxHx8MRxdRXqiEDbgLFkKUvUIBbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 68b813b368753a41-CDG

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
1 KB 61ms
22ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/704f7088dcd95042947a0264fb79cec3/mparticle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MWFFP00J4FN56JFH
x-amz-id-2: 5/bOKr313dKi97KTRRannnbDKb5WWOZXzqOg4bws+qaziPjRH+6pNsddmlQ6sG5z8q6p2P5PBcA=
last-modified: Wed, 30 Jun 2021 21:14:33 GMT
server: cloudflare
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc7gPJx7L37yY%2FvnwsIWbWpdXq0YbL91MLFMcm7R5FR%2BF15GoetEIruFIP01MjYtjdc0mp4LZ2ufxJec%2F9QlL%2BBo%2BUjuDKtV9a%2B6eSCu0N%2FXB2ncabrbSOUepzvD8C3fVdrfXZZroZYinjKHYIr8D%2FV4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 68b813b31999536a-FRA

POST
H2 201 / Show response
sdk.iad-03.braze.com/api/v3/data/ 2 KB
945 B 253ms
253ms XHR
application/json 151.101.129.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1d6ea7d89ab35723423129c2ea72b7d3e743aac868992950db5f231e0cbed451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 55c370dd-bb3f-475c-8a54-50403ffea8cc
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 17b90c74-a24e-45e0-b3d6-5c2bef7fe551
x-served-by: cache-hhn4073-HHN
x-runtime: 0.152763
server: nginx
x-timer: S1631103061.087408,VS0,VE246
etag: W/"1d6ea7d89ab35723423129c2ea72b7d3"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

POST identify
analytics.sofi.com/mp/web/v1/ 0
0

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 318ms
17ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/7f85a56ba4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5501018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYNR017DZMX3ZD5
x-amz-id-2: QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32oSaN4p4%2FV3JWoV32BY8GO0AtwUZx3KcuApy6%2B1uA%2BIsgZMfKfT9qjWoDkyEPhDCyC50RWDj9iJDTA9yDkNBhFTWfzkqjXUiOo0TyvuMMKgow0bYjRfBI13J%2FNjNNaESvF8T9xOZ5EgblVJuuazeIji"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 68b813b53d3b536a-FRA

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame C19E 5 KB
5 KB 104ms
104ms Document
text/html 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=540463841704364350&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

7729366859a0eb62e8572de611e8168362cf45ed39e6b5d6c73cc72e2134db15

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=540463841704364350&dcc=t
Accept-Encoding: gzip, deflate, br
Cookie: ad-id=A0qbV6bMh0GSuYh6a9lTfBw; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D953e1aba-b91a-5410-b414-6841d875b0b0%26type%3D13%26m%3D1&ex-fch=416613&ex-src=https://www.sofi.com&ex-hargs=v%3D1.0%3Bc%3D2516470980001%3Bp%3D953E1ABA-B91A-5410-B414-6841D875B0B0&cb=540463841704364350&dcc=t

Response headers

Server: Server
Date: Wed, 08 Sep 2021 12:11:01 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 5017
Connection: keep-alive
x-amz-rid: TNP1QY16MNYRD8KK0PJN
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H/1.1 200
OK rb
rbx.sofi.com/v2/ 44 B
332 B 104ms
104ms Image
image/gif 159.203.152.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbx.sofi.com/v2/rb?url=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&action=view&source=sofi&rb_source=sofi&script_version=wxyz.rb.js&sessionId=bce6da4d-9630-444f-b326-3eba8caf8e64&uid=rbos-24a06f77-88b1-47be-bb6d-fce20f680352
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.45 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=164960203903000177446&ex=neustar.biz

43 B
556 B

107ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=164960203903000177446&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0ZSHSG00ZAN3KFJ7BS4A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:01 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=164960203903000177446&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6519454446
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6519454446
https://sync.1rx.io/usersync/tradedesk/3ad148e2-82a9-402c-8693-66a94651a300
https://sync.targeting.unrulymedia.com/csync/RX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003%26ex%3Dr...
https://s.amazon-adsystem.com/ecm3?id=RX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003&ex=rhythmone.com

43 B
556 B

106ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=RX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003&ex=rhythmone.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3455CV37TH3E8YYRKAPQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=RX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003&ex=rhythmone.com
date: Wed, 08 Sep 2021 12:11:01 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX359ecb2e3ae641019a8bb4855f878940003
content-type: text/html

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=5f3e6c2776a81c7d9d916abf8b21da86

43 B
556 B

197ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=5f3e6c2776a81c7d9d916abf8b21da86

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W3TAZHS6509RR80BVTBF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=5f3e6c2776a81c7d9d916abf8b21da86
date: Wed, 08 Sep 2021 12:11:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=mhM%2Bm99999Y2JpCC

43 B
556 B

183ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=mhM%2Bm99999Y2JpCC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2BNFJDDA89TMN7ZBC892
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=mhM%2Bm99999Y2JpCC
Date: Wed, 08 Sep 2021 12:11:01 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 80df
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPd5099ed8-109d-11ec-a008-06c38a68672a
https://s.amazon-adsystem.com/ecm3?id=7eb0f8222e5b44d2ef22d5edd2798748d963172e&ex=aoldisplay.com

43 B
556 B

260ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7eb0f8222e5b44d2ef22d5edd2798748d963172e&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8BX1T0MCDVYYG8XNQAA0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?id=7eb0f8222e5b44d2ef22d5edd2798748d963172e&ex=aoldisplay.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0fad49e0-2b96-4fae-a556-4d952b470930

43 B
556 B

298ms
105ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0fad49e0-2b96-4fae-a556-4d952b470930

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 71PAD0SA4B078PX23NBN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Wed, 08 Sep 2021 12:11:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0fad49e0-2b96-4fae-a556-4d952b470930

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame C19E 43 B
183 B 452ms
95ms Image
image/gif 2600:1f18:612b:4200:43f8:c79a:f116:17d6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:43f8:c79a:f116:17d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame C19E 0
0 124ms
35ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame C19E 731 B
731 B 83ms
43ms Image
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68b813b45e9ddfd3-FRA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=708125e73b6e31242d8fb92e41f71061&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

255ms
105ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=708125e73b6e31242d8fb92e41f71061&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CW5XQHWPNWWTAFBFK28A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=708125e73b6e31242d8fb92e41f71061&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1631103061029086-584
Expires: Wed, 08 Sep 2021 12:11:01 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

145ms
103ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QMYV12G64P7X2729KY1A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 08 Sep 2021 12:11:01 GMT
via: 1.1 1713affce12abff65dc8b74f1260c723.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: CDG52-P2
content-security-policy-report-only: default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=HG220YRX19QDGQWBVDV2:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: HG220YRX19QDGQWBVDV2
strict-transport-security: max-age=47474747; includeSubDomains; preload
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-amz-cf-id: E0kyF74-BHIt8-YCU-7qNpKRwivXYlxOp7Rl5Ghf7E0GZpakAsSG3w==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame C19E 0
263 B 425ms
98ms Image
text/plain 3.208.250.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.250.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-250-137.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e1e8e028ca2fb159

