sofie.pages.dev Open in urlscan Pro
172.66.44.91 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sofie.pages.dev/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On September 24 via api (September 24th 2024, 12:19:36 am UTC) from IT — Scanned from IT

Summary HTTP 69 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 69 HTTP transactions. The main IP is 172.66.44.91, located in United States and belongs to CLOUDFLARENET, US. The main domain is sofie.pages.dev.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.

This is the only time sofie.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SoFi (Financial)

Domain & IP information

	IP Address	AS Autonomous System
6 46	172.66.44.91 172.66.44.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.88.250.71 52.88.250.71	16509 (AMAZON-02) (AMAZON-02)
19	91.235.132.67 91.235.132.67	30286 (THM) (THM)
1	18.66.122.44 18.66.122.44	16509 (AMAZON-02) (AMAZON-02)
1	52.222.250.227 52.222.250.227	16509 (AMAZON-02) (AMAZON-02)
1	104.18.86.42 104.18.86.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.194.180 13.224.194.180	16509 (AMAZON-02) (AMAZON-02)
1	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	192.225.158.1 192.225.158.1	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	172.64.149.225 172.64.149.225	() ()
69	12

46 172.66.44.91 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

sofie.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.250.71 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-250-71.us-west-2.compute.amazonaws.com

fontmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 91.235.132.67 (United States)

ASN30286 (THM, US)

st10.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-44.fra60.r.cloudfront.net

js.dvnfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-227.fra60.r.cloudfront.net

d3331otr86r7j1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.86.42 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-180.fra2.r.cloudfront.net

d32ijn7u0aqfv4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.1 (United States)

ASN30286 (THM, US)

h64.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

5ugj8dr8wyxwrfgkvwqqc7pyhir6kwedgdoh6cjo263d81dc094eb129am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.225 (San Francisco, United States)

ASN- ()

fp.sofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	pages.dev 6 redirects sofie.pages.dev	1 MB
20	sofi.com st10.sofi.com — Cisco Umbrella Rank: 115908 fp.sofi.com — Cisco Umbrella Rank: 150996 Failed	80 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3255 h64.online-metrix.net — Cisco Umbrella Rank: 2471 5ugj8dr8wyxwrfgkvwqqc7pyhir6kwedgdoh6cjo263d81dc094eb129am1.e.aa.online-metrix.net	837 B
2	cloudfront.net d3331otr86r7j1.cloudfront.net d32ijn7u0aqfv4.cloudfront.net	35 KB
1	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 313	2 KB
1	dvnfo.com js.dvnfo.com — Cisco Umbrella Rank: 97474	42 KB
1	fontmetrics.net fontmetrics.net — Cisco Umbrella Rank: 328475	74 B
69	7

	Domain	Requested by
46	sofie.pages.dev	6 redirects sofie.pages.dev
19	st10.sofi.com	sofie.pages.dev st10.sofi.com
1	fp.sofi.com	js.dvnfo.com
1	5ugj8dr8wyxwrfgkvwqqc7pyhir6kwedgdoh6cjo263d81dc094eb129am1.e.aa.online-metrix.net
1	h64.online-metrix.net	st10.sofi.com
1	h.online-metrix.net	st10.sofi.com
1	d32ijn7u0aqfv4.cloudfront.net
1	cdn.cookielaw.org	sofie.pages.dev
1	d3331otr86r7j1.cloudfront.net	sofie.pages.dev
1	js.dvnfo.com	sofie.pages.dev
1	fontmetrics.net	sofie.pages.dev
69	11

This site contains links to these domains. Also see Links.

Domain
www.sofi.com
login.sofi.com
support.sofi.com
www.onetrust.com

Subject Issuer	Validity	Valid
sofie.pages.dev WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
fontmetrics.net Amazon RSA 2048 M02	`2023-11-07` - `2024-12-05`	a year	crt.sh
st10.sofi.com Go Daddy Secure Certificate Authority - G2	`2024-03-26` - `2025-04-05`	a year	crt.sh
*.dvnfo.com Amazon RSA 2048 M03	`2024-04-22` - `2025-05-21`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh
*.sofi.com Go Daddy Secure Certificate Authority - G2	`2023-11-28` - `2024-12-29`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://sofie.pages.dev/
Frame ID: A33A854705E4E798D544494F98C913A8
Requests: 23 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource
Frame ID: 612A8F64D3106CFAE6E4D82B57186420
Requests: 2 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Frame ID: 12C81F54E8B7FFAA95DB809800BCF93E
Requests: 19 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/HP
Frame ID: 85C2041CB7EB26B04E36F9C936DD3D19
Requests: 2 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp
Frame ID: CFD3C8304840243B24EC9EBF3BBDBDDE
Requests: 2 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp
Frame ID: D1F2F17EA5CA0A56C3AC07935EE3202C
Requests: 2 HTTP requests in this frame

Frame: https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp
Frame ID: 0396C314102E3B70513382E022B03C51
Requests: 2 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/check.js;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&jb=3732262e6a716f75354c696c75702662736f3544616c757026687360773d416a72676f672468736a3d416872676d65273238313a39
Frame ID: D3AFEC1E4EB029CF64806E43605A7484
Requests: 13 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/HP?session_id=6618d610-deb4-49a1-98c0-06d63acb4937&org_id=5ugj8dr8&nonce=263d81dc094eb129&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 459892E0DBA143F9AC5492FD85882536
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/ls_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129
Frame ID: CA55BEDC1820B3AC7AD97FE41A500C52
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129
Frame ID: C05E145F113C0BA8FAF671C73BD1F192
Requests: 1 HTTP requests in this frame

Frame: https://st10.sofi.com/fp/top_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129
Frame ID: 73AE83F83B5C5547977B305C4A5059E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - SoFi

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

69
Requests

99 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

12
IPs

2
Countries

1406 kB
Transfer

2133 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sofi.com/

Search URL Search Domain Scan URL

URL: https://login.sofi.com/u/login/password-reset-start/sofi-auth-db?state=hKFo2SBCLWtWVFRHMlpwZDFtQzdZUzNQbmRaWHV5dnk3aUQ5UaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGg4bG5xeHhCQldYZW5BRXRoRE1WOHJvQUxhb3FhT3Jyo2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://login.sofi.com/u/login?state=hKFo2SBCLWtWVFRHMlpwZDFtQzdZUzNQbmRaWHV5dnk3aUQ5UaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGg4bG5xeHhCQldYZW5BRXRoRE1WOHJvQUxhb3FhT3Jyo2NpZNkgNkxuc0xDc2ZGRUVMbDlTQzBDaWNPdkdlb2JvZXFab2I
Title: New to SoFi? Sign up

Search URL Search Domain Scan URL

URL: https://support.sofi.com/hc/en-us/sections/360010482151-Troubleshooting
Title: Help

Search URL Search Domain Scan URL

URL: https://www.sofi.com/terms-of-use/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.sofi.com/privacy-policies/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sofi.com/online-privacy-policy/
Title: SoFi Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource

Request Chain 20

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1).html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Request Chain 21

https://sofie.pages.dev/Login%20-%20SoFi_files/HP.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/HP