43 B
556 B

110ms
109ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e1e8e028ca2fb159

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: KRMY5DSBX9BN0PXYKR02
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e1e8e028ca2fb159
date: Wed, 08 Sep 2021 12:11:01 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=OcjwI6s5ShqXS_DnpubMNA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=OcjwI6s5ShqXS_DnpubMNA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=29215417617883007251006277751597495068

43 B
556 B

106ms
105ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=29215417617883007251006277751597495068

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4DPMMRBX93ZK8TWH91A7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v015-052ec9957.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RU0ZOuOzTXs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=29215417617883007251006277751597495068
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=gYUdWqGmR52q3sh8zgZBtg
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810116850495614285&gdpr=&gdpr_consent=

43 B
556 B

112ms
112ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810116850495614285&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D79W46WC9ZS040Z200DJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:01 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10810116850495614285&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame C19E 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3579160021180489284

43 B
556 B

107ms
107ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3579160021180489284

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0CS93N2026CPMVJXEMFE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:01 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3579160021180489284
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d546bc16-109d-11ec-ab9e-186cd56e0306
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d546bbcd-109d-11ec-ab9e-186cd56e0306

43 B
556 B

109ms
108ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d546bbcd-109d-11ec-ab9e-186cd56e0306

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N1JD8MXE13535XCVDX7N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d546bbcd-109d-11ec-ab9e-186cd56e0306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 109
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%229a4559df-3b17-4acf-ab0a-32da6e653780%22,%22Time%22:%2220210908T081101.638505%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9a4559df-3b17-4acf-ab0a-32da6e653780

43 B
556 B

111ms
111ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9a4559df-3b17-4acf-ab0a-32da6e653780

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0TTE7W6XQTYJ14NEPBZK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9a4559df-3b17-4acf-ab0a-32da6e653780
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEFAIJw6b4bDS0F5TNVxfNkQ&google_cver=1

43 B
556 B

108ms
108ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEFAIJw6b4bDS0F5TNVxfNkQ&google_cver=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GZD79X54Y6JQ4J7WYSWC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEFAIJw6b4bDS0F5TNVxfNkQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C19E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
337 B

143ms
31ms

Image
text/plain

52.51.228.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=62 t=1631103062
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date: Wed, 08 Sep 2021 12:11:01 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a010-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=7d4da39b996f3cefdb8a6a5855bfcad8

43 B
556 B

110ms
110ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=7d4da39b996f3cefdb8a6a5855bfcad8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MHS7EZNYD8S377X86FX6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 08 Sep 2021 12:11:01 GMT
via: 1.1 31a1ed822e5cb0d9c8c86a015f42b7bf.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=7d4da39b996f3cefdb8a6a5855bfcad8
content-length: 108
x-amz-cf-id: AFybrXW6rCOKPo8kuxkylx06VRDIobwkkj-ZssTqiGhwX0ZNGpzP5A==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=39fe79a9-67a8-cc1f-1f04-9c3af1a56cc7

43 B
556 B

108ms
107ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=39fe79a9-67a8-cc1f-1f04-9c3af1a56cc7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5MRCENPJXKCRXHXYNYYV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 08 Sep 2021 12:11:01 GMT
content-encoding: gzip
server: OXGW/16.215.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=39fe79a9-67a8-cc1f-1f04-9c3af1a56cc7
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KGqfZVGN2t8Gb_ETOUC1rjc4dOw4ZgIC

43 B
556 B

108ms
108ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KGqfZVGN2t8Gb_ETOUC1rjc4dOw4ZgIC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A45VBB4H8HCN3SPA25CG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KGqfZVGN2t8Gb_ETOUC1rjc4dOw4ZgIC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Wed, 08 Sep 2021 12:11:01 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=4595D9AE5F843FA0

43 B
556 B

110ms
110ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=4595D9AE5F843FA0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RYGQWGK2SWV0TJA1Q4DN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:10:59 GMT
frontend-id: 4
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=4595D9AE5F843FA0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=5697522992566525399&ex=appnexus.com

43 B
556 B

105ms
105ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5697522992566525399&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QKRD8FS5ZJ097D5K79C4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: edfaa1dc-b19f-45c4-8c55-533a1335a7fe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=5697522992566525399&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=JkDJ-ue0cXaOreWBKrAySMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
556 B

106ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=JkDJ-ue0cXaOreWBKrAySMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FR89K34XNSKD6WEGKHND
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=JkDJ-ue0cXaOreWBKrAySMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=9ad2Pf8ARtKna6O1tcpfPw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

105ms
104ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9S8E9W9TV1G3ET4ZQA1T
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.co...
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732

43 B
556 B

115ms
107ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WCHZ5F0X087W86QTZC4E
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732
date: Wed, 08 Sep 2021 12:11:01 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 /
loadus.exelator.com/load/ Frame C19E 0
324 B 115ms
31ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=9ad2Pf8ARtKna6O1tcpfPw&ep=5JiBjW5L3Uk9VsGK_3uMju00ts-tKDSi1PgUioXf5tczS-Dh7OgsAXFXx6n2r3jRO6eBWmKgokn9Qy4ErpeMerq3fP6Dt2iX6J5x9roOUx8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=CB914F2D56A83861382ED07F0250633C

43 B
556 B

112ms
112ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=CB914F2D56A83861382ED07F0250633C

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VF552KYJFNQSHX3K2HSD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 08 Sep 2021 12:11:02 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=CB914F2D56A83861382ED07F0250633C
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Wed, 08 Sep 2021 12:11:01 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-zIE5vs11l2MWGFW.YlMLYLP_ZRKu7E4-

43 B
556 B

118ms
117ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-zIE5vs11l2MWGFW.YlMLYLP_ZRKu7E4-

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Z10Z6EB37JZCXNEA7EKE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-zIE5vs11l2MWGFW.YlMLYLP_ZRKu7E4-
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=dd9d6d51c61cca1b9320b8e865699cb97115e611faab01691366fd5372972299

43 B
556 B

115ms
114ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=dd9d6d51c61cca1b9320b8e865699cb97115e611faab01691366fd5372972299

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6QRBQP7W74QPCXBS83ZW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:01 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=dd9d6d51c61cca1b9320b8e865699cb97115e611faab01691366fd5372972299
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=E5864962-7002-4391-ACDC-9A2D5EEF59C0

43 B
556 B

115ms
107ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=E5864962-7002-4391-ACDC-9A2D5EEF59C0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0MGTF7SJPYGE9KCYAB75
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=E5864962-7002-4391-ACDC-9A2D5EEF59C0
date: Wed, 08 Sep 2021 12:11:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C19E
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4907cc11-df8b-4260-a86c-95eb7f47b3c8-tuct8322dd5

43 B
556 B

118ms
109ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4907cc11-df8b-4260-a86c-95eb7f47b3c8-tuct8322dd5

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 12:11:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 617B37TXDY1JA5F358FG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4907cc11-df8b-4260-a86c-95eb7f47b3c8-tuct8322dd5
date: Wed, 08 Sep 2021 12:11:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 7865

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
799 B 100ms
98ms XHR
text/plain 54.165.186.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=wbmz7OzVdviwBCfzIzP8YA&is_js=true&landing_url=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&t=SoFi%20App%20Download&host=https://www.sofi.com&sa_conv_data_css_value=%20%220-b947369a-2096-4d9a-699b-89a234dd8c29%24ip%24185.232.23.184%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9c55dfd72a9504eea4f6fb5c5b32970ddb9e817b8
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.186.74 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-186-74.compute-1.amazonaws.com
Software: /
Resource Hash: f3b150c26e10920013bb7c75dd987ee91b4113bd631b0468cbff8c6f8bf4ea62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.sofi.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H2 200 2413621935583288 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 600ms
599ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2413621935583288?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e4182a088f403b87467c06d297813dbb3e7693c2540788af364cba6ba19246b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: w086/cU4uU4rg9N8Wo097SiLKKlnuiLyrI39rMdMgB2YSpbgbrHQw1JD3W2VshyrYBwI+VChQayg1J7jQLKmkw==
x-fb-trip-id: 1460883810
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 12:11:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 104ms
28ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1460194797568320&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103061161&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=28&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:01 GMT

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 136ms
136ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1631103061210
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 12:11:01 GMT
content-length: 2
content-type: application/json

POST
H2 201 sync Show response
sdk.iad-03.braze.com/api/v3/content_cards/ 85 B
224 B 120ms
120ms XHR
application/json 151.101.129.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/content_cards/sync

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dfa9777e444bbb2af649b0886f306b653ba0706702b628d1c7ee884b02a5c552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 55c370dd-bb3f-475c-8a54-50403ffea8cc
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: e8795e72-61f2-421e-8a12-177a4ef5920a
x-served-by: cache-hhn4073-HHN
x-runtime: 0.022523
server: nginx
x-timer: S1631103061.441464,VS0,VE113
etag: W/"dfa9777e444bbb2af649b0886f306b65"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 sync
sdk.iad-03.braze.com/api/v3/content_cards/ Frame 0
0 97ms
96ms Preflight 151.101.129.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/content_cards/sync

Protocol

Server

151.101.129.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Origin: https://www.sofi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Sep 2021 12:11:01 GMT
via: 1.1 varnish
x-served-by: cache-hhn4073-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1631103061.344248,VS0,VE90
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
357 B 102ms
101ms XHR
text/plain 34.232.184.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.184.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-184-65.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 08 Sep 2021 12:11:01 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.sofi.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 7efa925d-fdae-4783-ab28-b20256ad44f2

GET
H2 200 299722910906023 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 628ms
627ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/299722910906023?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1e2572bef576ab873d3c8446a0500dfc36719cdb0ca4f11cc79b9e71450e5b2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: FyZSWrwJ9dzKpaQKyZZa9IIP5w1H0mqoXocWGevhl1sNlOaxsldEVGk31+ZrkSrar7l7nZAs+07U4+TUR4nTSw==
x-fb-trip-id: 1460883810
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 12:11:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 29ms
28ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2413621935583288&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103061770&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=28&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:01 GMT

GET
H2 200 177860490133838 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 75ms
74ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/177860490133838?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5fa0f07620dd513fee4c7b6c6eb238a0adf3ef54a07382cc9686484441a14d76

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 57JncpclrBelq/dCpBCPFj/TOvXPmqzL33a2NUo21UQbSgdKfYqmUmX8Kh42xgtrARAo9IjUkh9Ln8dxB36yBg==
x-fb-trip-id: 1460883810
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 12:11:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 28ms
27ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299722910906023&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103062436&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:02 GMT

GET
H2 200 3030946783633619 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f01f:6:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3030946783633619?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01f:6:face:b00c:0:3 Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

648ee60728169cb970f83890be6b4db404afdb11a87af309bd5eedb048f02b7d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 92Pjx7bTyI3jQpDTEN6+LNrqaLPMl54km9sAN40a7YUfI4dmbYihGpdH82aC9ZSqlxxc7UAsnJbYLBUFD8ImDA==
x-fb-trip-id: 1460883810
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 12:11:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1460194797568320&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103062531&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=28&fbp=fb.1.163...
https://cx.atdmt.com/?c=2037441792944231580&f=AYy9EtIMuwabheFDTMOFu_i8rg_WcQVo2ep2WKmymEtmdD0C3NlbElDIEUJ45iezFP1VxGoH3ya8u7iHV7iAauyI&id=1460194797568320&l=3&v=0

43 B
563 B

130ms
59ms

Image
image/gif

2a03:2880:f042:f:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=2037441792944231580&f=AYy9EtIMuwabheFDTMOFu_i8rg_WcQVo2ep2WKmymEtmdD0C3NlbElDIEUJ45iezFP1VxGoH3ya8u7iHV7iAauyI&id=1460194797568320&l=3&v=0

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:f:face:b00c:0:8c Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: qacYY7TCN9zExWN4eNPc9PVb7ahstfGG9ja+29GKcaOEeOgBGhFC+n2enlDoQiNprOHBd5/MWxjiUOEVjVQigA==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Sep 2021 12:11:02 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:02 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=2037441792944231580&f=AYy9EtIMuwabheFDTMOFu_i8rg_WcQVo2ep2WKmymEtmdD0C3NlbElDIEUJ45iezFP1VxGoH3ya8u7iHV7iAauyI&id=1460194797568320&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 31ms
30ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2413621935583288&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103062534&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=28&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 31ms
30ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299722910906023&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103062535&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 31ms
30ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177860490133838&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103062537&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 27ms
27ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3030946783633619&ev=PageView&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103062632&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:02 GMT

POST
H2 200 event Show response
api.trafficguard.ai/api/v3/client-side/validate/ 61 B
334 B 116ms
115ms XHR
application/json 34.120.121.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.trafficguard.ai/api/v3/client-side/validate/event

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.121.20 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

20.121.120.34.bc.googleusercontent.com

Software

Resource Hash

18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Sep 2021 12:11:03 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
etag: W/"3d-+VrgqwIBqu+GaYyaxm1oD9TgRqA"
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sofi.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 61
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 29ms
29ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=299722910906023&ev=Microdata&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103063941&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SoFi%20App%20Download%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 28ms
27ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177860490133838&ev=Microdata&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103064046&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SoFi%20App%20Download%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:04 GMT

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 179ms
179ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1631103064082
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 12:11:04 GMT
content-length: 2
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 28ms
28ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3030946783633619&ev=Microdata&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&rl=&if=false&ts=1631103064134&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SoFi%20App%20Download%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631103061160.889447107&it=1631103060385&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.sofi.com
URL: https://www.sofi.com/app-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de Marseille, France, ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 08 Sep 2021 12:11:04 GMT

GET
H2 200 _r Show response
app.link/ 90 B
562 B 418ms
169ms Script
text/javascript 2600:9000:218f:4800:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_dhquKJwnbvSjI23qTDPX6icmqri4sNI7&callback=branch_callback__1

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:4800:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

0dfefb2106df7cea38b633281d25a1716b37c25df6d3c361cb14c2c348591547

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:11:05 GMT
via: 1.1 72b94a25bcecdbda64f33818ad380f7e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: CDG52-P2
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-fOcHQNLCEY+Bt9VzNlRh6Joqvrs"
x-amz-cf-id: kBo-R_NlZrV6l-JSJoLuHUnRI4Fv2vrlrgMy1VIMCTbftDVPxAZr3w==