Request Chain 43

https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp

Request Chain 44

https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp

Request Chain 45

https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp.html HTTP 308
https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sofie.pages.dev/ 191 KB
40 KB 480ms
66ms Document
text/html 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

792837d5e4af3b97451ac85999c62c76ada46a4d969ab5727f07800737e59911

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c7e9a6faee459d7-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 00:19:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FVDE%2BiR%2FZe15hwnElX%2FR81xVXcstgSJNC%2F8AG1nQdWXOsg66sQaPMDw3IasT3lTL6QBwNB8184fGDVbYiGltTZ15pQSM9oZqARRs6MFznWPym%2FsKoMEYR29FPInH%2FX93do%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 speculation
sofie.pages.dev/cdn-cgi/ 128 B
454 B 37ms
37ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YE2dt7GIBewqg0ms57HgsVcTq9UP%2F0S%2Bh2T%2FvlpdjmqpK079nanVRbsDdvJ5w4p70bnq6hgSObwrWY3tWCOPRXcdde8aJ2N0FDzrSlhkseJa370RLHNdEnRiv6iChtvqiHg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7e9a704f3c59d7-MXP
access-control-allow-origin: https://sofie.pages.dev
content-length: 128
date: Tue, 24 Sep 2024 00:19:29 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 main.cdn.min.css
sofie.pages.dev/Login%20-%20SoFi_files/ 278 KB
56 KB 143ms
142ms Stylesheet
text/css 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/main.cdn.min.css

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e01ee182c3edd33151075d139238cd34bfd31434ffd3b93d6caf940a2cad19a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"76f5acfc7f4fe5754dadf133f69b2dbf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQMFUmheohdY7QPzIFr%2FnKsur72094agOQj4FEqGJ4qrHnfbHGEfvsfpVOF9NIs9og3z859piqZo0XsBlBuLbwjmoNfwum%2Fo%2BqWFnYlyp9ATuXGH2fQNBja7KtakGIaqfSs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a704f3d59d7-MXP
access-control-allow-origin: *
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 datadog-rum-v4.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 150 KB
150 KB 90ms
89ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/datadog-rum-v4.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "a1a2da28fed42a6f82f2f8b5761dd889"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V1HFJ0W4ZkMkg%2BFkGF3tn%2B7n1zjRrWXsVb9p0%2BANgwWDZFSbqzt%2BKk0UWIVfZE3XHhOVrI7t040YwkejcjqZixIMFcxDUvyolIQdvOP8Si6wz%2Byv1Fu3Ko2vZM7LAiW1qCM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a705f4759d7-MXP
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 153156
date: Tue, 24 Sep 2024 00:19:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 tags.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 94 KB
95 KB 144ms
144ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/tags.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1b04e44e13264e635725b5000b61906440495517d32db66f38f2dd7f5eb7c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4194f1d2515128b68422e33fd8a7381a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObT7SAkEAa5l%2Bijj81RvIhpKDfXrokGEr8nqnxTBvwPH7rfwYlkwJkLpzGCv3BEHo0uzqEm451JhdOlFdKjAoTqpNfUE2OEGAzmUYOnZ6uxyQilI8WiKhic%2FIBcdazoUugU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a705f4959d7-MXP
access-control-allow-origin: *
content-length: 96722
date: Tue, 24 Sep 2024 00:19:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 devicer.min.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 41 KB
41 KB 144ms
143ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/devicer.min.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "e488bbea3a9a385b6fb4069930804619"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B30vcpsP%2BtLIoNUEqAlmlrCCI3dTqzHcFn4IDeEV5aZOMHVTt3mRENftZeE3GllWyyNRAnQS35Pc7PXe9Sm7DJxwsGFR6t25eKcAI3NDqLpSCFy305XKVssm17ppGkkOsoA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a705f4a59d7-MXP
access-control-allow-origin: *
content-length: 42146
date: Tue, 24 Sep 2024 00:19:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 otSDKStub.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 21 KB
21 KB 143ms
142ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/otSDKStub.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b076e67fe912df8ce03e6807c8fdf31b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MCt%2FmX4gMhAc0vUQ1r%2BNRbA8%2BxFUlgu3p%2Bmnc%2FqpZsk1w5gBAVCqtc3jBtTDVhCQmvyqwRjI7YdY3qFl2DxK3QfxLsCtS8eUpvM1Y6izeQiNaAEY%2FMITtTw1TK2NVPH0CQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a705f4b59d7-MXP
access-control-allow-origin: *
content-length: 21216
date: Tue, 24 Sep 2024 00:19:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 otBannerSdk.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ 381 KB
382 KB 141ms
140ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/otBannerSdk.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "2dae13afed9b5a040d2f8c549a070379"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMSs4lArIaHMRt0Gqt%2Bq0EyTjIWJQnKKpaYvVyYv4WSLEoqRkBFo%2FpEDQxRmfirHQe01ZKa5bsZizvqNLVAXjrnymZ3chk0s9Y27Wu0UgKnniRYvLHLoRKLTpK7ou7AeyL4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a72f92859d7-MXP
access-control-allow-origin: *
content-length: 390260
date: Tue, 24 Sep 2024 00:19:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sofi_logo_white_416x116.png
sofie.pages.dev/Login%20-%20SoFi_files/ 10 KB
10 KB 338ms
338ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/sofi_logo_white_416x116.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "cf50457f39fa22db7423b45f7bd67e7f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hd5AH42iXds7JULAwkhvZPlVloyShjTmOPtte7Qsh45Fb5rhHQloSMY4pcHZB%2FOrZUy38k6S382G5PLffjpqwvHWOpS0IQ7rFAz6qicGJbKJ%2BSJhg5%2FlVBnnxdtR0Tbdxi8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a707f5659d7-MXP
access-control-allow-origin: *
content-length: 9807
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 7331d0a5289a23fb1966.png
sofie.pages.dev/Login%20-%20SoFi_files/ 22 KB
23 KB 339ms
338ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/7331d0a5289a23fb1966.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "1f550f47a56078534e65f09cb0e39623"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNv6YF4IotA4H%2BFhYTLvFbdgqA%2BbetswKJU6aOUD4CZRWhidh5zF7ZRrrPTVZ87QXR1OzVXVROWRydF2y6h9%2FxzJNqiFn73YCsVvpybW%2BXL5ATEUXoxJVBVSNRPZF7opKNM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a707f5959d7-MXP
access-control-allow-origin: *
content-length: 22918
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 a26e7094b0235d2942ad.png
sofie.pages.dev/Login%20-%20SoFi_files/ 25 KB
26 KB 138ms
137ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/a26e7094b0235d2942ad.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8a2d3b01d16331376d2c9f72cd8329b0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXXR8Csa6quYYJSA8crXi2yP0wvDQP9dFVjrS1B1tn8IxrfHieL4hpWr30IPZ5QYhk7D%2BS9zsbKIVGWrOHjd73iqsth4zcRgn%2Bms2%2Fxm5Wixo%2Fb8N%2F8HAun7RLsb3inDSco%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a72c90759d7-MXP
access-control-allow-origin: *
content-length: 26088
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sofi_logo_white.png
sofie.pages.dev/Login%20-%20SoFi_files/ 5 KB
6 KB 139ms
138ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/sofi_logo_white.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

531bfc51d17a7e129febf996996bfa92e3f75ce119f930f98e6297cf8c28f424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "9c94acd90ce39a7f0ae7d0c252ea1465"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56rO9l%2BQ%2BFunjiHLdeUyRJHGqXH0Ri%2BQs6T6XA%2FHbTBgmIvutQ2JTHIuwxMwxoWovcohJRGqwKXiKgFVsqvL5aahgVwmaQ4i30a3tPSKj6gvVvbDE0Admyh8mkuoCuX7qN4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a72c91259d7-MXP
access-control-allow-origin: *
content-length: 5482
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear
sofie.pages.dev/Login%20-%20SoFi_files/ 68 B
527 B 135ms
134ms Image
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3087446afe87c5da27035fd77db71f3d9911966b3cd33a452f80d731fbf8159

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8f82f00b9c2c7991a901ca7dc1041e36"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juvC6GrjYbwQabDQdhceipaqUBpOLz2U%2BfUkYB014lYDn0jAsmnbMEhzPgwYP%2BQq8bFgryUqyu%2B%2Ff9Ziq2lT2GkJKK2BFLYAxiN6Hk4PjoWo%2Fr8fxEk5wkSmbbs1EmaDHmA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a72f92659d7-MXP
access-control-allow-origin: *
content-length: 68
date: Tue, 24 Sep 2024 00:19:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Sofi_83x40@2x.png
sofie.pages.dev/Login%20-%20SoFi_files/ 3 KB
3 KB 134ms
133ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/Sofi_83x40@2x.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "d7a27abdbe1a050e46ceafbb4c233810"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgqJSbjkKXtfBDKX8Z71lq3HGCqFnQRO3Ta26MdNuT7zSdxm%2FuO8TRfzRRhQkuziHqcwNBa2xUrgn0scQ2R7Tq%2FVXt5VP6stDCKRrawMFILAa5auyLisl9983ysBhzDHMNA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a72f92a59d7-MXP
access-control-allow-origin: *
content-length: 3234
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 powered_by_logo.svg
sofie.pages.dev/Login%20-%20SoFi_files/ 5 KB
2 KB 135ms
134ms Image
image/svg+xml 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/powered_by_logo.svg

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"abfcc415dc9b4da4aa49439bb8bf3e0c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YkFdRb02hXAZQ9w933ZMpTSiWdAVncASZ%2B8754nZJKatKRch6hoOjKMEmBpmKZpjHNhT%2Bo4n%2FlTFi17mGgg5CQVFvmWpY7m1I%2BZzPMvupNqZZVh84iVCk9WxQUaiyTx9iGY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a72f92c59d7-MXP
access-control-allow-origin: *
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sofi.com.png
fontmetrics.net/ 0
74 B 992ms
452ms Image
image/png 52.88.250.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fontmetrics.net/sofi.com.png?u=https%3A//sofie.pages.dev/&r=&ra=0.9944778426488041
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.88.250.71 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-250-71.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

apigw-requestid: elXPAi03vHcESGQ=
content-length: 0
date: Tue, 24 Sep 2024 00:19:31 GMT
content-type: image/png

GET
H/1.1 200
OK tags.js Show response
st10.sofi.com/fp/ 94 KB
13 KB 294ms
57ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&page_id=1&allow_reprofile=1

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4d02d9f19dff093bc88b0072987a18dc7bcf83705f55881aa3d57ffbd69c8e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Keep-Alive: timeout=2, max=100
Date: Tue, 24 Sep 2024 00:19:30 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H2 200 devicer.min.js Show response
js.dvnfo.com/ 41 KB
42 KB 296ms
60ms Script
application/javascript 18.66.122.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.dvnfo.com/devicer.min.js
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

etag: "a9b687ac5b02886eefbb098c4495522b"
age: 84744
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 42146
x-amz-cf-id: jPS6SeNMupRu1_OHI2O9WB8JUjcaW9whPT0FjcreaY3Um2XS4PPBwQ==
date: Mon, 23 Sep 2024 00:47:07 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 10:54:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256

GET
H2

200

saved_resource Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 612A
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource.html
https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource

149 B
372 B

257ms
257ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c7e9a7399aa59d7-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 00:19:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFkhNPQDs9JGn9cHOErBxXdss153VQSOF80fNe15S4xHvPfoL2PlGMPMvqFF1ZJQjgAEOjdcmUZ6ohdCAH82wTIRpXykEQjzAo1jSgc8%2B3TRb6OmgOX%2Bqho8oZcrLTQjpPM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c7e9a73194259d7-MXP
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
location: /Login - SoFi_files/saved_resource
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P574tu398YO1MgBGAhIP63deOpL0eg1U2Mkxp7%2FcCLr1%2BWfGp%2Bzb4KhUltvfqPHryyAweYCD0IDxSpBNBky4grJ34SXPXe6P%2Fs8phbxiW%2Fa8uhInZLtyy6VF%2FBtIS7yuaPU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 TTNorms-medium.woff2
d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/ 19 KB
20 KB 605ms
101ms Font
binary/octet-stream 52.222.250.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3331otr86r7j1.cloudfront.net/sofiinc/auth/sofi-auth/assets/fonts/ttnorms/medium/TTNorms-medium.woff2
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-227.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/

Response headers

access-control-max-age: 3000
etag: "3e26a26dab9abc3132782dba39642cab"
x-amz-version-id: tWFIccWSDU2FnlQO9nqnLRHMyfTsP1qd
age: 1778
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-cache: Hit from cloudfront
x-amz-cf-id: HHE1ihPvEZw-TmQotUlV4bN84pN6fT0bGUmvoOgjw1cBDAN3TQpg1w==
date: Mon, 23 Sep 2024 23:49:53 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Thu, 19 Sep 2024 16:39:09 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=86400
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19760
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

saved_resource(1) Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1).html
https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

4 KB
1 KB

254ms
254ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ad61dc5fe4a2ddda825bfc739ca6312f351f863daa399cebded5be4befb6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c7e9a7399ac59d7-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 00:19:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tc3lw%2BZbFEiAOKEUu9XzPuzUrQe%2B2t63lAHdPQmJKAg3Mszm8y6pURGfWN%2FuWt%2F4eL%2BOqiuhLT9fssqbrVhbbGCgVnPtzT0GfHcmj62W2hhwqTQayiZo28wLPFtclBpoeq0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c7e9a73295059d7-MXP
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
location: /Login - SoFi_files/saved_resource(1)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvi%2B5PQLaES3658k%2FbdkupGa4TtugiLtdtvYvN%2FQuM5hlXmywPQreRSUBKTWNjmkgBdlKsB4O4r2ToiB57VBELDh7aqYTvMuELdOCTNvfl9ckwIe4TIFAPumM%2BpLTk8vSRo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

HP Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 85C2
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/HP.html
https://sofie.pages.dev/Login%20-%20SoFi_files/HP