POST
H2 200 open Show response
api2.branch.io/v1/ 266 B
579 B 291ms
179ms XHR
application/json 2600:9000:218c:1600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 37a602de7fc8ce49570c4447ff0c34efb3c7512fcf8a259abe71ff5713b96f44

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Sep 2021 12:11:06 GMT
via: 1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 5d7221532fb3436a8c61d7b56d5129a4-2021090812
content-length: 266
x-amz-cf-id: cS9u8geedOG92LhygiCjnx4GtKt8fJD07qAcUIm1DsFuVyDUbRwwEA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
388 B 189ms
189ms XHR
application/json 2600:9000:218c:1600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Sep 2021 12:11:06 GMT
via: 1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: edd8b78384964bbc9d58457973d48ae5-2021090812
content-length: 28
x-amz-cf-id: 0ylcn7CsdxvOcJ01m5o1Mc6GoIPri-KfI8GIxXSWIYgW2cNctxlfww==

POST
H2 200 custom Show response
api2.branch.io/v2/event/ 2 B
317 B 173ms
173ms XHR
application/json 2600:9000:218c:1600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v2/event/custom
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Sep 2021 12:11:06 GMT
x-branch-event-extra: {}
x-amz-cf-pop: CDG50-P1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-branch-request-id: fbac95f561004bba8e39995a0f6112ff-2021090812
content-length: 2
via: 1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-cf-id: 3QrlWX_VCh6fGVByhnkY6Lz8DrkQSYgf2ZW4g5H8A3KNRcsvbHM5qQ==

GET
H/1.1 200
OK rb
rbx.sofi.com/v2/ 44 B
332 B 275ms
92ms Image
image/gif 159.203.152.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbx.sofi.com/v2/rb?url=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&action=identify&source=sofi&rb_source=sofi&branch_id=964123016355360905&branch_browser_id=OTY0MTIzMDE1MTIyMzI2NzUw&script_version=wxyz.rb.js&sessionId=bce6da4d-9630-444f-b326-3eba8caf8e64&uid=rbos-24a06f77-88b1-47be-bb6d-fce20f680352
Requested by: Host: www.sofi.com
URL: https://www.sofi.com/app-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.45 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 12:11:06 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H2 200 rum Show response
www.sofi.com/cdn-cgi/ 0
194 B 32ms
31ms XHR
text/plain 104.18.15.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sofi.com/cdn-cgi/rum?

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.sofi.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: SOFI_WEB_USER_ID=Cv5+xWE4qFIoWgAYTgDgAg==; __cf_bm=wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=; __cfruid=e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058; optimizelyEndUserId=oeu1631103059649r0.5235099047622389; _dd_s=rum=1&id=16af557b-3796-403a-a2ea-26082f3ffb7d&created=1631103059692&expire=1631103959692; _gcl_au=1.1.1157100793.1631103060; mjs-sid=1631103060150; _uetsid=d488ea90109d11eca5fc25c4a1eecfce; _uetvid=d4890df0109d11eca8d597614e330cfb; _rdt_uuid=1631103060343.2c1b955e-53c5-42fd-b604-0e5c2c666a81; tg=d41d8cd98f00b204e9800998ecf8427e; _tgpc=ad3f9455-8d9e-56ef-b5e9-e788509b3fd8; _tgci=80be0cb5-538f-55c8-afb7-38ecaa4087cc; _tgrsid=03531870-3465-56ba-8ad6-22360282751a; _tglksd=eyJzIjoiMDM1MzE4NzAtMzQ2NS01NmJhLThhZDYtMjIzNjAyODI3NTFhIiwic3QiOjE2MzExMDMwNjA0NDd9; _tguatd=eyJ0Z3NvdXJjZSI6IihkaXJlY3QpIn0=; _ga=GA1.2.1585788945.1631103061; _gid=GA1.2.1999999240.1631103061; _dc_gtm_UA-56752751-10=1; _pin_unauth=dWlkPU56VXdaVGcxTm1FdE5HSXlZaTAwWkdSbUxUaGhOR010T1dRM1pUY3pZVGsyTUdSaQ; _tq_id.TV-8181361845-1.a4f0=199023ae2d7d778f.1631103061.0.1631103061..; ab.storage.sessionId.55c370dd-bb3f-475c-8a54-50403ffea8cc=%7B%22g%22%3A%22156522d4-bc3e-cc98-7da4-a7a92a3a55d7%22%2C%22e%22%3A1631104860940%2C%22c%22%3A1631103060941%2C%22l%22%3A1631103060941%7D; ab.storage.deviceId.55c370dd-bb3f-475c-8a54-50403ffea8cc=%7B%22g%22%3A%22150cfe85-bba3-6109-1943-6b6fa26bc401%22%2C%22c%22%3A1631103060944%2C%22l%22%3A1631103060944%7D; SOFI=0bP54lg72NlC7AVUbCkNTQ3N40ipXV6v6/6iJKGZPt4bKQK/ZbDuSVG5NBREU28OKD2FzZKz0UE2LsOoFl6cykBfHooxlDcdoYo3mU254EJdrtkSdxsK6lwAr2A7ZhZCEuTIWfKdT9eYQH7G3ijGSzIxUfXbtsR6uvV8iPANGNUcJu3PWgmqn6mWxKGOvBGS2u6aIekoQrRVsobQAYdV-UA_UUID%3Da47cd1fe-9c9d-4084-b057-12d2106bd740%26__TIMEIZ%3D1631103060894%26UUID%3D71816d82-fd64-42c4-8428-0b684698c178; SOFI_REFERRER=%7B%22domain%22%3A%22www.sofi.com%22%2C%22path%22%3A%22%22%2C%22query%22%3A%22%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36%22%2C%22processed%22%3A%22false%22%7D; rbuid=rbos-24a06f77-88b1-47be-bb6d-fce20f680352; _fbp=fb.1.1631103061160.889447107; _tgtim=03531870-3465-56ba-8ad6-22360282751a:1631103063556:0; _tgsc=03531870-3465-56ba-8ad6-22360282751a:-1
content-length: 34660
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.sofi.com
referer: https://www.sofi.com/app-download.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.sofi.com/app-download.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Wed, 08 Sep 2021 12:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 68b813d9ab0e087b-CDG
vary: Origin

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
143 B 29ms
29ms XHR
text/plain 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1145119451&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=25%25&el=%2Fapp-download.html&_u=aGDAAEABAAAAAG~&jid=1141246573&gjid=82175307&cid=1585788945.1631103061&tid=UA-56752751-1&_gid=1999999240.1631103061&_r=1&gtm=2wg910WLSZML&z=1784502942

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 31ms
30ms XHR
text/plain 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1145119451&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fapp-download.html&el=25%25&_u=aGDAAEABAAAAAG~&jid=1816185613&gjid=717967929&cid=1585788945.1631103061&tid=UA-56752751-10&_gid=1999999240.1631103061&_r=1&gtm=2wg910WLSZML&cd3=2021-09-08T12%3A11%3A07.147%2B00%3A00&cd9=WEB&cd1=1585788945.1631103061&z=2046706176