0
346 B

254ms
253ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/HP

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c7e9a7399ab59d7-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 00:19:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1tODE1OZXNrQluMBb%2FXxMSviJKXHG3luCWSvnhAB7bxq%2BCLjgm%2B26eFDj7NuZCEBKT0A8Wm2fZq8G7bjB%2FUVVEUbh5XmioU07kWcIiz9sXXCBe5QYBvLzSAIC8AExUMuSA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c7e9a73295259d7-MXP
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
location: /Login - SoFi_files/HP
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibewxeY03ZHvznhkWQYs49mE1hgd2Unjudg07P2j%2FX3Oz56F%2Fz8mhpCIJWfA6X8iAMZCuPU7u5AoArqkkFFd%2BGpFNlgLwAYJUZATkLU9DeYDJCR39PPCzuppOukBpSWsHNc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 SoFi_Multi_icon_50x50_Ver5@2x.png
cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/bc742579-0b3e-4334-a7ea-e64a8d4f1d3a/c11d81c8-68c2-49c4-ae81-af347e6319e4/ 2 KB
2 KB 621ms
112ms Image
mage/png 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/75b0b94d-5898-42e0-a11e-374a4bb72ea1/bc742579-0b3e-4334-a7ea-e64a8d4f1d3a/c11d81c8-68c2-49c4-ae81-af347e6319e4/SoFi_Multi_icon_50x50_Ver5@2x.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

content-md5: l+87OFbbL6ySRiFyfS2kBg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DB767C7AAECFB0
age: 43906
cf-cache-status: HIT
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: mage/png
last-modified: Mon, 26 Jun 2023 19:35:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8314e596-101e-000c-16ae-12ae8b000000
cf-ray: 8c7e9a766bd70e8b-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1648
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 85C2 128 B
459 B 48ms
48ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/HP

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwBMBiYiVPuSvRelyZC6rhh1nRbr0I%2F8B1TooebtH%2BCf8uuxBmjLTuRx%2Bf2%2FdZDgJWxWbvPZhLSKxg4iSZzahY2rSoaQWwoZl9UUVEcPkXbTI%2FlnM96EpF3oSVc1lTDyhl0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7e9a756ac259d7-MXP
access-control-allow-origin: https://sofie.pages.dev
content-length: 128
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 612A 128 B
394 B 68ms
35ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ynvE2Jz3nk5EVkkui1ZkRVFiCeaCxkn%2FrMG40sPFcoEQoEYTwgiuRXCiCFgej3fKU8Dw80rSLnITzzmdnLw%2BRi0tOkxmOVIjv3QCO0nuuNoZkAeHoIzG4Z%2BWC8ng56A%2BOs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7e9a75baf959d7-MXP
access-control-allow-origin: https://sofie.pages.dev
content-length: 128
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 12C8 128 B
393 B 98ms
37ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5uzurc9qSbJhAy7Yhhrt3%2F6TjpVJIK965CIsjoHJUz0IfMc%2FQ1N0x0Apk3RDViQpstpvrR0gYrRdKjzP1Sn9W8WFlUgmh7KKEoAfUy4R8%2FFlhDmOp9zlzs7F2CN%2FgqpbK4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7e9a75fb2059d7-MXP
access-control-allow-origin: https://sofie.pages.dev
content-length: 128
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 clear.png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
451 B 93ms
77ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMyDfwYDkBdTJq9pjYH1n3GFopZSBqGbM%2BTqZuKZNHENXkcDu8p%2ForDPNHJInCNy3SeIemYnzjQTltOMaBkRvRT8VAheeQmV5oSMoyA%2BCFcfbFQO1P%2F%2BWZY8w7s9r0GdvP8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a75baf259d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 es.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 134 B
453 B 120ms
104ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/es.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d6733cf8650b87b9f3d0210b17f1a9f877a15e39f0d54a60fff89a45675f907

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4616eef37aedf75de220963badc2d7fa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyTq0hYbPpSroiNZvArH6P13V3mB%2FgEnYP3XWeOSqohLpJXB5iYIsgqf3jXKNkT7LxsUl9VsqeaqSYLUd8cShQUXncVr6dJURkvQkLotdXsKJUXtqxvwrvNEeGS2rRPAuZs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a75baf459d7-MXP
access-control-allow-origin: *
content-length: 134
date: Tue, 24 Sep 2024 00:19:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear(1).png
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 81 B
375 B 100ms
84ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(1).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b87004ef08cffb1fb9c44ce4fd1c0212"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K88HamCbH6cWI1gA8Ndr9mdCJwmQvNjHh3aWZmwPsIX0NFYNPCWpwUCGBcJDsRo7vghI7yFZQsyysZJuPMvtskrKIHcb0zRFp2pBNXWmk2I53lVnFkxDpUSYgbFkQjXc60c%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a75baf559d7-MXP
access-control-allow-origin: *
content-length: 81
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear(2).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
249 B 87ms
80ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(2).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RllZWUcXP2gAhsDttucPDYNE1CYVJ2x8mMRlGNEhlXtZzlGNAa5qOYdGUKgnSHCApou9aBZFPNweuflpJDV0UmteKnHO%2Bwl9TDDguPcS27tToPV9iiUeosaqH6q%2FARq%2FHi4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a75baf759d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear(3).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
253 B 81ms
81ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(3).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfjSURnW7f66hn9J14RhkdaTVbs%2F132u6OCNR0QN%2Flase9961Q%2Bv%2FxdQ4gowkvu0jLeGaUPaul9SgtLbF37DNF8o5%2FWkAPf8sl3kwS4Zes5cOiy9%2BjIJbc7HGJBFQ7FH3xg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a765b5c59d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear3.png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
253 B 81ms
81ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear3.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nx8ILyJfF3%2FKe9qwt1MYhF44fEy60IIrnTCZ7MqMmbFRFpgKxNCHXPU%2F1%2FR%2BmOYns2kP4wf3AIF5h3G5i91gRFPNOYbHC42cj646luFILgscPMkkGWTk1tP8N1eAQjg1eI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a765b6659d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear(4).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
255 B 80ms
79ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(4).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGlrJonz1yloj4O%2B18qLusXKlmt6Ss0%2BFD4yaKNjCfSki7N0EDnVxTOXKVall2RyWQxalKPk9IW5x9OqTkQ5S8yHcw1fOzgfVaveFE%2B2Fej81rGKb%2F%2FS128cw4W%2FPankveM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a768b7f59d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear(5).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
253 B 81ms
79ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(5).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZyV0qatW7P4RM46jm59h9oAGrb40h780eRsY7%2Bzpvy0fxZBOjcy3WtXGcL67KrG2Kf0H%2FYTy%2F%2FxFNOolm9DFpsvvVWGXQ5lAqMCjJEU7q56ErEqlqKHm5QSV6jM5xxDDMA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a768b8059d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear3(1).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
252 B 83ms
82ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear3(1).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnazjGiLI6GIvrK2vJRtzGfztA4UJTNqVLaaa5dI1hztk5tyvKOcCBVnxkAp6pRXnQVWDrHThQWzBvv4okmbGBd7Dh9vXqZcU6WFCgDt8vrzDupg9dA%2BFH%2FJXZ5%2BkTWnq08%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a768b8159d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear1.png
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
255 B 82ms
81ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear1.png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUeR8YohCelia5MGE9QEtby3bsGv6c%2BnZGFKeTrKx6e4eoMnTdvXp7%2FYXNpq2POXr4shJ71ajwR5Yh1X6IVx5iFKZrvb4DT%2Bmq%2BnzetNdgZeMQO85GXh0%2FO87f39bjBwvpo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a768b8359d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clear(6).png Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 0
281 B 89ms
87ms Script
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(6).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bad7c9a32d645d0eb45be765104af05c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDrO4GkXOelbxCt7%2F507AaBFZT5VdCGgl5bzQ1%2Ftb85r10ZwQBg5ryFRMbfmcwTiUJ6FMrVbpje6z35n5igGb%2BgYNnlnscrKgEnMGx93tCNQ1XrE%2B920oWAcMz6%2BlGOh1kw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a768b8459d7-MXP
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 204
204 clear3.png;CIS3SID=73C3C92285AD10012B157EE96029AE07 Show response
st10.sofi.com/fp/ Frame 12C8 0
218 B 77ms
77ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=99
Date: Tue, 24 Sep 2024 00:19:30 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 204
204 clear3.png;CIS3SID=73C3C92285AD10012B157EE96029AE07 Show response
st10.sofi.com/fp/ Frame 12C8 0
218 B 177ms
100ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear3.png;CIS3SID=73C3C92285AD10012B157EE96029AE07?org_id=oiwd0wpz&session_id=9f681a74-0fc3-4664-9102-9e289ab8392a&nonce=97996d36fb90c329&je=3933342e26726776353a322c343e3634352c382636303238382c32263f3532383224332e38323238302c332e383032323224312c32303838303a404c5745666f6d3a4a52373b2c343f342e3f372e3731312c34362c3d31342e343126323633324952332638303232514b5d3032415657363a464d57393232