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 324ms
22ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-56752751-10&cid=1585788945.1631103061&jid=1816185613&gjid=717967929&_gid=1999999240.1631103061&_u=aGDAAEABAAAAAG~&z=1947132789

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Sep 2021 12:11:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 25ms
24ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1145119451&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=50%25&el=%2Fapp-download.html&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=1585788945.1631103061&tid=UA-56752751-1&_gid=1999999240.1631103061&gtm=2wg910WLSZML&z=1979906824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 18:39:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63126
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 25ms
25ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1145119451&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sofi.com%2Fapp-download.html&ul=en-us&de=UTF-8&dt=SoFi%20App%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fapp-download.html&el=50%25&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=1585788945.1631103061&tid=UA-56752751-10&_gid=1999999240.1631103061&gtm=2wg910WLSZML&cd3=2021-09-08T12%3A11%3A07.175%2B00%3A00&cd9=WEB&cd1=1585788945.1631103061&z=1094871059

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 18:39:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63126
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 195ms
23ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-56752751-1&cid=1585788945.1631103061&jid=1141246573&gjid=82175307&_gid=1999999240.1631103061&_u=aGDAAEABAAAAAG~&z=815047649

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Sep 2021 12:11:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 191ms
23ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Sep 2021 12:11:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.sofi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4007:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=1585788945.1631103061&jid=1816185613&_u=aGDAAEABAAAAAG~&z=527539379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 329ms
28ms Image
image/gif 2a00:1450:4025:401::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=1585788945.1631103061&jid=1816185613&_u=aGDAAEABAAAAAG~&z=527539379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::5e Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4007:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=1585788945.1631103061&jid=1816185613&_u=aGDAAEABAAAAAG~&z=854444491

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 329ms
28ms Image
image/gif 2a00:1450:4025:401::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-10&cid=1585788945.1631103061&jid=1816185613&_u=aGDAAEABAAAAAG~&z=854444491

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::5e Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
34ms Image
image/gif 2a00:1450:4007:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-1&cid=1585788945.1631103061&jid=1141246573&_u=aGDAAEABAAAAAG~&z=1512605148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 329ms
29ms Image
image/gif 2a00:1450:4025:401::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-56752751-1&cid=1585788945.1631103061&jid=1141246573&_u=aGDAAEABAAAAAG~&z=1512605148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::5e Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sofi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 12:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub346aa021e965843c43f563f0bf19854f
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 148ms
148ms Ping
application/json 2600:1f18:24e6:b901:343e:fcbb:d36e:974c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub346aa021e965843c43f563f0bf19854f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aproduction%2Cservice%3Awordpress&batch_time=1631103067528
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:343e:fcbb:d36e:974c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sofi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 12:11:07 GMT
content-length: 2
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d32ijn7u0aqfv4.cloudfront.net
URL: https://d32ijn7u0aqfv4.cloudfront.net/wp/wp-content/uploads/raw/Growth-Web-QR-Code_QR-code.jpeg

Domain: analytics.sofi.com
URL: https://analytics.sofi.com/mp/web/v1/identify

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.placed.com/api/v2/sync	1970-01-20 14:36:15	Name: Subject-Id Value: amazon-25e55f4c-7cf3-40a2-a1cf-0f9d5bc1e732
www.sofi.com/	1970-01-25 20:05:16	Name: SOFI_WEB_USER_ID Value: Cv5+xWE4qFIoWgAYTgDgAg==
.sofi.com/	1970-01-19 21:05:04	Name: __cf_bm Value: wQM_bkP3obvbMMF._UFjiTScv28bIpP6ymD37EnotRA-1631103058-0-AeFoUBLR0YgRXQbWCI3xpCn4ijUYRx6TgZ/OWuD3znEKbtZ4TZKasqCOQXQIMXO2GHR8NWEVTjFcHPNOEGnWKLc=
.sofi.com/	1969-12-31 23:59:59	Name: __cfruid Value: e65d4495fa62c94c3eebf8da20d5775f14db870c-1631103058
.sofi.com/	1970-01-20 01:24:15	Name: optimizelyEndUserId Value: oeu1631103059649r0.5235099047622389
www.sofi.com/	1970-01-19 21:05:03	Name: _dd_s Value: rum=1&id=16af557b-3796-403a-a2ea-26082f3ffb7d&created=1631103059692&expire=1631103959692
.sofi.com/	1970-01-19 23:14:39	Name: _gcl_au Value: 1.1.1157100793.1631103060
www.sofi.com/	1970-01-19 21:05:04	Name: mjs-sid Value: 1631103060150
.bing.com/	1970-01-20 06:26:39	Name: MUID Value: 085337F968636946121C275569B168B8
.sofi.com/	1970-01-19 21:06:29	Name: _uetsid Value: d488ea90109d11eca5fc25c4a1eecfce
.sofi.com/	1970-01-20 06:26:39	Name: _uetvid Value: d4890df0109d11eca8d597614e330cfb
.sofi.com/	1970-01-19 23:14:39	Name: _rdt_uuid Value: 1631103060343.2c1b955e-53c5-42fd-b604-0e5c2c666a81
.doubleclick.net/	1970-01-20 06:26:39	Name: IDE Value: AHWqTUn7Z1vIVnXCLVyQUET_atq-r8TGGxURa9y9BI7vGOcJsrs0FPrsk11YaDUqbp8
.sofi.com/	1970-01-19 21:05:04	Name: tg Value: d41d8cd98f00b204e9800998ecf8427e
.sofi.com/	1970-01-20 05:50:39	Name: _tgpc Value: ad3f9455-8d9e-56ef-b5e9-e788509b3fd8
.sofi.com/	1970-01-20 05:50:39	Name: _tgci Value: 80be0cb5-538f-55c8-afb7-38ecaa4087cc
.sofi.com/	1970-01-19 21:05:04	Name: _tgrsid Value: 03531870-3465-56ba-8ad6-22360282751a
.sofi.com/	1970-01-20 05:50:39	Name: _tglksd Value: eyJzIjoiMDM1MzE4NzAtMzQ2NS01NmJhLThhZDYtMjIzNjAyODI3NTFhIiwic3QiOjE2MzExMDMwNjA0NDd9
.sofi.com/	1970-01-19 21:05:04	Name: _tguatd Value: eyJ0Z3NvdXJjZSI6IihkaXJlY3QpIn0=
.sofi.com/	1970-01-20 14:36:15	Name: _ga Value: GA1.2.1585788945.1631103061
.sofi.com/	1970-01-19 21:06:29	Name: _gid Value: GA1.2.1999999240.1631103061
.sofi.com/	1970-01-19 21:05:03	Name: _dc_gtm_UA-56752751-10 Value: 1
.sofi.com/	1970-01-20 05:50:39	Name: _pin_unauth Value: dWlkPU56VXdaVGcxTm1FdE5HSXlZaTAwWkdSbUxUaGhOR010T1dRM1pUY3pZVGsyTUdSaQ
contentdsp.com/	1970-01-20 05:50:39	Name: sa-user-id Value: s%3A0-eba1af4c-a9ce-44a2-4032-00461654f487.aoV7SHmJfRH%2BANuK5k0EGlB6dj9z4Fv0mOX%2BC8a0qUE
.trafficguard.ai/	1970-01-20 05:50:39	Name: geid Value: 05010037-8030-407f-8c00-1afb6138a854
www.sofi.com/	1970-01-20 14:36:15	Name: _tq_id.TV-8181361845-1.a4f0 Value: 199023ae2d7d778f.1631103061.0.1631103061..
.sofi.com/	1970-01-20 05:51:00	Name: ab.storage.sessionId.55c370dd-bb3f-475c-8a54-50403ffea8cc Value: %7B%22g%22%3A%22156522d4-bc3e-cc98-7da4-a7a92a3a55d7%22%2C%22e%22%3A1631104860940%2C%22c%22%3A1631103060941%2C%22l%22%3A1631103060941%7D
.sofi.com/	1970-01-20 05:51:00	Name: ab.storage.deviceId.55c370dd-bb3f-475c-8a54-50403ffea8cc Value: %7B%22g%22%3A%22150cfe85-bba3-6109-1943-6b6fa26bc401%22%2C%22c%22%3A1631103060944%2C%22l%22%3A1631103060944%7D
.amazon-adsystem.com/	1970-01-20 02:00:15	Name: ad-id Value: A0qbV6bMh0GSuYh6a9lTfBw
.amazon-adsystem.com/	1970-01-21 17:27:36	Name: ad-privacy Value: 0
www.sofi.com/	1970-01-21 16:53:03	Name: SOFI Value: 0bP54lg72NlC7AVUbCkNTQ3N40ipXV6v6/6iJKGZPt4bKQK/ZbDuSVG5NBREU28OKD2FzZKz0UE2LsOoFl6cykBfHooxlDcdoYo3mU254EJdrtkSdxsK6lwAr2A7ZhZCEuTIWfKdT9eYQH7G3ijGSzIxUfXbtsR6uvV8iPANGNUcJu3PWgmqn6mWxKGOvBGS2u6aIekoQrRVsobQAYdV-UA_UUID%3Da47cd1fe-9c9d-4084-b057-12d2106bd740%26__TIMEIZ%3D1631103060894%26UUID%3D71816d82-fd64-42c4-8428-0b684698c178
www.sofi.com/	1970-01-19 21:06:29	Name: SOFI_REFERRER Value: %7B%22domain%22%3A%22www.sofi.com%22%2C%22path%22%3A%22%22%2C%22query%22%3A%22%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36%22%2C%22processed%22%3A%22false%22%7D
.getrockerbox.com/	1970-01-19 21:48:15	Name: uuid Value: rbos-24a06f77-88b1-47be-bb6d-fce20f680352
.sofi.com/	1970-01-19 21:48:15	Name: rbuid Value: rbos-24a06f77-88b1-47be-bb6d-fce20f680352
.sofi.com/	1970-01-19 23:14:39	Name: _fbp Value: fb.1.1631103061160.889447107
.agkn.com/	1970-01-20 05:50:39	Name: ab Value: 0001%3AcyYp1Kpb0ZGC6Vjr3dG%2BJoDlSqIx5XGS
.bidswitch.net/	1970-01-20 05:50:39	Name: tuuid Value: 6475ac06-2a4d-48b3-bace-c75da990119b
.bidswitch.net/	1970-01-20 05:50:39	Name: c Value: 1631103061
.bidswitch.net/	1970-01-20 05:50:39	Name: tuuid_lu Value: 1631103061
.advertising.com/	1970-01-20 05:52:05	Name: APID Value: UPd5099ed8-109d-11ec-a008-06c38a68672a
.myvisualiq.net/	1970-01-20 14:36:15	Name: tuuid Value: 0fad49e0-2b96-4fae-a556-4d952b470930
.myvisualiq.net/	1970-01-20 14:36:15	Name: c Value: 1631103061
.myvisualiq.net/	1970-01-20 14:36:15	Name: tuuid_lu Value: 1631103061
.zeotap.com/	1970-01-20 05:50:39	Name: zc Value: 2b575b5d-4729-41f9-63c0-64c862ecbbad
.zeotap.com/	1970-01-19 21:06:29	Name: zsc Value: %C3%00%A7%92%0C%0C0%97%0F_D%2BD%8F%F2%FD%3F%B3%DA%82G%27%EAZe%D6%F0.2%BB%0Cs%03%16%08%88yq%8D%CA%9A%A1X%E3%5D%21M%C9%BF%A6Xq%E1%26t%29%ACw%18%E4E%18%ECz%C9%CF%EC%F1%81B%1C%F7%D9%F8DU%DB%CD%D5%15i%BC%0B%1Fv%2C
ads.stickyadstv.com/	1970-01-19 21:48:15	Name: UID Value: 708125e73b6e31242d8fb92e41f71061
ads.stickyadstv.com/	1970-01-19 21:25:12	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 58d8f89a51b7c4229f29fb6a954bfa4e
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPd5099ed8-109d-11ec-a008-06c38a68672a
.yahoo.com/	1970-01-19 21:06:29	Name: APIDTS Value: 1631103061
tags.srv.stackadapt.com/	1970-01-20 05:50:39	Name: sa-user-id Value: s%3A0-66ca10c2-2421-45bc-7495-4d037b0f8d4c.lyrRdOFKSBcZN1UWpxvLASnP7Ftn%2Fm%2FMDqgMDbkAfQI
.srv.stackadapt.com/	1970-01-20 05:50:39	Name: sa-user-id-v2 Value: s%3A0-66ca10c2-2421-45bc-7495-4d037b0f8d4c%24ip%24185.232.23.184.M3mGVCKtRh03mvKId9NuMGPzej738Bp4qzi13k4NpJY