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=98
Date: Tue, 24 Sep 2024 00:19:31 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H2 200 clear(7).png
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 81 B
517 B 83ms
82ms Image
image/png 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/clear(7).png

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "b87004ef08cffb1fb9c44ce4fd1c0212"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x60UeNn49Xpu3yVz%2B7mEEn%2FPlI6v5tH4VrWHqpHo3gB1p22UziSOb0pB6qGQnI4Utvlb4wINmqiq6ot%2BnYYnJIC91YhNTjybRLVqH2u97aroTNg1qfW5Q8pLBbg4k7ui26w%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a768b8659d7-MXP
access-control-allow-origin: *
content-length: 81
date: Tue, 24 Sep 2024 00:19:30 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 check.js.download Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 12C8 380 KB
381 KB 144ms
143ms Script
text/plain 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/check.js.download

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08c4523f38d0898e4dfe1409e82a373b099a21265d48b784364468711d02c007

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "354c9e8d2ad9a45e8472d70985499272"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0EgnYUSLhIVi3vkS5VhIRF1wBL0vDm3Q6x3F36aU%2FBRlfJ4pXV%2BJ2PSED9t2TYzz4sMGCNzfouFljGEv%2BaZshvax5INaog9YG9c3GBUax%2F3%2FseKdyWFsV1YzvvwaTzeEv0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c7e9a768b8759d7-MXP
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 389076
date: Tue, 24 Sep 2024 00:19:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 204
204 clear3.png;CIS3SID=73C3C92285AD10012B157EE96029AE07 Show response
st10.sofi.com/fp/ Frame 12C8 0
218 B 79ms
79ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=97
Date: Tue, 24 Sep 2024 00:19:31 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame 12C8 81 B
474 B 79ms
79ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=oiwd0wpz&session_id=9f681a74-0fc3-4664-9102-9e289ab8392a&nonce=97996d36fb90c329&ck=0&m=1

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=96
Date: Tue, 24 Sep 2024 00:19:31 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H2

200

ls_fp Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame CFD3
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp.html
https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp

0
322 B

63ms
56ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c7e9a7a8e5859d7-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 00:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vk3UWSDQm0UT1AcSir0tDz1HChPoGOnfobrDIz7VgoCYKCmr6Aezn3ShR1xSbtLjuLFSshU%2F4iY8GxCTUVyFftA6u%2BuWmWDJScQMQnyAAmE3KkS7nqh3OSKtTHw2%2FmTB9IE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c7e9a78fd7659d7-MXP
content-length: 0
date: Tue, 24 Sep 2024 00:19:31 GMT
location: /Login - SoFi_files/ls_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yisE5xOhLPJwZ08tA5h2k%2FTmnvOhJnVUFPRLlnfcwsqX1FjFkS2G4D6yXoVDq3dfEcTHWQUr4HfpfN2vV5h7PEiiB1kIzOP4nPZDKyiRwNUJ4zZaCgnpMLYjh5F3rPfgVGM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

sid_fp Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame D1F2
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp.html
https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp

149 B
370 B

66ms
59ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c7e9a7a8e5959d7-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 00:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nz88IDF7MgA2uvaaY32eR993CSQt5zxGjqY6IPfxz6rjrn00pz30Cy%2FqOFH0VOhZ%2FBxjHwnYKglbDdIKngLINeMspEtXCMgGu2TMbgxM062ESs0RG3j4YdabhtZhaxCcEq0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c7e9a78fd7759d7-MXP
content-length: 0
date: Tue, 24 Sep 2024 00:19:31 GMT
location: /Login - SoFi_files/sid_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyhwLRnz3yDBuMDuCP4JT2BncFKiarhJgQtu%2BeRmLZ05P8cU9KKaBsPcDT5XE%2BNRjzEW%2BYR%2BrWBg5K%2F6siJz1udLfFVSLU4DxO0OENRq7JW7ilOW5aTicLzExqWqVzNsi9o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

top_fp Show response
sofie.pages.dev/Login%20-%20SoFi_files/ Frame 0396
Redirect Chain

https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp.html
https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp

0
268 B

63ms
56ms

Document
text/html

172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp

Requested by

Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c7e9a7a8e5a59d7-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 00:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8hH1CEALt1XB78M0j7NCgUcjVY0wFUR08Ek4KzDOQ9BqkCU%2FWHEQH8gYOzwzTq92cN1n9pse3WjL01SGn948X%2B2CbmlqiAR1or7DRP8G0GZa9OwQevV0TJGGS2NOHxGhJp8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-ray: 8c7e9a790d7959d7-MXP
content-length: 0
date: Tue, 24 Sep 2024 00:19:31 GMT
location: /Login - SoFi_files/top_fp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XxWZMICiP5ckxdTPtxoPyF8E7fnLj0yTC4FhWPe%2FQID2jgEQ6fK%2BvRP6%2FsI4nsgNzWNkmFExqwi%2F7LanUYFqOvg%2BfOUt84nTRyiZD%2BajSdvTKbObTGTTfMjaXIuIj0gXURk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 speculation
sofie.pages.dev/cdn-cgi/ Frame CFD3 128 B
523 B 66ms
48ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/ls_fp

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fv%2BiP76QKD0oWhbcFxuEPH9zviVJlIv96Rj8P5KdLlZThvm48Or%2BU3g6XBH4t%2FZ80tjKAINNc11qjk8PrsTYAKE7tn%2Fy1lDW%2BnqKqzXqG7Er%2Fr7QIKBrUUX21wIi5wObJro%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7e9a7b2eba59d7-MXP
access-control-allow-origin: https://sofie.pages.dev
content-length: 128
date: Tue, 24 Sep 2024 00:19:31 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 speculation
sofie.pages.dev/cdn-cgi/ Frame 0396 128 B
396 B 113ms
56ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/top_fp

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjPAq1YD02EUHYYBuCEzo6Q1TwHuRcrX4RuNsO9Sqo%2BsmKyNwf9ZSDCX94%2BtrCyQH0OpnrRHr23XUHwo0Om1uP1wngAeI3%2BJDQnXJZ1qqTBSwpzMkgb1hp%2B9MpPsVA%2FHUAU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7e9a7b6ef459d7-MXP
access-control-allow-origin: https://sofie.pages.dev
content-length: 128
date: Tue, 24 Sep 2024 00:19:31 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 speculation
sofie.pages.dev/cdn-cgi/ Frame D1F2 128 B
426 B 181ms
79ms Other
application/speculationrules+json 172.66.44.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sofie.pages.dev/cdn-cgi/speculation
Requested by: Host: sofie.pages.dev
URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.44.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sofie.pages.dev
Referer: https://sofie.pages.dev/Login%20-%20SoFi_files/sid_fp

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkvJLLiXgwgRBLWYPLYHgCyZnWkRB%2FyKpN8F%2BLIHHCA7xDMsNqfAW%2FFf%2FMJBYIK36GtMJN%2FGY%2FLkogwYSlMmtDMlTnnL5G9CP2mtaii%2FMvZMYHdX0ywnsxgCGYOQBSQokTw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7e9a7bdf3f59d7-MXP
access-control-allow-origin: https://sofie.pages.dev
content-length: 128
date: Tue, 24 Sep 2024 00:19:31 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK check.js;CIS3SID=D61989DB63863CE86B02987C4C18EA1A Show response
st10.sofi.com/fp/ Frame D3AF 347 KB
62 KB 69ms
68ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/check.js;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&jb=3732262e6a716f75354c696c75702662736f3544616c757026687360773d416a72676f672468736a3d416872676d65273238313a39

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/tags.js?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&page_id=1&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ffa7b0031762ddfb583457541085a813c4b1adcca34cae0c381c980385a2832c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Date: Tue, 24 Sep 2024 00:19:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
tmx-nonce: 263d81dc094eb129
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame D3AF 81 B
475 B 66ms
66ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Tue, 24 Sep 2024 00:19:31 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK clear.png
st10.sofi.com/fp/ Frame D3AF 81 B
474 B 157ms
91ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Date: Tue, 24 Sep 2024 00:19:31 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H2 200 favicon.ico
d32ijn7u0aqfv4.cloudfront.net/assets/icons/ 15 KB
16 KB 645ms
81ms Other
binary/octet-stream 13.224.194.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32ijn7u0aqfv4.cloudfront.net/assets/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-180.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ae398dbea814491b5f373fa25680e1a7cfdaa9f293e949d89495af91f1bf00d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

x-amz-version-id: WYotLR2IlXrB_IjVQJtvSQ16BNJMDvt_
etag: "3614d0a26a831df997f00b03a831e285"
age: 31829
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 5gWHybpnStqYREm79QyGsYAsVYs3-5m_CBtL4J-_M6SrYDcjgICoCA==
date: Mon, 23 Sep 2024 15:29:04 GMT
content-type: binary/octet-stream
last-modified: Mon, 07 Dec 2020 14:42:31 GMT
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 15406
x-amz-cf-pop: FRA2-C1
x-amz-meta-forcedreplication: 2020-12-07T14:39:36.194559
server: AmazonS3

GET
H/1.1 200
OK HP
st10.sofi.com/fp/ Frame 4598 0
0 355ms
59ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/HP?session_id=6618d610-deb4-49a1-98c0-06d63acb4937&org_id=5ugj8dr8&nonce=263d81dc094eb129&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: st10.sofi.com
URL: https://st10.sofi.com/fp/check.js;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&jb=3732262e6a716f75354c696c75702662736f3544616c757026687360773d416a72676f672468736a3d416872676d65273238313a39

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: it-IT
Content-Type: text/html;charset=UTF-8
Date: Tue, 24 Sep 2024 00:19:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame D3AF 81 B
531 B 390ms
79ms XHR
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*, 5ugj8dr8/263d81dc094eb1296618d610-deb4-49a1-98c0-06d63acb4937
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private, must-revalidate, max-age=0
Etag: 36e1339be6764ef4a5413d57939b0b8a
Connection: Keep-Alive
Expires: Sun, 23 Sep 2029 00:19:32 GMT
Access-Control-Allow-Origin: https://sofie.pages.dev
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Tue, 24 Sep 2024 00:19:32 GMT
Last-Modified: Tue, 24 Sep 2024 00:19:32 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK ls_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A
st10.sofi.com/fp/ Frame CA55 0
0 361ms
73ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/ls_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 24 Sep 2024 00:19:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame D3AF 0
398 B 117ms
117ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&jb=3134266473633d33383536603338353d38643d3c693a36303532666364636366633b353a3b6336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=94
Date: Tue, 24 Sep 2024 00:19:32 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK es.js Show response
st10.sofi.com/fp/ Frame D3AF 134 B
653 B 127ms
126ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/es.js?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