.adsrvr.org/	1970-01-20 05:50:39	Name: TDID Value: 3ad148e2-82a9-402c-8693-66a94651a300
.bluekai.com/	1970-01-20 01:24:15	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 01:24:15	Name: bkpa Value: KJpEnXTLu5DlBg1y1q9FuAlJnnnBvYAovaRN5kxNzQmiRglWl1u3dep5hJEi0rvuNa028whzGcC3z3bh3gaqSGV3LD+uEZk35Z/ZH1RL1yDGosoAWrdAcHXSbrAY9YRac6D=
.bluekai.com/	1970-01-20 01:24:15	Name: bku Value: b/X99aVGmscEkI6T
.adsrvr.org/	1970-01-20 05:50:39	Name: TDCPM Value: CAEYBSABKAIyCwiE5fLGjrP5ORAFOAE.
.1rx.io/	1970-01-20 05:50:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 05:50:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-359ecb2e-3ae6-4101-9a8b-b4855f878940-003%22%7D
.demdex.net/	1970-01-20 01:24:15	Name: demdex Value: 29215417617883007251006277751597495068
.mookie1.com/	1970-01-20 06:33:51	Name: id Value: 10810116850495614285
.mookie1.com/	1970-01-20 06:33:51	Name: mdata Value: 1\|10810116850495614285\|1631103061533
.mookie1.com/	1970-01-20 06:33:51	Name: ov Value: 4493e2543028621c75bcbec810a0bb7c
.dpm.demdex.net/	1970-01-20 01:24:15	Name: dpm Value: 29215417617883007251006277751597495068
.adform.net/	1970-01-19 21:48:15	Name: C Value: 1
.spotxchange.com/	1970-01-20 05:50:43	Name: audience Value: d546bbcd-109d-11ec-ab9e-186cd56e0306
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1631088661_1
.serving-sys.com/	1970-01-19 23:14:24	Name: u2 Value: 9a4559df-3b17-4acf-ab0a-32da6e6537804C+060
.adform.net/	1970-01-19 22:31:27	Name: uid Value: 3579160021180489284
ads.samba.tv/	1970-01-20 06:33:51	Name: sambapxid Value: e1e8e028ca2fb159
.scorecardresearch.com/	1970-01-20 14:21:51	Name: UID Value: 1HWYDG0YIXPBTA0SDAIY7Ug1631103062
.openx.net/	1970-01-20 05:50:39	Name: i Value: b2843a8d-d285-4812-85dc-d645fdb194da\|1631103061
.adnxs.com/	1970-01-19 23:14:39	Name: uuid2 Value: 5697522992566525399
.casalemedia.com/	1970-01-20 05:50:39	Name: CMID Value: YTioVQG5kKd2PbInQCXbmwAA
.casalemedia.com/	1970-01-19 23:14:39	Name: CMPS Value: 5206
.semasio.net/	1970-01-20 05:50:39	Name: SEUNCY Value: 4595D9AE5F843FA0
.analytics.yahoo.com/	1970-01-20 05:52:05	Name: IDSYNC Value: "17ki~20ac:18zd~20ac"
.casalemedia.com/	1970-01-19 23:14:39	Name: CMPRO Value: 1163
.casalemedia.com/	1970-01-19 21:06:29	Name: CMST Value: YTioVWE4qFUA
.ispot.tv/	1970-01-20 14:36:15	Name: pt Value: v2:dd9d6d51c61cca1b9320b8e865699cb97115e611faab01691366fd5372972299\|146d3a8030cf5d9558f2c71a6ce96c0a18693c5f9f06028cb31ae3612522979f
.tapad.com/	1970-01-19 22:31:27	Name: TapAd_TS Value: 1631103061939
.tapad.com/	1970-01-19 22:31:27	Name: TapAd_DID Value: bb5d38d9-7e13-4cb2-b9ca-799f25947b06
.pubmatic.com/	1970-01-19 21:06:29	Name: KTPCACOOKIE Value: YES
.tapad.com/	1970-01-19 22:31:27	Name: TapAd_3WAY_SYNCS Value:
.taboola.com/	1970-01-20 05:50:39	Name: t_gid Value: 4907cc11-df8b-4260-a86c-95eb7f47b3c8-tuct8322dd5
.pubmatic.com/	1970-01-19 23:14:39	Name: KADUSERCOOKIE Value: E5864962-7002-4391-ACDC-9A2D5EEF59C0
.krxd.net/	1970-01-20 01:24:15	Name: _kuid_ Value: OWYDYgmU
.yahoo.com/	1970-01-20 05:51:00	Name: A3 Value: d=AQABBFWoOGECEHnQ8Dw18PfWqvggbAceDUMFEgEBAQH5OWFCYQAAAAAA_SMAAA&S=AQAAAsiS9HX2SrVYRpHpZCJlz-U
.ninthdecimal.com/	1970-01-20 01:24:15	Name: ndat Value: LU+Ry2E4qFZ/0C44PGNQAg==
.facebook.com/	1970-01-19 23:14:39	Name: fr Value: 0wkKquSqHjto0HdiL..BhOKhV..GE4.1.0.BhOKhV.
.sofi.com/	1969-12-31 23:59:59	Name: _tgtim Value: 03531870-3465-56ba-8ad6-22360282751a:1631103063556:0
.sofi.com/	1970-01-19 21:05:04	Name: _tgsc Value: 03531870-3465-56ba-8ad6-22360282751a:-1
.app.link/	1970-01-20 05:50:39	Name: _s Value: Uvdgjcu38BhwNzdlnId9T5%2BmVlEoUp4Urpd5hZF3NXwyr4DUwetBcAj6pF7OHLFF
.sofi.com/	1970-01-19 21:05:03	Name: _gat_UA-56752751-1 Value: 1
.sofi.com/	1970-01-19 21:05:03	Name: _gat_UA-56752751-10 Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://di.rlcdn.com/710883.html Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
javascript	error	URL: https://www.sofi.com/app-download.html Message: Access to XMLHttpRequest at 'https://analytics.sofi.com/mp/web/v1/identify' from origin 'https://www.sofi.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://analytics.sofi.com/mp/web/v1/identify Message: Failed to load resource: net::ERR_FAILED
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6375438.fls.doubleclick.net
a.quora.com
a10819474327.cdn.optimizely.com
aa.agkn.com
ablink.r.sofi.com
acdn.adnxs.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.sofi.com
api.trafficguard.ai
api2.branch.io
app.link
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.branch.io
cdn.c212.net
cdn.optimizely.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
collector-11685.tvsquared.com
connect.facebook.net
contentdsp.com
ct.pinterest.com
cx.atdmt.com
d32ijn7u0aqfv4.cloudfront.net
di.rlcdn.com
dpm.demdex.net
getrockerbox.com
ib.adnxs.com
image6.pubmatic.com
jssdkcdns.mparticle.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
logx.optimizely.com
match.adsrvr.org
odr.mookie1.com
pi.ispot.tv
pixel.advertising.com
pixel.placed.com
pixel.tapad.com
px.surveywall-api.survata.com
q.quora.com
rbx.sofi.com
rum-http-intake.logs.datadoghq.com
s.amazon-adsystem.com
s.pinimg.com
s.yimg.com
sb.scorecardresearch.com
sdk.iad-03.braze.com
sp.analytics.yahoo.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.myvisualiq.net
tags.bluekai.com
tags.srv.stackadapt.com
tgtag.io
tlxgvxfc.micpn.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
usersync.samplicio.us
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imdb.com
www.redditstatic.com
www.sofi.com
x.bidswitch.net
analytics.sofi.com
d32ijn7u0aqfv4.cloudfront.net
px.surveywall-api.survata.com
104.18.15.42
104.21.83.150
107.20.192.231
13.225.25.113
13.225.38.117
141.226.228.48
151.101.1.140
151.101.129.140
151.101.129.2
151.101.129.208
151.101.193.108
151.101.194.132
159.203.152.45
18.156.0.31
18.158.92.16
18.159.118.206
18.194.158.62
18.206.102.118