19589faa2debfbf65dd2194dfa49595132ccff1e82cd671e9315c5e44c1a5af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Date: Tue, 24 Sep 2024 00:19:32 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK sid_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A
h.online-metrix.net/fp/ Frame C05E 0
0 379ms
84ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 24 Sep 2024 00:19:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A
st10.sofi.com/fp/ Frame 73AE 0
0 341ms
68ms Document
text/html 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/top_fp.html;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sofie.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 24 Sep 2024 00:19:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
h64.online-metrix.net/fp/ Frame D3AF 0
399 B 1038ms
222ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h64.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&i=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=100
Date: Tue, 24 Sep 2024 00:19:32 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 204
204 clear.png Show response
st10.sofi.com/fp/ Frame D3AF 0
219 B 162ms
161ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&ja=3032303f2624633d3e3026783d3e302e663d393e383278393232302463663f333638327a3330303826717879353135353070313937302e6c78703d392c333632322c333030382e333432302431303030243136323024313a303024393e323024313038372e3137353024333335322665743f32376e3531663339343165366a6e3a32396a363462663138356030696431613626656e3f32267b63643f323c2664683d607c7c72732d33432530442530447367646b672c70696767732e6c657627324e26786c3d3d2e786a3d6d383232666461373735393b316436656a653a39393b6562366131393a39306c2e606a3d39313233323b373532663836373567376b313633373f656137326c666b31336c2e62716f354c6b6e777a2668716235416a706d6d6d253030313a392668736775354c69667d70246a7b62773d416a726d6f652e6c6a613f313a266c646d3538266c6d7c703530267c726c3f457d726d7067273244506f6567246f637460723f343038336433633a626d63303a6d3e61633d3632303a30616633353d36323364643c353a38313c3164346569613a34646b313c63666a643532313333333b36692466703f687c747273253b412530462d324e736f6e616d2c70696767732c66657427324e24723f726c7d676b6e5f6e6c6171682d354d6661647b6d2370647565696c5d776b6c646775715d6f656c69635f7064617967722d354d6661647b6d2370647565696c5d61666d626d5d6361706f6a617625354d66616e736d21786c756f61665d717d69616b766b6d6727354d64636e716529706e7567616e5f716867636377617e6d2d37456e616e736723706e7767616c5d70676164706e61796d722537456e616473652978647767616e5d766e615f726e617167702737456e616e736529706c7767616e5764657e696474722d354766636e736723706477656b6c5f7b76655f7661657767722d354d6661647b6d2370647565696c5d6a6374612d374764636c7b6524676c57633d75656a676457656a4f44273238312c302730302a4d706d6c454e2732384551253238322e32253a304b6872676561776d21576762454e2530324744514e2730304d53273230392e3027323828477065664f442732384551253032474e514c2d30324751253a30332e302d323041687a6f65697565215f67624369765767604b6b76253a325567604744414c474c4d5f696c737c616663656c576970726979712531402530324550565d606e6566645d6d69666d617a253b422d32304d505c5d636469725f616d6e76706f64273140273238455a545f6b6f6c6d7257627d66666d7a576a6164665d666e6d617627334a27303247585c5f6665707c685f616c696d7825334a2d3a324550545d666e6d61765d6264676c6627334a2530304550545f64726967576465787c6027334a253030475a545d726f647b656d6c5f67666473657c5f636e6165702d33422d3a3847585c5f7168636665705d746d7a76777065576c6d64253b422530304d585c5f746d707c77726d5f616f6f7272677173616d6c5d60707c632733422d323047585c5f7c65787c7d7a675f6b6f6f70706773716b6f665d706576632d33402532384558565f7c657074757a6d576469647467725d636e6b716f7c706d726b632d33402532384558565f7c657074757a6d576f697a726d725d616c636f7057766d5d67646f652733422d323047585c5f7b52474a2d3b40253a304d45515d656e676d6d6c765d6b6e6c657a5f75616e7427334a253a304f4d5b576462675f70656c6665705d6d61726f6372253b422732304745535d737c616664617a6c5766657a697461766b766771253b402730324f4d535d746570747570655766646f617c2d3b40253a304d45515d74677a747d70675d646c6761765f6c616e6563722d334a253238474d515f7c657a747770655d6a6164645d646e6f69742733422d32304d455b5f7c65787c7d7a675f60616e665d646c6d6374576e6b6c67617a253142253a304f475357766d72746d705763727a617b5f6d606a6761742d31402730305f4540474c57636f6e6f7a5f6a75666e6d7a5d66646f63742731422730305f4740454e5f6b6f6f70726d7373676457746d78747d7a6d5d617b7461253140253032574d40454e5d63676d7272657b7365665f7c657074757a6d5767746b2531422730305547424f4e5d616d6d78726773736d645f766570747d7265576d7c61312d334025303257474047445d616d6f707a657173656c5f7467787c757a655f7b3b7c61253b42273232554540454c57616d6f72726d737165645774657a747d726d5f733b7c6b5d737a6760253140253032574d40454e5d646d6277675f7a656e66657a657a5f69666e6727334a253030554742454e5f6c676077655f7b686364657a732531422d323857454a4f445d646d7076685d76657a76757a67273140253a305545424f4c5f667269775762756e6e6d70732d334025303257474047445d6e6d716557636d6e746d787427334a253a30574d4a4f4e5f65756e746b5d647063772d31402730305f4540474c57706f6e796f6f665f6d676c6d33362e676e5f6a3f383464336b3a36633a373962363865696438363631616c34613f6a3d6136383860386366353733362e75656e743d416e76656c2d32304b6e6b2e2e7767647a354b6e7c656e25303249706b732d30324d726566474e253238456e656966652e63636c3539246764685d683f32393b30643a37353633656c303a31373a386430333a663834346c3b3a37343d6230386063383566&jb=3331342e6c733d4d677a696e6c69253a463526382d303020583331273142273030446b6c777a253a307a38365736342b253a30497070646d5f67624369762530443531352e3b34273032284348564d4c2d32432732386c616b652d3a3845656b6b6d29273030416a72676f6727304639323b2e3026302e32253a305b6166697a6127324e3531372c3136

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=100
Date: Tue, 24 Sep 2024 00:19:32 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK clear.png
5ugj8dr8wyxwrfgkvwqqc7pyhir6kwedgdoh6cjo263d81dc094eb129am1.e.aa.online-metrix.net/fp/ Frame D3AF 81 B
438 B 354ms
84ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ugj8dr8wyxwrfgkvwqqc7pyhir6kwedgdoh6cjo263d81dc094eb129am1.e.aa.online-metrix.net/fp/clear.png?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&di=yes

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Date: Tue, 24 Sep 2024 00:19:32 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 204
204 clear3.png;CIS3SID=D61989DB63863CE86B02987C4C18EA1A Show response
st10.sofi.com/fp/ Frame D3AF 0
218 B 119ms
118ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear3.png;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&jac=1&je=3a36262e6d67646835283327324b312d32433b2d3a41626a3764633032663b30653e30363134326c663733303d62303a3231323e34333e6e6c61666d6163393a64633b30303b67363030636c386466613c613167303d29

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=99
Date: Tue, 24 Sep 2024 00:19:32 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 204
204 clear1.png;CIS3SID=D61989DB63863CE86B02987C4C18EA1A
st10.sofi.com/fp/ Frame D3AF 0
400 B 111ms
108ms Image
image/png 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st10.sofi.com/fp/clear1.png;CIS3SID=D61989DB63863CE86B02987C4C18EA1A?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&jf=3633342e736b645f7a6e643f746c72576c316f7f63454a4c51466e4a73653250267b6b665d66617c653f31373a3731313739373a2673616c57767978653f7767603a6761647b6324716b64576b67793d3b30353b3338313b3036383f3a63383e343a63673164323030393234323a3269383434386b653366303b30393037383b3c3030383036363761303135336d3666363132313034633869316267326c35693436383e3b31326c6367366630636332326e36313530613c323b646469393436663d613f38383c3c3161653a3761336663653033376a67316632316e303536353d666664323c313a39346c383b66353c3734666434323534623f66676063396a336063386d312671696c5f7b6967353b383634383230303167663b30386c3a6730343330376039343f333030353d613034363b6b3960373f3563336163646764383d37356463393e363761336d3865316130363830623e383a30303c3960396130363332333835303633353a396661616b63383a396b646d66623f696d37633a3036356460393334386d64613a30353d3433336269376531346e382e73696e7a3532