18.219.93.205
185.33.221.89
185.64.189.115
185.94.180.125
2.20.88.229
212.82.100.181
212.82.100.182
213.19.147.45
216.58.198.194
216.58.201.230
23.40.112.231
23.40.113.157
23.72.2.243
2600:1f18:24e6:b901:343e:fcbb:d36e:974c
2600:1f18:612b:4200:43f8:c79a:f116:17d6
2600:9000:2171:b000:16:cfb1:a0c0:93a1
2600:9000:218c:1600:11:f728:3040:93a1
2600:9000:218f:4800:19:9934:6a80:93a1
2606:4700:10::6816:1957
2606:4700:3037::6815:4e07
2606:4700::6810:5f41
2620:1ec:c11::200
2a00:1288:88:800::4001
2a00:1450:4007:807::2004
2a00:1450:4007:80d::2008
2a00:1450:4007:811::2002
2a00:1450:4007:815::200e
2a00:1450:400c:c09::9c
2a00:1450:4025:401::5e
2a02:26f0:1b00:18e::13b8
2a03:2880:f01f:6:face:b00c:0:3
2a03:2880:f042:f:face:b00c:0:8c
2a03:2880:f142:82:face:b00c:0:25de
2a04:4e42:1d::84
2a04:4e42::645
3.208.250.137
3.225.115.141
34.120.121.20
34.120.230.83
34.206.174.109
34.232.184.65
34.98.67.61
35.227.248.159
35.244.159.8
35.244.174.68
37.157.6.241
45.79.145.203
52.222.158.3
52.222.165.170
52.222.174.22
52.222.196.116
52.28.248.40
52.46.154.242
52.49.107.116
52.51.228.134
52.52.150.75
52.57.222.152
52.84.174.83
52.86.239.241
54.165.186.74
54.78.254.47
69.173.144.138
76.223.111.131
77.243.60.138
92.122.149.105
019d6c917442f8081762fc259dc8f4f352ea782c7d420dc533c30076ec6789f8
036b7d77ac0392e2cffaf260738a332263662817c9178eb9f8a10441c5f75172
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0a97584f8fc590eedc46aa12a890bf40f4ace7d4e1cbdc9042d2fb1db747b76a
0dfefb2106df7cea38b633281d25a1716b37c25df6d3c361cb14c2c348591547
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae
15d45fecc69fc7bb124a89ac1a7baed0ced324dd70fcaaa8c827a8ede2bac133
18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc
1d6ea7d89ab35723423129c2ea72b7d3e743aac868992950db5f231e0cbed451
211640e3c6af9798776ac0d22cfa7465ae29422e84a243aa1f62b907785102a4
28beb050e14f9ad88c22bab7ae5964e1319fbc6fa690a64b8177cb6a5d8af844
2d01731504733769dd4193c64072561f6bcc9bd16a0482203a8cb4290a24206a
2e42fb43b9cc17b68b16ad7bb7d6bc27885cc0b59dfdab426a25cbed4f07b7fc
2e9c3750a2eae2cb301c12b6c6a0568307052d278f012c3cb0cfaac140890e89
3006c9fd6d5b0c3339a8a7b2daee6a42c1cd00898ed9529f95dd7b673aa6d011
32f6eee04beb4eb61bfcdbd47e4317b61d4c8f97291ef95d4353c2c7a28c1ac6
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
37a602de7fc8ce49570c4447ff0c34efb3c7512fcf8a259abe71ff5713b96f44
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c
3ab2a342c7d07c83514822dcf164546b7228b874b50f4e5b2722fbe42058da9f
3b562c569c0e6df3c32faa9fde2836a4713eb6b746de6e800c5efb930fed934e
3e4182a088f403b87467c06d297813dbb3e7693c2540788af364cba6ba19246b
41ce98b6a5242e847585b14cb284048a261b34a13405fa99901c7a88a1b9438a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4762e026911b2ede445fd0355c5880b8c8a644223615d72b81c329fe78cc3441
4ca96fce30a4c081ee7216b8305dfdbde550daf1a2dde8ebe5931675bc3b80a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5fa0f07620dd513fee4c7b6c6eb238a0adf3ef54a07382cc9686484441a14d76
648ee60728169cb970f83890be6b4db404afdb11a87af309bd5eedb048f02b7d
64f707b22d1f8339a6506450fbb8c745633b98478703368b46823f86d53dcc33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
73acf9dbdd2a86dfbb64cebff7b5f0fe6182c3e3f5e84b5e857580d5685f475f
757486aacc667f9866ded46708f5110edc0fb4b347b45d32463c5fb3ed458d03
7729366859a0eb62e8572de611e8168362cf45ed39e6b5d6c73cc72e2134db15
79ed9252d591965b753cc675a961a0f2f401c1167cdd3a9efd63a0ec2c8deff6
7c8d353e883e65df6163f278b0bfaf6fa159894b68670ad668f34b02a8e6f451
7f91ce153fa2b6cadea9b2bb9755dee3e2c039f031cda26d42e72d444df031ef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f9d9c6cce1d45f754689133301c994bda1116a56fdf0eb8a54e6cd160a3bd9f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4094fde029cf666bfd029252bc379a2c39344c12018f6d460a77a42959b4223
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a6292e56b84d52df8bf30d8066cb00c02955c80f2f8b0232ef45bdf9fd5cdc1e
a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
af2966c91e845002ab923ea607a7d02f8aeb87698b9f1099a627a72835add06d
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5
b6820c0bd7e84991223198fb475a2c5163b3f16e490eccfed580435e90380904
b6eab182de87f1e545562a1e5629ae7471e08bfa4eb45e5ee1115e39073d65fb
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bd746d12bcd3161bf23d7acbcbb49aeea5f283cad8611ae4e04e30e5e6e7b1c7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
cd26f8e52d236e0c762ab5de965b5131e51561ccbd279b19ba5bad0cf229a19a
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
db4fa78826fe4188ac570d30b1489bba9da09aaeed88978c533ddb3758a18c36
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa9777e444bbb2af649b0886f306b653ba0706702b628d1c7ee884b02a5c552
e1e2572bef576ab873d3c8446a0500dfc36719cdb0ca4f11cc79b9e71450e5b2
e264b4b1c2b568b974eb4ee23328522d1a4fa24247736bc6b138f7fbdb3faef4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ec140efc696d53bf7f060a2691af9e045d3c48fb7c5c90debafbfb0dc7ae47f0
ec4be84528c51c7c0a7fe71c7bc019978880b73e1b524a1f87376e997ea6ee33
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef461c7c1d3972fcb7338c3c42215fd18ae5bf13736b2de69232a93ad25da76d
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f3b150c26e10920013bb7c75dd987ee91b4113bd631b0468cbff8c6f8bf4ea62
f5104b1a5bd92dd06a62a537a136104a71f98978b37c594bf6c91f9968849a13
f6d43f6ac00fd702949001f3a369f34965fb4f68e648516e0e239ccd9169f90e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.sofi.com Open in urlscan Pro 104.18.15.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

164 Requests

98 %HTTPS

27 %IPv6

71 Domains

86 Subdomains

53 IPs

9 Countries

2783 kBTransfer

6084 kBSize

95 Cookies

0 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.sofi.com Open in urlscan Pro
104.18.15.42 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

98 %
HTTPS

27 %
IPv6

71
Domains

86
Subdomains

53
IPs

9
Countries

2783 kB
Transfer

6084 kB
Size

95
Cookies

164 HTTP transactions
0 data transactions