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Date: Tue, 24 Sep 2024 00:19:32 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame D3AF 0
398 B 76ms
75ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&jac=1&je=3735302e2668666e353338246a6e683534643e3b6b323838336165353439313b626e60616164393062673531393733342662667c6e3d383239313332333a26726f3d6c6d266a637671763d2d374025323a6c65746564253a32253b49392c30382530432730327176617c77712730322d334325323a636863726f696667253a3a2d35442e6177646a3f6363356231673467343839636161633e663263376b313132393b3e3b36366a3561333335393460346c3a666636383e303233386e653464303b666b64383c3d31246570333f633331633667303d3b673a336438373566336e6462326430383f6139303c3c63386a656133613162247761603f273540253a3263726360697467637c757a65253a3a2d31412d3230253030253041253a30606b766e6d737125323a253343253a322d32322d3a4b27323a6270616c66732730322d31432737422d354625324b253230667d6c6456657a7b616d6e446971742730322731412d37402737442d324125323a6d6f606964652d32322d3b4964616473672530412530306d6766676e27323a253141253a322530322d324b25323a786463746e6f706d2730322731412d30302730322d324125323a706c63746e6f7a6d566d7a7b6b6f662530322731412730322d30302730432d3230776f7f363427323a253b416669647b67253f442475636e3d2735422d303060706166647125323a253343253d422d35442d3a4b27323a6d6d626b6e652730322d314364636c7b652732432d3232726c69746e6f72652d3a30253b4127323027323027374c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=96
Date: Tue, 24 Sep 2024 00:19:32 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK clear.png Show response
st10.sofi.com/fp/ Frame D3AF 0
398 B 51ms
50ms Script
text/javascript 91.235.132.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://st10.sofi.com/fp/clear.png?org_id=5ugj8dr8&session_id=6618d610-deb4-49a1-98c0-06d63acb4937&nonce=263d81dc094eb129&jac=1&je=3a37262e776b693d3937322c313f2e382e31392439322e39332c302c3732247565613f37362c333f2e3b322e3938312e31303526313930263e302e313624776b343d3034303c386363633a6a62603a636b633a383138333a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sofie.pages.dev/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=95
Date: Tue, 24 Sep 2024 00:19:33 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET ingestion
fp.sofi.com/api/ 0
0

OPTIONS
H2 202 ingestion
fp.sofi.com/api/ Frame 0
0 349ms
209ms Preflight 172.64.149.225

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.sofi.com/api/ingestion?format=raw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.149.225 San Francisco, United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: attributes,domain,pkey
Access-Control-Request-Method: GET
Origin: https://sofie.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attributes,domain,pkey,tokenFormat
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://sofie.pages.dev
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8c7e9a89fd7a0e75-MXP
content-length: 0
date: Tue, 24 Sep 2024 00:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyZu4J0plOKcsNFQgKeYV0okVF9cFmG3jTP%2B%2FxVMMLZUbU8iUA4tgSvZpCflis%2F600d0Ss41LU9vSMrcjVMyNbUbv3pYyiFWWaOaocXWM57Xsd7ugA%2BB2atphF0g"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fp.sofi.com
URL: https://fp.sofi.com/api/ingestion?format=raw

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SoFi (Financial)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			st10.sofi.com/	1970-01-21 09:21:37	Name: thx_guid Value: 24a3c03cc957bfa147e47b02870dafa4
			st10.sofi.com/	1970-01-21 09:21:37	Name: tmx_guid Value: AAxfp_Zgz2x2wElzwaMtxu08MtyFe2NqPAFqluNza7PGJMQ9JFDZViA8jzCuyBDUXf9IJ_Bgsmse3Rhfk_MVJGP90gvhIQ

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/datadog-rum-v4.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/tags.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/devicer.min.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/otSDKStub.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/ Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/otBannerSdk.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear.png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/es.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(2).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(3).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear3.png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(4).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(5).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear3(1).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/clear(6).png' because its MIME type ('image/png') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sofie.pages.dev/Login%20-%20SoFi_files/saved_resource(1) Message: Refused to execute script from 'https://sofie.pages.dev/Login%20-%20SoFi_files/check.js.download' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ugj8dr8wyxwrfgkvwqqc7pyhir6kwedgdoh6cjo263d81dc094eb129am1.e.aa.online-metrix.net
cdn.cookielaw.org
d32ijn7u0aqfv4.cloudfront.net
d3331otr86r7j1.cloudfront.net
fontmetrics.net
fp.sofi.com
h.online-metrix.net
h64.online-metrix.net
js.dvnfo.com
sofie.pages.dev
st10.sofi.com
fp.sofi.com
104.18.86.42
13.224.194.180
172.64.149.225
172.66.44.91
18.66.122.44
192.225.158.1
52.222.250.227
52.88.250.71
91.235.132.130
91.235.132.67
91.235.134.131
08c4523f38d0898e4dfe1409e82a373b099a21265d48b784364468711d02c007
0ae398dbea814491b5f373fa25680e1a7cfdaa9f293e949d89495af91f1bf00d
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
16ad14b04bbb43106c487ed24c60f706cb02cf4b59aa1ff1823f3df83761c3ef
19589faa2debfbf65dd2194dfa49595132ccff1e82cd671e9315c5e44c1a5af3
40ad61dc5fe4a2ddda825bfc739ca6312f351f863daa399cebded5be4befb6d0
4161e8b093c0be14c542b0948c6271b1ee5ccd53e6274654a91224c343bc418a
4d02d9f19dff093bc88b0072987a18dc7bcf83705f55881aa3d57ffbd69c8e6d
531bfc51d17a7e129febf996996bfa92e3f75ce119f930f98e6297cf8c28f424
5d6733cf8650b87b9f3d0210b17f1a9f877a15e39f0d54a60fff89a45675f907
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
792837d5e4af3b97451ac85999c62c76ada46a4d969ab5727f07800737e59911
7987b00fc873ae5e25b9220d900537c3f3e72bc72f4c2d0ef9981e589a3aac3c
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
9508ba9ddb8676bfd9798804dd64342150e71612590be997eca8669b485c5dba
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a7c6baefcdda36fefc81f42a0abafdd31a62b7d425ff2542925f9dfdca17b411
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
c3087446afe87c5da27035fd77db71f3d9911966b3cd33a452f80d731fbf8159
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d1b04e44e13264e635725b5000b61906440495517d32db66f38f2dd7f5eb7c42
e01ee182c3edd33151075d139238cd34bfd31434ffd3b93d6caf940a2cad19a0
e182f76b074753911d9dc5c0db48650a94472ac95dccf64d9d9b8100be6a03b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
fd70f6ab934cd87e4b40fcd193a7359b518376f3d3b34140a5ec5582d0d88e3a
ffa7b0031762ddfb583457541085a813c4b1adcca34cae0c381c980385a2832c

sofie.pages.dev Open in urlscan Pro 172.66.44.91 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

0 %IPv6

7 Domains

11 Subdomains

12 IPs

2 Countries

1406 kBTransfer

2133 kBSize

2 Cookies

8 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sofie.pages.dev Open in urlscan Pro
172.66.44.91 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

12
IPs

2
Countries

1406 kB
Transfer

2133 kB
Size

2
Cookies

69 HTTP transactions
1 data transactions